Merge remote-tracking branch 'prism/master' into head

author: tv <tv@krebsco.de> 2023-02-02 17:03:15 +0100
committer: tv <tv@krebsco.de> 2023-02-02 17:03:15 +0100
commit: 3c1a1f0f09e1789ebda529e597c1bb8b7bc7d0c4 (patch)
tree: e041536cd96726fb87adc15fbe95f1eabd280ba9 /lass/1systems/ubik/config.nix
parent: fc00990f712663688e5aea85624cb9317e9f4128 (diff)
parent: 46ae6fc00c3e1aee5bc5db846ec91e30c430f0f1 (diff)
1 files changed, 33 insertions, 0 deletions
diff --git a/lass/1systems/ubik/config.nix b/lass/1systems/ubik/config.nix
new file mode 100644
index 000000000..1d836d4ec
--- /dev/null
+++ b/lass/1systems/ubik/config.nix
@@ -0,0 +1,33 @@
+with import <stockholm/lib>;
+{ config, lib, pkgs, ... }:
+{
+  imports = [
+    <stockholm/lass>
+    <stockholm/lass/2configs>
+    <stockholm/lass/2configs/retiolum.nix>
+  ];
+
+  krebs.build.host = config.krebs.hosts.ubik;
+
+  krebs.sync-containers3.inContainer = {
+    enable = true;
+    pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPBFGMjH0+Dco6DVFZbByENMci8CFTLXCL7j53yctPnM";
+  };
+
+  networking.firewall.allowedTCPPorts = [ 80 ];
+  services.nextcloud = {
+    enable = true;
+    hostName = "c.apanowicz.de";
+    package = pkgs.nextcloud25;
+    config.adminpassFile = "/run/nextcloud.pw";
+    https = true;
+  };
+  systemd.services.nextcloud-setup.serviceConfig.ExecStartPre = [
+    "+${pkgs.writeDash "copy-pw" ''
+      ${pkgs.rsync}/bin/rsync \
+        --chown nextcloud:nextcloud \
+        --chmod 0700 \
+        /var/src/secrets/nextcloud.pw /run/nextcloud.pw
+    ''}"
+  ];
+}
author	tv <tv@krebsco.de>	2023-02-02 17:03:15 +0100
committer	tv <tv@krebsco.de>	2023-02-02 17:03:15 +0100
commit	3c1a1f0f09e1789ebda529e597c1bb8b7bc7d0c4 (patch)
tree	e041536cd96726fb87adc15fbe95f1eabd280ba9 /lass/1systems/ubik/config.nix
parent	fc00990f712663688e5aea85624cb9317e9f4128 (diff)
parent	46ae6fc00c3e1aee5bc5db846ec91e30c430f0f1 (diff)