nixos-config/flake.nix

{
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
    private.url = "git+ssh://git@git.tempest.dev/ashe/nixos-config-private";
    tmpfiles.url = "git+http://git.tempest.dev/ashe/tmpfiles";
    tempestdev.url = "git+http://git.tempest.dev/ashe/tempest.dev";
    tempest-secret.url = "git+ssh://git@git.tempest.dev/ashe/tempest-skycord-secret";
    tempest-contact.url = "git+http://git.tempest.dev/ashe/contact-api";
    gotosocial.url = "./packages/gotosocial/";
  };

  outputs = { self, nixpkgs, private, tmpfiles, tempestdev, tempest-secret, tempest-contact, gotosocial }: {
    nixosConfigurations = {

      nyx = nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
        modules = [
          ./hosts/nyx/configuration.nix
          private.nixosModules.nyx

          tmpfiles.nixosModule
          tempestdev.nixosModule
          tempest-secret.nixosModule
          tempest-contact.nixosModule
          gotosocial.nixosModule

          ({ pkgs, ...}: {
            networking.firewall.allowedTCPPorts = [ 80 443 ];

            services.nginx.enable = true;
            services.nginx.recommendedProxySettings = true;
            security.acme.acceptTerms = true;
            security.acme.defaults.email = "acme@tempest.dev";

            ashe.services.tmpfiles.enable = true;
            ashe.services.tmpfiles.domain = "files.tempest.dev";
            ashe.services.tmpfiles.port = 4441;

            ashe.services."tempest.dev".enable = true;
            ashe.services."tempest.dev".domain = "tempest.dev";
            ashe.services."tempest.dev".port = 4442;

            ashe.services.tempest-secret.enable = true;
            ashe.services.tempest-secret.domain = "tempest.dev";
            ashe.services.tempest-secret.path = "/secret";
            ashe.services.tempest-secret.port = 4443;

            ashe.services.tempest-api-contact.enable = true;
            ashe.services.tempest-api-contact.domain = "contact.tempest.dev";
            ashe.services.tempest-api-contact.configFile = "/etc/tempest/contact.json";
            ashe.services.tempest-api-contact.port = 4444;

            ashe.services.social.enable = true;
            ashe.services.social.appDomain = "social.tempest.dev";
            ashe.services.social.accountDomain = "tempest.dev";
            ashe.services.social.port = 4445;

            services.nginx.virtualHosts."static.tempest.dev" = {
              root = "/var/www/static";
              forceSSL = true;
              enableACME = true;
            };
          })
        ];
      };

    };
  };
}
Add flake-based configuration 1 year ago			`{`
			`inputs = {`
			`nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";`
Move password into private repository 1 year ago			`private.url = "git+ssh://git@git.tempest.dev/ashe/nixos-config-private";`
Add /secret service 1 year ago			`tmpfiles.url = "git+http://git.tempest.dev/ashe/tmpfiles";`
			`tempestdev.url = "git+http://git.tempest.dev/ashe/tempest.dev";`
			`tempest-secret.url = "git+ssh://git@git.tempest.dev/ashe/tempest-skycord-secret";`
Add contact api service 1 year ago			`tempest-contact.url = "git+http://git.tempest.dev/ashe/contact-api";`
Added config for GTS instance 1 year ago			`gotosocial.url = "./packages/gotosocial/";`
Add flake-based configuration 1 year ago			`};`

Added config for GTS instance 1 year ago			`outputs = { self, nixpkgs, private, tmpfiles, tempestdev, tempest-secret, tempest-contact, gotosocial }: {`
Add flake-based configuration 1 year ago			`nixosConfigurations = {`

			`nyx = nixpkgs.lib.nixosSystem {`
			`system = "x86_64-linux";`
			`modules = [`
			`./hosts/nyx/configuration.nix`
Move password into private repository 1 year ago			`private.nixosModules.nyx`
Add flake-based configuration 1 year ago
			`tmpfiles.nixosModule`
Added tempest.dev service (currently at test domain) 1 year ago			`tempestdev.nixosModule`
Add /secret service 1 year ago			`tempest-secret.nixosModule`
Add contact api service 1 year ago			`tempest-contact.nixosModule`
Added config for GTS instance 1 year ago			`gotosocial.nixosModule`
Add contact api service 1 year ago
Add flake-based configuration 1 year ago			`({ pkgs, ...}: {`
			`networking.firewall.allowedTCPPorts = [ 80 443 ];`

			`services.nginx.enable = true;`
Added config for GTS instance 1 year ago			`services.nginx.recommendedProxySettings = true;`
Add flake-based configuration 1 year ago			`security.acme.acceptTerms = true;`
			`security.acme.defaults.email = "acme@tempest.dev";`

			`ashe.services.tmpfiles.enable = true;`
			`ashe.services.tmpfiles.domain = "files.tempest.dev";`
			`ashe.services.tmpfiles.port = 4441;`
Added tempest.dev service (currently at test domain) 1 year ago
			`ashe.services."tempest.dev".enable = true;`
Added config for GTS instance 1 year ago			`ashe.services."tempest.dev".domain = "tempest.dev";`
Added tempest.dev service (currently at test domain) 1 year ago			`ashe.services."tempest.dev".port = 4442;`
Add /secret service 1 year ago
			`ashe.services.tempest-secret.enable = true;`
Added config for GTS instance 1 year ago			`ashe.services.tempest-secret.domain = "tempest.dev";`
Add /secret service 1 year ago			`ashe.services.tempest-secret.path = "/secret";`
			`ashe.services.tempest-secret.port = 4443;`
Add contact api service 1 year ago
			`ashe.services.tempest-api-contact.enable = true;`
			`ashe.services.tempest-api-contact.domain = "contact.tempest.dev";`
			`ashe.services.tempest-api-contact.configFile = "/etc/tempest/contact.json";`
			`ashe.services.tempest-api-contact.port = 4444;`
Add static root 1 year ago
Added config for GTS instance 1 year ago			`ashe.services.social.enable = true;`
			`ashe.services.social.appDomain = "social.tempest.dev";`
			`ashe.services.social.accountDomain = "tempest.dev";`
			`ashe.services.social.port = 4445;`

Add static root 1 year ago			`services.nginx.virtualHosts."static.tempest.dev" = {`
			`root = "/var/www/static";`
			`forceSSL = true;`
			`enableACME = true;`
			`};`
Add flake-based configuration 1 year ago			`})`
			`];`
			`};`

			`};`
			`};`
			`}`