diff --git a/flake.nix b/flake.nix index 8ee4773..c2b33c4 100644 --- a/flake.nix +++ b/flake.nix @@ -53,6 +53,9 @@ framework = { inherit (stoat) stateVersion home-manager; }; + deimos = { + inherit (tapir) stateVersion; + }; phobos = { inherit (tapir) stateVersion sops-nix; }; @@ -74,6 +77,7 @@ # Remote machines. Deploy using `colmena apply` + deimos.imports = [ ./hive/deimos ]; phobos.imports = [ ./hive/phobos ]; titan.imports = [ ./hive/titan ]; }; diff --git a/hive/deimos/default.nix b/hive/deimos/default.nix new file mode 100644 index 0000000..9822d6b --- /dev/null +++ b/hive/deimos/default.nix @@ -0,0 +1,44 @@ +{ system, stateVersion, lib, ... }: +let + blog = builtins.getFlake + "github:jrpotter/blog/689107113f248cc2cad2a53d9f7d32be484c9060"; +in +{ + imports = lib.optional (builtins.pathExists ./do-userdata.nix) ./do-userdata.nix ++ [ + ../../digital-ocean/configuration.nix + ]; + + deployment.targetHost = "24.199.110.222"; + + networking = { + hostName = "deimos"; + firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + }; + + programs.mosh.enable = true; + + services.openssh.enable = true; + + security.acme = { + acceptTerms = true; + defaults.email = "jrpotter2112@gmail.com"; + }; + + services.nginx = { + enable = true; + virtualHosts = { + "blog.jrpotter.com" = { + forceSSL = true; + enableACME = true; + locations."/" = { + root = blog.packages.${system}.app; + }; + }; + }; + }; + + system.stateVersion = stateVersion; +} diff --git a/hive/titan/default.nix b/hive/titan/default.nix index 1e4e4ae..f6dcfaa 100644 --- a/hive/titan/default.nix +++ b/hive/titan/default.nix @@ -7,7 +7,7 @@ nix.settings.experimental-features = [ "nix-command" "flakes" ]; - deployment.targetHost = "143.110.158.6"; + deployment.targetHost = null; networking.hostName = "titan";