feat(tazjin/nixos): deploy monica on koptevo

Change-Id: Iaa74d995f3b2556673095a32ec2b718dcb2d82a4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8849 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-22 18:55:28 +03:00 · 2023-06-22 18:55:28 +03:00 · d356f94ef1
commit d356f94ef1
parent ab83864407
5 changed files with 41 additions and 0 deletions
--- a/users/tazjin/nixos/default.nix
+++ b/users/tazjin/nixos/default.nix
@ -6,5 +6,6 @@ in depot.nix.readTree.drvTargets {
  frogSystem = systemFor depot.users.tazjin.nixos.frog;
  tverskoySystem = systemFor depot.users.tazjin.nixos.tverskoy;
  zamalekSystem = systemFor depot.users.tazjin.nixos.zamalek;
+  koptevoRaw = depot.ops.nixos.nixosFor depot.users.tazjin.nixos.koptevo;
  koptevoSystem = systemFor depot.users.tazjin.nixos.koptevo;
 }
--- a/users/tazjin/nixos/koptevo/default.nix
+++ b/users/tazjin/nixos/koptevo/default.nix
@ -12,6 +12,7 @@ in
    (mod "quassel.nix")
    (mod "www/base.nix")
    (mod "www/tazj.in.nix")
+    (usermod "monica.nix")
    (usermod "predlozhnik.nix")
    (usermod "tgsa.nix")
    (depot.third_party.agenix.src + "/modules/age.nix")
--- a/users/tazjin/nixos/modules/monica.nix
+++ b/users/tazjin/nixos/modules/monica.nix
@ -0,0 +1,26 @@
+# Host the Monica personal CRM software.
+{ depot, config, ... }:
+
+{
+  imports = [
+    (depot.third_party.agenix.src + "/modules/age.nix")
+  ];
+
+  age.secrets.monica-appkey = {
+    group = config.services.monica.group;
+    file = depot.users.tazjin.secrets."monica-appkey.age";
+    mode = "0440";
+  };
+
+  services.monica = {
+    enable = true;
+    hostname = "monica.tazj.in";
+    appKeyFile = "/run/agenix/monica-appkey";
+    database.createLocally = true;
+
+    nginx = {
+      enableACME = true;
+      forceSSL = true;
+    };
+  };
+}