From 0e8a7685139b375b71df9515395ea3fb621024ad Mon Sep 17 00:00:00 2001 From: Nguyễn Gia Phong Date: Mon, 13 Jun 2022 17:21:11 +0900 Subject: Get SourceHut services up and running Some don't work really well/don't really work though. --- sourcehut.nix | 44 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 40 insertions(+), 4 deletions(-) diff --git a/sourcehut.nix b/sourcehut.nix index a63ca56..20a248f 100644 --- a/sourcehut.nix +++ b/sourcehut.nix @@ -16,10 +16,12 @@ # You should have received a copy of the GNU Affero General Public License # along with loang configuration. If not, see . -{ config, pkgs, ... }: +{ config, lib, ... }: let domain = config.networking.domain; in { services = { + nginx.virtualHosts."hub.${domain}".serverAliases = lib.mkForce [ ]; + postfix = { enable = true; domain = domain; @@ -27,7 +29,15 @@ in { sourcehut = { enable = true; + git = { + enable = true; + port = 5200; # 5001 used by IPFS + }; + hub.enable = true; + lists.enable = true; + man.enable = true; meta.enable = true; + nginx = { enable = true; virtualHost.enableACME = true; @@ -35,15 +45,34 @@ in { postgresql.enable = true; postfix.enable = true; redis.enable = true; + settings = { + "git.sr.ht" = { + oauth-client-id = "9be0f6dbb54f3e9f"; + oauth-client-secret = "/etc/sr.ht/oauth-secrets/git"; + }; + + "hub.sr.ht" = { + oauth-client-id = "0cb618265116af18"; + oauth-client-secret = "/etc/sr.ht/oauth-secrets/hub"; + }; + + "lists.sr.ht" = { + oauth-client-id = "963f211a96e2c160"; + oauth-client-secret = "/etc/sr.ht/oauth-secrets/lists"; + }; + mail = { pgp-key-id = "2D354398A720461F81C2A65A9B5A95C1B7B9CE8F"; - pgp-privkey = "/var/lib/sourcehut/private.pgp"; - pgp-pubkey = "/var/lib/sourcehut/public.pgp"; + pgp-privkey = "/etc/sr.ht/private.pgp"; + pgp-pubkey = "/etc/sr.ht/public.pgp"; smtp-from = "sr.ht@${domain}"; }; - "meta.sr.ht".origin = "https://hut.${domain}"; + "man.sr.ht" = { + oauth-client-id = "af85b2b56a729ac0"; + oauth-client-secret = "/etc/sr.ht/oauth-secrets/man"; + }; "sr.ht" = { environment = "production"; @@ -55,8 +84,15 @@ in { service-key = "/var/lib/sourcehut/service.key"; }; + "todo.sr.ht" = { + oauth-client-id = "1bfa656ef3431360"; + oauth-client-secret = "/etc/sr.ht/oauth-secrets/todo"; + }; + webhooks.private-key = "/var/lib/sourcehut/webhook.key"; }; + + todo.enable = true; }; }; } -- cgit 1.4.1