parent
04c1d91502
commit
7acda11428
@ -1,2 +1,3 @@ |
||||
.envrc |
||||
.terraform |
||||
matrix_reg_key |
||||
|
@ -0,0 +1,43 @@ |
||||
{ modulesPath, config, lib, pkgs, ... }: |
||||
let |
||||
storage-device = "/dev/disk/by-id/scsi-0DO_Volume_git-storage-1"; |
||||
storage-dir = "/srv"; |
||||
in |
||||
{ |
||||
imports = [ |
||||
"${toString modulesPath}/virtualisation/digital-ocean-image.nix" |
||||
]; |
||||
|
||||
fileSystems."${storage-dir}" = { |
||||
device = storage-device; |
||||
}; |
||||
|
||||
environment.systemPackages = with pkgs; |
||||
[ jq git gitolite lighttpd cgit ]; |
||||
services.openssh.enable = true; |
||||
networking.firewall.allowedTCPPorts = [ 22 80 443 ]; |
||||
|
||||
users.users.root.openssh.authorizedKeys.keys = [ |
||||
(builtins.readFile "/home/mike/.ssh/id_mops.pub") |
||||
]; |
||||
|
||||
services.gitolite = { |
||||
enable = true; |
||||
adminPubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC2PjlhL4sPfuV10BeHGZysX5M9i5mIHwZ4EKi9ArauJ7z1FhGJiqlRoDgRA8RwdENfv+CayoJf6Z3Nu/U/diozqvMaQ6mXQbb3HysZ/w2ntw0d9PFYSfFIIMVUPqcECspgbolAIZHoJDLPG7dlqkJvVfAcA/uQeeLeJr3z6zp3BYs9mGZ6RYmwxo7069QimCfMb5nicLaiUnC1lXNSbK3ioPUgC5ezcgLDylXZ+zsPpZaYcl405SbAVVPYxMmQ8Yn5B+v5NN/MQSiKe3JsElWjTUlzcSKPTNZXeSN2wEILUI6UPNBkZkcycgpuJFbWJkTkNo4oUN9OsdSn7hZMlA1Q0o+JmNQJB2MdwLXb6ELRi8jkvmKeje/QFrwg/p5wBZQATRq8R9NgW7SbdmMZ5/ImD0X8afb8M43P5+5BqOYF4jjBN1MrR5vAB2FGDibgMCXwYo1cvk+VeFzc/c5YVThHArDiNsoDClhEfLaWc70NdF1LkGKhc9fZEsf2mY/1Tw7n8jBbO15nzcG4PKqp7d7d+9IwtLrk7mZ2UP+y6tl40nXCUkd8XXx70TLQZiXlM8jhWQUqLT0yBQAPXB6VUlpN4yCCi2T7Co83fG1ZLjPRxWM9k1IqxjXWVdoy5XVhEyh+eSDpgd3XFeys9gSX2wQlzodTVkMvXw7VKxoPtl8HHw== mike@betamike.com"; |
||||
# need an intermediate data directory with permissions for the gitolite user |
||||
# otherwise this won't work between instances of the droplet |
||||
dataDir = "${storage-dir}/data/gitolite"; |
||||
}; |
||||
|
||||
users.users.lighttpd.extraGroups = [ "gitolite" ]; |
||||
|
||||
services.lighttpd.enable = true; |
||||
services.lighttpd.cgit = { |
||||
enable = true; |
||||
configText = '' |
||||
source-filter=${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py |
||||
project-list=/srv/data/gitolite/projects.list |
||||
scan-path=/srv/data/gitolite/repositories |
||||
''; |
||||
}; |
||||
} |
@ -0,0 +1,35 @@ |
||||
resource "digitalocean_volume" "git" { |
||||
region = "nyc3" |
||||
name = "git-storage-1" |
||||
size = 1 |
||||
initial_filesystem_type = "ext4" |
||||
} |
||||
|
||||
resource "digitalocean_droplet" "git-1" { |
||||
name = "git-1" |
||||
|
||||
image = data.digitalocean_image.nixos_base.id |
||||
region = "nyc3" |
||||
size = "s-1vcpu-1gb" |
||||
|
||||
ssh_keys = [data.digitalocean_ssh_key.mops.id] |
||||
} |
||||
|
||||
resource "digitalocean_volume_attachment" "git" { |
||||
droplet_id = digitalocean_droplet.git-1.id |
||||
volume_id = digitalocean_volume.git.id |
||||
} |
||||
|
||||
module "deploy_nixos_git" { |
||||
source = "github.com/tweag/terraform-nixos//deploy_nixos?ref=d055d2180da230e47ba9082fc53a8b7d1fadbc43" |
||||
|
||||
nixos_config = "../nixos_configs/git.nix" |
||||
|
||||
target_user = "root" |
||||
target_host = digitalocean_droplet.git-1.ipv4_address |
||||
|
||||
triggers = { |
||||
// Also re-deploy whenever the VM is re-created |
||||
instance_id = digitalocean_droplet.git-1.id |
||||
} |
||||
} |
Loading…
Reference in new issue