This commit is contained in:
Schrottkatze 2023-04-25 15:57:59 +02:00
commit 979b78bafc
5 changed files with 122 additions and 0 deletions

1
.envrc Normal file
View file

@ -0,0 +1 @@
use flake

61
flake.lock Normal file
View file

@ -0,0 +1,61 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1682362401,
"narHash": "sha256-/UMUHtF2CyYNl4b60Z2y4wwTTdIWGKhj9H301EDcT9M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "884ac294018409e0d1adc0cae185439a44bd6b0b",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs",
"utils": "utils"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

35
flake.nix Normal file
View file

@ -0,0 +1,35 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, utils, ... }:
let
pkgs = import nixpkgs { system = "x86_64-linux"; };
in {
devShell."x86_64-linux" = with pkgs; mkShell {
buildInputs = [ colmena ];
};
colmena = {
meta = {
nixpkgs = import nixpkgs {
system = "aarch64-linux";
overlays = [];
};
};
katzencafe = { name, nodes, pkgs, ... }: {
deployment = {
targetHost = "katzen.cafe";
buildOnTarget = true;
};
imports = [
./modules/proxy.nix
./modules/jitsi.nix
];
system.stateVersion = "22.11";
};
};
};
}

8
modules/jitsi.nix Normal file
View file

@ -0,0 +1,8 @@
{ pkgs, ... }:
{
services.jitsi-meet = {
enable = true;
hostName = "meet.katzen.cafe";
};
services.jitsi-videobridge.openFirewall = true;
}

17
modules/proxy.nix Normal file
View file

@ -0,0 +1,17 @@
{ pkgs, ... }:
{
security.acme = {
acceptTerms = true;
defaults = {
email = "jade@schrottkatze.de";
server = "https://acme-staging-v02.api.letsencrypt.org/directory";
webroot = "/var/lib/acme/acme-challenge";
};
certs = {
"meet.katzen.cafe" = {
group = "nginx";
keyType = "rsa4096";
};
};
};
}