maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(ops/nevsky): run TVL Gerrit instance

Browse source 
Runs the Gerrit instance with the same config as previously on whitby. Data has
been migrated manually using `tailscale file` (which worked surprisingly well).

Change-Id: I6e85f932c834b2c36fc40327ae081ee396c5e16f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13077
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
This commit is contained in:
Vincent Ambo 2025-02-02 00:25:15 +03:00 committed by tazjin
parent 4a1a271644
commit c6f2f6924b
1 changed files with 15 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

16
ops/machines/nevsky/default.nix
View file

@ -11,11 +11,14 @@ in
(mod "harmonia.nix")
(mod "irccat.nix")
(mod "known-hosts.nix")
(mod "monorepo-gerrit.nix")
(mod "owothia.nix")
(mod "smtprelay.nix")
(mod "restic.nix")
(mod "tvl-buildkite.nix")
(mod "tvl-users.nix")
(mod "www/cache.tvl.fyi.nix")
(mod "www/cl.tvl.fyi.nix")
(mod "www/self-cache.tvl.fyi.nix")
(mod "www/self-redirect.nix")
(depot.third_party.agenix.src + "/modules/age.nix")
@ -224,7 +227,7 @@ in
"8.8.4.4"
];
firewall.allowedTCPPorts = [ 22 80 443 ];
firewall.allowedTCPPorts = [ 22 80 443 29418 ];
firewall.allowedUDPPorts = [ 51820 ];
};
@ -421,6 +424,17 @@ in
commands = [{ command = "ALL"; options = [ "NOPASSWD" ]; }];
}];
users = {
# Set up a user & group for git shenanigans
groups.git = { };
users.git = {
group = "git";
isSystemUser = true;
createHome = true;
home = "/var/lib/git";
};
};
zramSwap.enable = true;
system.stateVersion = "24.11";