1
0

Move out variables

This commit is contained in:
dump_stack() 2024-06-24 13:23:06 +00:00
parent 8457319696
commit 80f64e456a
Signed by: dump_stack
GPG Key ID: C9905BA72B5E02BB
5 changed files with 20 additions and 19 deletions

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
secrets.nix
var.nix
hardware-configuration.nix

View File

@ -1,10 +1,6 @@
# code.dumpstack.io
[Download NixOS installation ISO](https://nixos.org/nixos/download.html)
Notes:
1. I assume that latest **stable** (e.g. 19.03) ISO will be used for installation.
2. You need to change hostname in `configuration.nix:9`.
[NixOS](https://nixos.org)
## Installation
@ -19,6 +15,10 @@ Notes:
nix-channel --add https://nixos.org/channels/nixos-unstable nixos
nix-channel --update
cd /mnt/etc/nixos
cp var.example.nix var.nix
vim var.nix
nixos-generate-config --root /mnt
nixos-install

View File

@ -3,8 +3,7 @@
#
{ config, pkgs, lib, ... }:
let
secrets = import ./secrets.nix;
hostname = "code.dumpstack.io";
var = import ./var.nix;
in {
imports = [
./hardware-configuration.nix
@ -19,7 +18,7 @@ in {
}
];
networking.hostName = builtins.replaceStrings ["."] ["-"] "${hostname}";
networking.hostName = builtins.replaceStrings ["."] ["-"] "${var.hostname}";
networking.firewall = {
enable = true;
@ -27,7 +26,7 @@ in {
};
users.extraUsers.root = {
openssh.authorizedKeys.keys = [ secrets.pubkey ];
openssh.authorizedKeys.keys = [ var.pubkey ];
};
services.openssh.enable = true;
@ -38,12 +37,12 @@ in {
services.gitea = {
enable = true;
appName = "${hostname}";
appName = "${var.hostname}";
settings = {
server = {
ROOT_URL = "https://${hostname}";
DOMAIN = "${hostname}";
ROOT_URL = "https://${var.hostname}";
DOMAIN = "${var.hostname}";
};
service = {
DISABLE_REGISTRATION = true;
@ -60,12 +59,12 @@ in {
};
};
security.acme.defaults.email = "letsencrypt@dumpstack.io";
security.acme.defaults.email = var.email;
security.acme.acceptTerms = true;
services.nginx = {
enable = true;
virtualHosts."${hostname}" = {
virtualHosts."${var.hostname}" = {
enableACME = true;
forceSSL = true;

View File

@ -1,3 +0,0 @@
{
pubkey = "changeme"; # ssh-add -L
}

5
var.example.nix Normal file
View File

@ -0,0 +1,5 @@
{
hostname = "gitea.example.com";
email = "for_lets_encrypt@example.com";
pubkey = "changeme"; # ssh-add -L
}