Created
July 2, 2020 15:23
-
-
Save hhefesto/a72b8b9fdae1352c13546030210b61a8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
laurus = {pkgs, ...}:{ | |
networking.firewall.allowedTCPPorts = [ 22 80 5432 587 443 ]; | |
nixpkgs.config = import ~/src/laurus-nobilis/config.nix; | |
systemd.services.laurus-nobilis = | |
{ description = "laurus-nobilis"; | |
enable = true; | |
wantedBy = [ "multi-user.target" "nginx.service" ]; | |
after = [ "network.service" "local-fs.target" ]; | |
environment = { | |
AANALYZER_STATIC_DIR="${pkgs.configuration-files-aanalyzer}/static"; | |
AANALYZER_PORT="3000"; | |
# AANALYZER_APPROOT="https://aanalyzer.hhefesto.com"; | |
# AANALYZER_APPROOT="https://www.rdata.com.mx"; | |
AANALYZER_APPROOT="https://www.rdataa.com"; | |
}; | |
serviceConfig = { | |
Type = "simple"; | |
User = "root"; | |
WorkingDirectory = "${pkgs.configuration-files-aanalyzer}"; | |
ExecStart = ''${pkgs.haskellPackages.laurus-nobilis}/bin/laurus-nobilis''; | |
ExecStop = ""; | |
Restart = "always"; | |
}; | |
}; | |
# security.acme.certs."www.hhefesto.com" = { | |
# email = "hhefesto@rdataa.com"; | |
# }; | |
security.acme.certs."www.rdataa.com" = { | |
email = "hhefesto@rdataa.com"; | |
}; | |
services.nginx = { | |
enable = true; | |
# virtualHosts."www.hhefesto.com" = { | |
# enableACME = true; | |
# forceSSL = true; | |
# locations = { | |
# "/" = { | |
# proxyPass = "http://localhost:3000"; | |
# }; | |
# }; | |
# }; | |
# virtualHosts."hhefesto.com" = { | |
# enableACME = true; | |
# forceSSL = true; | |
# locations = { | |
# "/" = { | |
# proxyPass = "http://localhost:3000"; | |
# }; | |
# }; | |
# }; | |
# virtualHosts."aanalyzer.hhefesto.com" = { | |
# enableACME = true; | |
# forceSSL = true; | |
# locations = { | |
# "/" = { | |
# proxyPass = "http://localhost:3000"; | |
# }; | |
# }; | |
# }; | |
# virtualHosts."dev.hhefesto.com" = { | |
# enableACME = true; | |
# forceSSL = true; | |
# locations = { | |
# "/" = { | |
# proxyPass = "http://localhost:3000"; | |
# }; | |
# }; | |
# }; | |
virtualHosts."www.rdataa.com" = { | |
enableACME = true; | |
forceSSL = true; | |
locations = { | |
"/" = { | |
proxyPass = "http://localhost:3000"; | |
}; | |
}; | |
}; | |
virtualHosts."rdataa.com" = { | |
enableACME = true; | |
forceSSL = true; | |
locations = { | |
"/" = { | |
proxyPass = "http://localhost:3000"; | |
}; | |
}; | |
}; | |
}; | |
services.postgresql = { | |
enable = true; | |
package = pkgs.postgresql_11; | |
enableTCPIP = true; | |
authentication = pkgs.lib.mkOverride 10 '' | |
local all all trust | |
host all all ::1/128 trust | |
''; | |
initialScript = pkgs.writeText "backend-initScript" '' | |
CREATE ROLE analyzer WITH LOGIN PASSWORD 'SOMETHING THAT's NOT THIS'; | |
CREATE DATABASE aanalyzer_yesod; | |
GRANT ALL PRIVILEGES ON DATABASE aanalyzer_yesod TO analyzer; | |
''; | |
}; | |
environment.systemPackages = with pkgs; [ | |
git | |
msmtp | |
vim | |
emacs | |
]; | |
users.extraUsers.hhefesto = { | |
createHome = true; | |
isNormalUser = true; | |
home = "/home/hhefesto"; | |
description = "Daniel Herrera"; | |
extraGroups = [ "wheel" "networkmanager" "docker" ]; | |
hashedPassword = "$6$/RvS0Se.iCx$A0eA/8PzgMj.Ms9ohNamfu53c9S.zdG30hEmUHLjmWP0CaXTPVA6QxGIZ6fy.abkjSOTJMAq7fFL6LUBGs4BU0"; | |
# shell = pkgs.zsh; #"/run/current-system/sw/bin/bash"; | |
}; | |
}; | |
#medicum = {pkgs, ...}: { | |
# networking.firewall.allowedTCPPorts = [ 22 80 5432 587 443 ]; | |
# nixpkgs.config = import ~/src/medicum/config.nix; | |
# systemd.services.medicum = | |
# { description = "medicum"; | |
# enable = true; | |
# wantedBy = [ "multi-user.target" "nginx.service" ]; | |
# after = [ "network.service" "local-fs.target" ]; | |
# environment = { | |
# MEDICUM_STATIC_DIR="${pkgs.configuration-files-medicum}/static"; | |
# MEDICUM_PORT="3001"; | |
# MEDICUM_APPROOT="https://medicum.hhefesto.com"; | |
# }; | |
# serviceConfig = { | |
# Type = "simple"; | |
# User = "root"; | |
# WorkingDirectory = "${pkgs.configuration-files-medicum}"; | |
# ExecStart = ''${pkgs.haskellPackages.medicum}/bin/medicum''; | |
# ExecStop = ""; | |
# Restart = "always"; | |
# }; | |
# }; | |
# # security.acme.certs."www.hhefesto.com" = { | |
# # email = "hhefesto@rdataa.com"; | |
# # }; | |
# services.nginx = { | |
# enable = true; | |
# virtualHosts."medicum.hhefesto.com" = { | |
# enableACME = true; | |
# forceSSL = true; | |
# locations = { | |
# "/" = { | |
# proxyPass = "http://localhost:3001"; | |
# }; | |
# }; | |
# }; | |
# }; | |
# services.postgresql = { | |
# enable = true; | |
# package = pkgs.postgresql_11; | |
# enableTCPIP = true; | |
# authentication = pkgs.lib.mkOverride 10 '' | |
# local all all trust | |
# host all all ::1/128 trust | |
# ''; | |
# initialScript = pkgs.writeText "backend-initScript" '' | |
# CREATE ROLE medicum WITH LOGIN PASSWORD 'MaclovioHerreraCanochupofarosenTamaulipas' CREATEDB; | |
# CREATE DATABASE medicum; | |
# GRANT ALL PRIVILEGES ON DATABASE medicum TO medicum; | |
# ''; | |
# }; | |
# environment.systemPackages = with pkgs; [ | |
# git | |
# msmtp | |
# vim | |
# emacs | |
# ]; | |
# }; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
laurus = | |
{ deployment.targetEnv = "gce"; | |
deployment.gce = { | |
# credentials | |
project = "laurus-nobilis"; | |
serviceAccount = "laurus-nobilis2@laurus-nobilis.iam.gserviceaccount.com"; | |
accessKey = "~/.ssh/laurus-nobilis-key.json"; | |
# instance properties | |
region = "us-west2-b"; | |
# instanceType = "n1-standard-1"; | |
instanceType = "g1-small"; | |
tags = ["crazy"]; | |
scheduling.automaticRestart = true; | |
scheduling.onHostMaintenance = "MIGRATE"; | |
rootDiskSize = 30; | |
} ; | |
}; | |
# medicum = | |
# { deployment.targetEnv = "gce"; | |
# deployment.gce = { | |
# # credentials | |
# project = "laurus-nobilis"; | |
# serviceAccount = "laurus-nobilis2@laurus-nobilis.iam.gserviceaccount.com"; | |
# accessKey = "~/.ssh/laurus-nobilis-key.json"; | |
# # instance properties | |
# region = "us-west2-b"; | |
# instanceType = "g1-small"; | |
# # instanceType = "n1-standard-1"; | |
# tags = ["crazy"]; | |
# scheduling.automaticRestart = true; | |
# scheduling.onHostMaintenance = "MIGRATE"; | |
# rootDiskSize = 15; | |
# } ; | |
# }; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment