summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/go.nix66
-rw-r--r--krebs/3modules/lass/default.nix34
-rw-r--r--krebs/3modules/shared/default.nix32
4 files changed, 100 insertions, 33 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index a908d437b..0ca6c8033 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -13,6 +13,7 @@ let
./exim-smarthost.nix
./github-hosts-sync.nix
./git.nix
+ ./go.nix
./iptables.nix
./nginx.nix
./per-user.nix
diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix
new file mode 100644
index 000000000..793d1f60d
--- /dev/null
+++ b/krebs/3modules/go.nix
@@ -0,0 +1,66 @@
+{ config, lib, pkgs, ... }:
+
+with builtins;
+with lib;
+
+let
+ cfg = config.krebs.go;
+
+ out = {
+ options.krebs.go = api;
+ config = mkIf cfg.enable imp;
+ };
+
+ api = {
+ enable = mkEnableOption "Enable go url shortener";
+ port = mkOption {
+ type = types.str;
+ default = "1337";
+ description = "on which port go should run on";
+ };
+ redisKeyPrefix = mkOption {
+ type = types.str;
+ default = "go:";
+ description = "change the Redis key prefix which defaults to `go:`";
+ };
+ };
+
+ imp = {
+ services.redis = {
+ enable = mkDefault true;
+ bind = mkDefault "127.0.0.1";
+ };
+
+ users.extraUsers.go = {
+ name = "go";
+ uid = 42774411; #genid go
+ description = "go url shortener user";
+ home = "/var/lib/go";
+ createHome = true;
+ };
+
+ systemd.services.go = {
+ description = "go url shortener";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ path = with pkgs; [
+ go
+ ];
+
+ environment = {
+ PORT = cfg.port;
+ REDIS_KEY_PREFIX = cfg.redisKeyPrefix;
+ };
+
+ restartIfChanged = true;
+
+ serviceConfig = {
+ User = "go";
+ Restart = "always";
+ ExecStart = "${pkgs.go}/bin/go";
+ };
+ };
+ };
+
+in out
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 2ad4353bd..26b0947bb 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -2,42 +2,14 @@
with lib;
-let
- testHosts = lib.genAttrs [
- "test-arch"
- "test-centos6"
- "test-centos7"
- ] (name: {
- inherit name;
- cores = 1;
- nets = {
- retiolum = {
- addrs4 = ["10.243.111.111"];
- addrs6 = ["42:0:0:0:0:0:0:7357"];
- aliases = [
- "test.retiolum"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd
- mrX2tBIfb2hhhgm4Jecy33WVymoEL7EiRZ6gshJaYwte51Jnrac6IFQyiRGMqHY5
- TG/6IzzTOkeQrT1fw3Yfh0NRfqLBZLr0nAFoqgzIVRxvy+QO1gCU2UDKkQ/y5df1
- K+YsMipxU08dsOkPkmLdC/+vDaZiEdYljIS3Omd+ED5JmLM3MSs/ZPQ8xjkjEAy8
- QqD9/67bDoeXyg1ZxED2n0+aRKtU/CK/66Li//yev6yv38OQSEM4t/V0dr9sjLcY
- VIdkxKf96F9r3vcDf/9xw2HrqVoy+D5XYQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- });
-in {
+{
hosts = addNames {
echelon = {
cores = 2;
dc = "lass"; #dc = "cac";
nets = rec {
internet = {
- addrs4 = ["167.88.34.158"];
+ addrs4 = ["162.252.241.33"];
aliases = [
"echelon.internet"
];
@@ -241,7 +213,7 @@ in {
};
};
- } // testHosts;
+ };
users = addNames {
lass = {
pubkey = readFile ../../Zpubkeys/lass.ssh.pub;
diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix
index 24dd7b782..13aae886b 100644
--- a/krebs/3modules/shared/default.nix
+++ b/krebs/3modules/shared/default.nix
@@ -2,7 +2,35 @@
with lib;
-{
+let
+ testHosts = lib.genAttrs [
+ "test-arch"
+ "test-centos6"
+ "test-centos7"
+ ] (name: {
+ inherit name;
+ cores = 1;
+ nets = {
+ retiolum = {
+ addrs4 = ["10.243.111.111"];
+ addrs6 = ["42:0:0:0:0:0:0:7357"];
+ aliases = [
+ "test.retiolum"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd
+ mrX2tBIfb2hhhgm4Jecy33WVymoEL7EiRZ6gshJaYwte51Jnrac6IFQyiRGMqHY5
+ TG/6IzzTOkeQrT1fw3Yfh0NRfqLBZLr0nAFoqgzIVRxvy+QO1gCU2UDKkQ/y5df1
+ K+YsMipxU08dsOkPkmLdC/+vDaZiEdYljIS3Omd+ED5JmLM3MSs/ZPQ8xjkjEAy8
+ QqD9/67bDoeXyg1ZxED2n0+aRKtU/CK/66Li//yev6yv38OQSEM4t/V0dr9sjLcY
+ VIdkxKf96F9r3vcDf/9xw2HrqVoy+D5XYQIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ });
+in {
hosts = addNames {
wolf = {
#dc = "shack";
@@ -32,7 +60,7 @@ with lib;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYMXMWZIK0jjnZDM9INiYAKcwjXs2241vew54K8veCR";
};
- };
+ } // testHosts;
users = addNames {
shared = {
mail = "spam@krebsco.de";