about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--configuration.nix1
-rw-r--r--sourcehut.nix62
2 files changed, 63 insertions, 0 deletions
diff --git a/configuration.nix b/configuration.nix
index 9d17525..c7a1d01 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -26,6 +26,7 @@
   imports = [
     ./ipfs.nix
     ./matrix.nix
+    ./sourcehut.nix
     ./static.nix
     ./vpsadminos.nix
   ];
diff --git a/sourcehut.nix b/sourcehut.nix
new file mode 100644
index 0000000..a63ca56
--- /dev/null
+++ b/sourcehut.nix
@@ -0,0 +1,62 @@
+# Sourcehut configuration
+# Copyright (C) 2022  Nguyễn Gia Phong
+#
+# This file is part of loang configuration.
+#
+# Loang configuration is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Loang configuration is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with loang configuration.  If not, see <https://www.gnu.org/licenses/>.
+
+{ config, pkgs, ... }:
+let domain = config.networking.domain;
+in {
+  services = {
+    postfix = {
+      enable = true;
+      domain = domain;
+    };
+
+    sourcehut = {
+      enable = true;
+      meta.enable = true;
+      nginx = {
+        enable = true;
+        virtualHost.enableACME = true;
+      };
+      postgresql.enable = true;
+      postfix.enable = true;
+      redis.enable = true;
+      settings = {
+        mail = {
+          pgp-key-id = "2D354398A720461F81C2A65A9B5A95C1B7B9CE8F";
+          pgp-privkey = "/var/lib/sourcehut/private.pgp";
+          pgp-pubkey = "/var/lib/sourcehut/public.pgp";
+          smtp-from = "sr.ht@${domain}";
+        };
+
+        "meta.sr.ht".origin = "https://hut.${domain}";
+
+        "sr.ht" = {
+          environment = "production";
+          global-domain = domain;
+          network-key = "/var/lib/sourcehut/network.key";
+          origin = "https://hub.${domain}";
+          owner-email = config.security.acme.defaults.email;
+          owner-name = "Nguyễn Gia Phong";
+          service-key = "/var/lib/sourcehut/service.key";
+        };
+
+        webhooks.private-key = "/var/lib/sourcehut/webhook.key";
+      };
+    };
+  };
+}