feat(ops/nevsky): run keycloak/panettone/paroxysm
These are the postgres-database using services. Change-Id: I4e8d854e798d85e1b14bfa78aae8827ac0881c7d Reviewed-on: https://cl.tvl.fyi/c/depot/+/13092 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
This commit is contained in:
		
							parent
							
								
									3a92f43ee5
								
							
						
					
					
						commit
						75fe623d97
					
				
					 2 changed files with 49 additions and 2 deletions
				
			
		|  | @ -94,14 +94,14 @@ variable "sanduny_ipv6" { | |||
| locals { | ||||
|   # Hostnames of all public services on whitby | ||||
|   whitby_services = [ | ||||
|     "auth", | ||||
|     "b", | ||||
|     "deploys", | ||||
|     "status", | ||||
|   ] | ||||
| 
 | ||||
|   # Hostnames of all public services on nevsky | ||||
|   nevsky_services = [ | ||||
|     "auth", | ||||
|     "b", | ||||
|     "cl", | ||||
|     "code", | ||||
|     "cs", | ||||
|  |  | |||
|  | @ -8,6 +8,7 @@ in | |||
|   imports = [ | ||||
|     (mod "builderball.nix") | ||||
|     (mod "cgit.nix") | ||||
|     (mod "cheddar.nix") | ||||
|     (mod "clbot.nix") | ||||
|     (mod "harmonia.nix") | ||||
|     (mod "irccat.nix") | ||||
|  | @ -16,14 +17,19 @@ in | |||
|     (mod "livegrep.nix") | ||||
|     (mod "monorepo-gerrit.nix") | ||||
|     (mod "owothia.nix") | ||||
|     (mod "panettone.nix") | ||||
|     (mod "paroxysm.nix") | ||||
|     (mod "restic.nix") | ||||
|     (mod "smtprelay.nix") | ||||
|     (mod "tvl-buildkite.nix") | ||||
|     (mod "tvl-slapd/default.nix") | ||||
|     (mod "tvl-users.nix") | ||||
|     (mod "www/auth.tvl.fyi.nix") | ||||
|     (mod "www/b.tvl.fyi.nix") | ||||
|     (mod "www/cache.tvl.fyi.nix") | ||||
|     (mod "www/cl.tvl.fyi.nix") | ||||
|     (mod "www/code.tvl.fyi.nix") | ||||
|     (mod "www/cs.tvl.fyi.nix") | ||||
|     (mod "www/grep.tvl.fyi.nix") | ||||
|     (mod "www/self-cache.tvl.fyi.nix") | ||||
|     (mod "www/self-redirect.nix") | ||||
|  | @ -307,6 +313,9 @@ in | |||
| 
 | ||||
|     builderball.enable = true; | ||||
| 
 | ||||
|     # Run Markdown/code renderer | ||||
|     cheddar.enable = true; | ||||
| 
 | ||||
|     # Run a livegrep code search instance | ||||
|     livegrep.enable = true; | ||||
| 
 | ||||
|  | @ -333,6 +342,17 @@ in | |||
|       agentCount = 16; | ||||
|     }; | ||||
| 
 | ||||
|     # Run the Panettone issue tracker | ||||
|     panettone = { | ||||
|       enable = true; | ||||
|       dbUser = "panettone"; | ||||
|       dbName = "panettone"; | ||||
|       irccatChannel = "#tvl"; | ||||
|     }; | ||||
| 
 | ||||
|     # Run the first cursed bot (quote bot) | ||||
|     paroxysm.enable = true; | ||||
| 
 | ||||
|     # make our channel more owo | ||||
|     owothia = { | ||||
|       enable = true; | ||||
|  | @ -433,6 +453,33 @@ in | |||
|     }; | ||||
|   }; | ||||
| 
 | ||||
|   services.keycloak = { | ||||
|     enable = true; | ||||
| 
 | ||||
|     settings = { | ||||
|       http-port = 5925; # kycl | ||||
|       hostname = "auth.tvl.fyi"; | ||||
|       http-relative-path = "/auth"; | ||||
|       proxy-headers = "xforwarded"; | ||||
|       http-enabled = true; | ||||
|     }; | ||||
| 
 | ||||
|     database = { | ||||
|       type = "postgresql"; | ||||
|       passwordFile = config.age.secretsDir + "/keycloak-db"; | ||||
|       createLocally = false; | ||||
|     }; | ||||
|   }; | ||||
| 
 | ||||
|   services.postgresqlBackup = { | ||||
|     enable = true; | ||||
|     databases = [ | ||||
|       "keycloak" | ||||
|       "panettone" | ||||
|       "tvldb" | ||||
|     ]; | ||||
|   }; | ||||
| 
 | ||||
|   # Use TVL cache locally through the proxy; for cross-builder substitution. | ||||
|   tvl.cache.enable = true; | ||||
|   tvl.cache.builderball = true; | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue