nixos-wiki-infra/targets/nixos-wiki.nixos.org/configuration.nix

{ self, lib, config, ... }:
let
  nixosVars = builtins.fromJSON (builtins.readFile ./nixos-vars.json);
in
{
  imports = [
    self.nixosModules.nixos-wiki
    self.nixosModules.nixos-wiki-backup
    self.nixosModules.hcloud
  ];
  users.users.root.openssh.authorizedKeys.keys = nixosVars.ssh_keys;
  system.stateVersion = "23.11";
  security.acme.defaults.email = "joerg.letsencrypt@thalheim.io";

  sops.secrets.nixos-wiki.owner = config.services.phpfpm.pools.mediawiki.user;
  sops.secrets.nixos-wiki-github-client-secret.owner = config.services.phpfpm.pools.mediawiki.user;

  services.nixos-wiki = {
    hostname = "wiki.staging.julienmalka.me";
    adminPasswordFile = config.sops.secrets.nixos-wiki.path;
    githubClientId = "Iv1.95ed182c83df1d22";
    githubClientSecretFile = config.sops.secrets.nixos-wiki-github-client-secret.path;
    emergencyContact = "nixos-wiki@thalheim.io";
    passwordSender = "nixos-wiki@thalheim.io";
    noReplyAddress = "nixos-wiki-no-reply@thalheim.io";
  };

  sops.defaultSopsFile = ./secrets/secrets.yaml;
  boot.loader.grub.devices = lib.mkForce [ "/dev/sda" ];
}
seperate site specific variables from nixos module 2023-11-19 11:13:15 +01:00			`{ self, lib, config, ... }:`
apply treefmt 2023-10-24 17:34:54 +02:00			`let`
add actual wiki configuration and lots of modernisations 2023-10-24 17:33:05 +02:00			`nixosVars = builtins.fromJSON (builtins.readFile ./nixos-vars.json);`
apply treefmt 2023-10-24 17:34:54 +02:00			`in`
			`{`
add actual wiki configuration and lots of modernisations 2023-10-24 17:33:05 +02:00			`imports = [`
			`self.nixosModules.nixos-wiki`
			`self.nixosModules.nixos-wiki-backup`
			`self.nixosModules.hcloud`
			`];`
			`users.users.root.openssh.authorizedKeys.keys = nixosVars.ssh_keys;`
			`system.stateVersion = "23.11";`
			`security.acme.defaults.email = "joerg.letsencrypt@thalheim.io";`
seperate site specific variables from nixos module 2023-11-19 11:13:15 +01:00
			`sops.secrets.nixos-wiki.owner = config.services.phpfpm.pools.mediawiki.user;`
			`sops.secrets.nixos-wiki-github-client-secret.owner = config.services.phpfpm.pools.mediawiki.user;`

			`services.nixos-wiki = {`
deploy wiki on wiki.staging.julienmalka.me 2024-02-12 11:53:09 +01:00			`hostname = "wiki.staging.julienmalka.me";`
seperate site specific variables from nixos module 2023-11-19 11:13:15 +01:00			`adminPasswordFile = config.sops.secrets.nixos-wiki.path;`
			`githubClientId = "Iv1.95ed182c83df1d22";`
			`githubClientSecretFile = config.sops.secrets.nixos-wiki-github-client-secret.path;`
			`emergencyContact = "nixos-wiki@thalheim.io";`
			`passwordSender = "nixos-wiki@thalheim.io";`
			`noReplyAddress = "nixos-wiki-no-reply@thalheim.io";`
			`};`

update target name in .sops.yaml 2024-02-17 17:26:38 +01:00			`sops.defaultSopsFile = ./secrets/secrets.yaml;`
add actual wiki configuration and lots of modernisations 2023-10-24 17:33:05 +02:00			`boot.loader.grub.devices = lib.mkForce [ "/dev/sda" ];`
			`}`