diff options
| author | Nguyễn Gia Phong <mcsinyx@disroot.org> | 2022-06-13 17:21:11 +0900 |
|---|---|---|
| committer | Nguyễn Gia Phong <mcsinyx@disroot.org> | 2022-06-13 17:21:11 +0900 |
| commit | 0e8a7685139b375b71df9515395ea3fb621024ad (patch) | |
| tree | 31f1f04b9c19cd33c31fb5e37c536c30e08ebdf5 | |
| parent | 36e2a7b1c07d35e785572bd2436207b81b7520c5 (diff) | |
| download | nixos-conf-0e8a7685139b375b71df9515395ea3fb621024ad.tar.gz | |
Get SourceHut services up and running
Some don't work really well/don't really work though.
| -rw-r--r-- | sourcehut.nix | 44 |
1 files changed, 40 insertions, 4 deletions
diff --git a/sourcehut.nix b/sourcehut.nix index a63ca56..20a248f 100644 --- a/sourcehut.nix +++ b/sourcehut.nix @@ -16,10 +16,12 @@ # You should have received a copy of the GNU Affero General Public License # along with loang configuration. If not, see <https://www.gnu.org/licenses/>. -{ config, pkgs, ... }: +{ config, lib, ... }: let domain = config.networking.domain; in { services = { + nginx.virtualHosts."hub.${domain}".serverAliases = lib.mkForce [ ]; + postfix = { enable = true; domain = domain; @@ -27,7 +29,15 @@ in { sourcehut = { enable = true; + git = { + enable = true; + port = 5200; # 5001 used by IPFS + }; + hub.enable = true; + lists.enable = true; + man.enable = true; meta.enable = true; + nginx = { enable = true; virtualHost.enableACME = true; @@ -35,15 +45,34 @@ in { postgresql.enable = true; postfix.enable = true; redis.enable = true; + settings = { + "git.sr.ht" = { + oauth-client-id = "9be0f6dbb54f3e9f"; + oauth-client-secret = "/etc/sr.ht/oauth-secrets/git"; + }; + + "hub.sr.ht" = { + oauth-client-id = "0cb618265116af18"; + oauth-client-secret = "/etc/sr.ht/oauth-secrets/hub"; + }; + + "lists.sr.ht" = { + oauth-client-id = "963f211a96e2c160"; + oauth-client-secret = "/etc/sr.ht/oauth-secrets/lists"; + }; + mail = { pgp-key-id = "2D354398A720461F81C2A65A9B5A95C1B7B9CE8F"; - pgp-privkey = "/var/lib/sourcehut/private.pgp"; - pgp-pubkey = "/var/lib/sourcehut/public.pgp"; + pgp-privkey = "/etc/sr.ht/private.pgp"; + pgp-pubkey = "/etc/sr.ht/public.pgp"; smtp-from = "sr.ht@${domain}"; }; - "meta.sr.ht".origin = "https://hut.${domain}"; + "man.sr.ht" = { + oauth-client-id = "af85b2b56a729ac0"; + oauth-client-secret = "/etc/sr.ht/oauth-secrets/man"; + }; "sr.ht" = { environment = "production"; @@ -55,8 +84,15 @@ in { service-key = "/var/lib/sourcehut/service.key"; }; + "todo.sr.ht" = { + oauth-client-id = "1bfa656ef3431360"; + oauth-client-secret = "/etc/sr.ht/oauth-secrets/todo"; + }; + webhooks.private-key = "/var/lib/sourcehut/webhook.key"; }; + + todo.enable = true; }; }; } |