forked from pub-solar/os
Merge pull request 'infra: fix deploy-rs + collabora container' (#256) from infra-fix-deploy-collabora into infra
Reviewed-on: pub-solar/os#256 Reviewed-by: b12f <hello@benjaminbaedorf.eu>
This commit is contained in:
commit
b97fd41b92
10
flake.nix
10
flake.nix
|
@ -69,14 +69,6 @@
|
||||||
channels = {
|
channels = {
|
||||||
nixos = {
|
nixos = {
|
||||||
imports = [(digga.lib.importOverlays ./overlays)];
|
imports = [(digga.lib.importOverlays ./overlays)];
|
||||||
overlays = [
|
|
||||||
(self: super: {
|
|
||||||
deploy-rs = {
|
|
||||||
inherit (inputs.nixos.legacyPackages.x86_64-linux) deploy-rs;
|
|
||||||
lib = inputs.deploy.lib.x86_64-linux;
|
|
||||||
};
|
|
||||||
})
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
latest = {};
|
latest = {};
|
||||||
fork = {};
|
fork = {};
|
||||||
|
@ -182,7 +174,7 @@
|
||||||
profilesOrder = ["system" "direnv"];
|
profilesOrder = ["system" "direnv"];
|
||||||
profiles.direnv = {
|
profiles.direnv = {
|
||||||
user = "barkeeper";
|
user = "barkeeper";
|
||||||
path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.barkeeper;
|
path = deploy.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.barkeeper;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
#example = {
|
#example = {
|
||||||
|
|
|
@ -1,3 +1,28 @@
|
||||||
|
# Deploy infra branch to flora-6
|
||||||
|
|
||||||
|
Use this command after updating flake inputs to update services on `flora-6`.
|
||||||
|
|
||||||
|
```
|
||||||
|
deploy --skip-checks --confirm-timeout 300 --targets '.#flora-6'
|
||||||
|
|
||||||
|
An alternative, if deployment always fails and rolls back.
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
deploy --skip-checks --magic-rollback false --auto-rollback false --targets '.#flora-6'
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
# SSH access to flora-6
|
||||||
|
Ensure your SSH public key is in place [here](./users/barkeeper/default.nix) and
|
||||||
|
was deployed by someone with access.
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
ssh barkeeper@flora-6.pub.solar
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
# Mailman on NixOS docs
|
# Mailman on NixOS docs
|
||||||
|
|
||||||
- add reverse DNS record for IP
|
- add reverse DNS record for IP
|
||||||
|
@ -5,12 +30,21 @@
|
||||||
Manual setup done for mailman, adapted from https://nixos.wiki/wiki/Mailman:
|
Manual setup done for mailman, adapted from https://nixos.wiki/wiki/Mailman:
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
# Add DNS records in infra repo using terraform:
|
# Add DNS records in infra repo using terraform:
|
||||||
|
|
||||||
# https://git.pub.solar/pub-solar/infra/commit/db234cdb5b55758a3d74387ada0760e06e166b9d
|
# https://git.pub.solar/pub-solar/infra/commit/db234cdb5b55758a3d74387ada0760e06e166b9d
|
||||||
|
|
||||||
# Generate initial postfix_domains.db and postfix_lmtp.db databases for Postfix
|
# Generate initial postfix_domains.db and postfix_lmtp.db databases for Postfix
|
||||||
|
|
||||||
sudo -u mailman mailman aliases
|
sudo -u mailman mailman aliases
|
||||||
|
|
||||||
# Create a django superuser account
|
# Create a django superuser account
|
||||||
|
|
||||||
sudo -u mailman-web mailman-web createsuperuser
|
sudo -u mailman-web mailman-web createsuperuser
|
||||||
|
|
||||||
# Followed outlined steps in web UI
|
# Followed outlined steps in web UI
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
|
@ -22,11 +22,12 @@
|
||||||
"9980:9980"
|
"9980:9980"
|
||||||
];
|
];
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--cap-add MKNOD"
|
"--cap-add=MKNOD"
|
||||||
|
"--pull=always"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
server_name = "collabora.pub.solar";
|
server_name = "collabora.pub.solar";
|
||||||
aliasgroup1 = "https://collabora.pub.solar:443";
|
aliasgroup1 = "https://cloud.pub.solar:443";
|
||||||
DONT_GEN_SSL_CERT = "1";
|
DONT_GEN_SSL_CERT = "1";
|
||||||
extra_params = "--o:ssl.enable=false --o:ssl.termination=true";
|
extra_params = "--o:ssl.enable=false --o:ssl.termination=true";
|
||||||
SLEEPFORDEBUGGER = "0";
|
SLEEPFORDEBUGGER = "0";
|
||||||
|
|
|
@ -76,6 +76,7 @@
|
||||||
dependsOn = ["drone-db"];
|
dependsOn = ["drone-db"];
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--network=drone-net"
|
"--network=drone-net"
|
||||||
|
"--pull=always"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
DRONE_GITEA_SERVER = "https://git.pub.solar";
|
DRONE_GITEA_SERVER = "https://git.pub.solar";
|
||||||
|
@ -98,6 +99,7 @@
|
||||||
dependsOn = ["drone-db"];
|
dependsOn = ["drone-db"];
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--network=drone-net"
|
"--network=drone-net"
|
||||||
|
"--pull=always"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
DRONE_RPC_HOST = "ci.pub.solar";
|
DRONE_RPC_HOST = "ci.pub.solar";
|
||||||
|
|
|
@ -59,6 +59,6 @@ in {
|
||||||
]
|
]
|
||||||
++ lib.optionals (pkgs.stdenv.hostPlatform.isLinux && !pkgs.stdenv.buildPlatform.isDarwin) [
|
++ lib.optionals (pkgs.stdenv.hostPlatform.isLinux && !pkgs.stdenv.buildPlatform.isDarwin) [
|
||||||
(devos nixos-generators)
|
(devos nixos-generators)
|
||||||
(devos deploy-rs.deploy-rs)
|
(devos inputs.deploy.packages.${pkgs.system}.deploy-rs)
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue