summaryrefslogtreecommitdiffstats
path: root/lass
diff options
context:
space:
mode:
Diffstat (limited to 'lass')
-rw-r--r--lass/1systems/orange/config.nix21
-rw-r--r--lass/1systems/orange/physical.nix7
-rw-r--r--lass/2configs/orange-host.nix15
3 files changed, 43 insertions, 0 deletions
diff --git a/lass/1systems/orange/config.nix b/lass/1systems/orange/config.nix
new file mode 100644
index 000000000..3c13ebe85
--- /dev/null
+++ b/lass/1systems/orange/config.nix
@@ -0,0 +1,21 @@
+with import <stockholm/lib>;
+{ config, lib, pkgs, ... }:
+{
+ imports = [
+ <stockholm/lass>
+ <stockholm/lass/2configs>
+ <stockholm/lass/2configs/retiolum.nix>
+ ];
+
+ krebs.build.host = config.krebs.hosts.orange;
+
+ security.acme = {
+ acceptTerms = true;
+ defaults.email = "acme@lassul.us";
+ };
+
+ lass.sync-containers3.inContainer = {
+ enable = true;
+ pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQWzKuXrwQopBc1mzb2VpljmwAs7Y8bRl9a8hBXLC+l";
+ };
+}
diff --git a/lass/1systems/orange/physical.nix b/lass/1systems/orange/physical.nix
new file mode 100644
index 000000000..8577daf34
--- /dev/null
+++ b/lass/1systems/orange/physical.nix
@@ -0,0 +1,7 @@
+{
+ imports = [
+ ./config.nix
+ ];
+ boot.isContainer = true;
+ networking.useDHCP = true;
+}
diff --git a/lass/2configs/orange-host.nix b/lass/2configs/orange-host.nix
new file mode 100644
index 000000000..3fbf417a7
--- /dev/null
+++ b/lass/2configs/orange-host.nix
@@ -0,0 +1,15 @@
+{ config, pkgs, ... }:
+{
+ lass.sync-containers3.containers.orange = {
+ sshKey = "${toString <secrets>}/orange.sync.key";
+ };
+ services.nginx.virtualHosts."lassul.us" = {
+ # enableACME = config.security;
+ # forceSSL = true;
+ locations."/" = {
+ recommendedProxySettings = true;
+ proxyWebsockets = true;
+ proxyPass = "http://orange.r";
+ };
+ };
+}