maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(ops/nevsky): run keycloak/panettone/paroxysm

Browse source 
These are the postgres-database using services.

Change-Id: I4e8d854e798d85e1b14bfa78aae8827ac0881c7d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13092
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
This commit is contained in:
Vincent Ambo 2025-02-02 01:28:14 +03:00 committed by tazjin
parent 3a92f43ee5
commit 75fe623d97
2 changed files with 49 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
ops/glesys/main.tf
View file

@ -94,14 +94,14 @@ variable "sanduny_ipv6" {
locals { locals {
# Hostnames of all public services on whitby # Hostnames of all public services on whitby
whitby_services = [ whitby_services = [
"auth",
"b",
"deploys", "deploys",
"status", "status",
] ]
# Hostnames of all public services on nevsky # Hostnames of all public services on nevsky
nevsky_services = [ nevsky_services = [
"auth",
"b",
"cl", "cl",
"code", "code",
"cs", "cs",

47
ops/machines/nevsky/default.nix
View file

@ -8,6 +8,7 @@ in
imports = [ imports = [
(mod "builderball.nix") (mod "builderball.nix")
(mod "cgit.nix") (mod "cgit.nix")
(mod "cheddar.nix")
(mod "clbot.nix") (mod "clbot.nix")
(mod "harmonia.nix") (mod "harmonia.nix")
(mod "irccat.nix") (mod "irccat.nix")
@ -16,14 +17,19 @@ in
(mod "livegrep.nix") (mod "livegrep.nix")
(mod "monorepo-gerrit.nix") (mod "monorepo-gerrit.nix")
(mod "owothia.nix") (mod "owothia.nix")
(mod "panettone.nix")
(mod "paroxysm.nix")
(mod "restic.nix") (mod "restic.nix")
(mod "smtprelay.nix") (mod "smtprelay.nix")
(mod "tvl-buildkite.nix") (mod "tvl-buildkite.nix")
(mod "tvl-slapd/default.nix") (mod "tvl-slapd/default.nix")
(mod "tvl-users.nix") (mod "tvl-users.nix")
(mod "www/auth.tvl.fyi.nix")
(mod "www/b.tvl.fyi.nix")
(mod "www/cache.tvl.fyi.nix") (mod "www/cache.tvl.fyi.nix")
(mod "www/cl.tvl.fyi.nix") (mod "www/cl.tvl.fyi.nix")
(mod "www/code.tvl.fyi.nix") (mod "www/code.tvl.fyi.nix")
(mod "www/cs.tvl.fyi.nix")
(mod "www/grep.tvl.fyi.nix") (mod "www/grep.tvl.fyi.nix")
(mod "www/self-cache.tvl.fyi.nix") (mod "www/self-cache.tvl.fyi.nix")
(mod "www/self-redirect.nix") (mod "www/self-redirect.nix")
@ -307,6 +313,9 @@ in
builderball.enable = true; builderball.enable = true;
# Run Markdown/code renderer
cheddar.enable = true;
# Run a livegrep code search instance # Run a livegrep code search instance
livegrep.enable = true; livegrep.enable = true;
@ -333,6 +342,17 @@ in
agentCount = 16; agentCount = 16;
}; };
# Run the Panettone issue tracker
panettone = {
enable = true;
dbUser = "panettone";
dbName = "panettone";
irccatChannel = "#tvl";
};
# Run the first cursed bot (quote bot)
paroxysm.enable = true;
# make our channel more owo # make our channel more owo
owothia = { owothia = {
enable = true; enable = true;
@ -433,6 +453,33 @@ in
}; };
}; };
services.keycloak = {
enable = true;
settings = {
http-port = 5925; # kycl
hostname = "auth.tvl.fyi";
http-relative-path = "/auth";
proxy-headers = "xforwarded";
http-enabled = true;
};
database = {
type = "postgresql";
passwordFile = config.age.secretsDir + "/keycloak-db";
createLocally = false;
};
};
services.postgresqlBackup = {
enable = true;
databases = [
"keycloak"
"panettone"
"tvldb"
];
};
# Use TVL cache locally through the proxy; for cross-builder substitution. # Use TVL cache locally through the proxy; for cross-builder substitution.
tvl.cache.enable = true; tvl.cache.enable = true;
tvl.cache.builderball = true; tvl.cache.builderball = true;