diff --git a/all-packages.nix b/all-packages.nix index 10b3f3f42..bfc60df17 100644 --- a/all-packages.nix +++ b/all-packages.nix @@ -9,9 +9,15 @@ liberaforms-env = callPackage ./pkgs/liberaforms/env.nix {}; libgnunetchat = callPackage ./pkgs/libgnunetchat {}; librecast = callPackage ./pkgs/librecast {inherit lcrq;}; - pretalx-mysql = callPackage ./pkgs/pretalx { withMysql = true; withRedis=true;}; - pretalx-postgresql = callPackage ./pkgs/pretalx { withPostgresql = true; withRedis=true;}; - pretalx = callPackage ./pkgs/pretalx { + pretalx-mysql = callPackage ./pkgs/pretalx { + withMysql = true; + withRedis = true; + }; + pretalx-postgresql = callPackage ./pkgs/pretalx { + withPostgresql = true; + withRedis = true; + }; + pretalx = callPackage ./pkgs/pretalx { withMysql = true; withPostgresql = true; withRedis = true; diff --git a/configs/pretalx/pretalx.nix b/configs/pretalx/pretalx.nix index 543cdc4e1..2d50dbdd8 100644 --- a/configs/pretalx/pretalx.nix +++ b/configs/pretalx/pretalx.nix @@ -3,23 +3,33 @@ pkgs, ... }: { + imports = [ + ./vm.nix + ]; + nixpkgs.hostPlatform = "x86_64-linux"; - networking.firewall.allowedTCPPorts = [config.services.nginx.defaultHTTPListenPort]; + networking = { + firewall.allowedTCPPorts = [config.services.nginx.defaultHTTPListenPort]; + hostName = "server"; + domain = "example.com"; + }; - sops.secrets = let - pretalxSecret = { - # For a production configuration also `sopsFile` is required. - # See . - owner = config.services.pretalx.user; - group = config.services.pretalx.group; + sops = { + secrets = let + pretalxSecret = { + # For a production configuration also `sopsFile` is required. + # See . + owner = config.services.pretalx.user; + group = config.services.pretalx.group; + }; + in { + "pretalx/database/password" = pretalxSecret; + "pretalx/redis/location" = pretalxSecret; + "pretalx/init/admin/password" = pretalxSecret; + "pretalx/celery/backend" = pretalxSecret; + "pretalx/celery/broker" = pretalxSecret; }; - in { - "pretalx/database/password" = pretalxSecret; - "pretalx/redis/location" = pretalxSecret; - "pretalx/init/admin/password" = pretalxSecret; - "pretalx/celery/backend" = pretalxSecret; - "pretalx/celery/broker" = pretalxSecret; }; services = { @@ -69,4 +79,6 @@ recommendedProxySettings = true; }; }; + + system.stateVersion = "22.11"; } diff --git a/configs/pretalx/vm.nix b/configs/pretalx/vm.nix new file mode 100644 index 000000000..dbbfc7d88 --- /dev/null +++ b/configs/pretalx/vm.nix @@ -0,0 +1,10 @@ +{modulesPath, ...}: { + imports = [ + "${modulesPath}/virtualisation/qemu-vm.nix" + ]; + + sops = { + age.keyFile = ./postgresql.nix; + defaultSopsFile = ./postgresql.nix; + }; +} diff --git a/tests/pretalx/default.nix b/tests/pretalx/default.nix index fb727476c..701548b51 100644 --- a/tests/pretalx/default.nix +++ b/tests/pretalx/default.nix @@ -7,21 +7,15 @@ configurations.server ]; - networking.hostName = "server"; - networking.domain = "example.com"; - - sops = { + sops = pkgs.lib.mkForce { age.keyFile = ./sops/keys.txt; - secrets = let - pretalxSecret = { - sopsFile = ./sops/pretalx.yaml; - }; - in { - "pretalx/database/password" = pretalxSecret; - "pretalx/redis/location" = pretalxSecret; - "pretalx/init/admin/password" = pretalxSecret; - "pretalx/celery/backend" = pretalxSecret; - "pretalx/celery/broker" = pretalxSecret; + defaultSopsFile = ./sops/pretalx.yaml; + secrets = { + "pretalx/database/password" = {}; + "pretalx/redis/location" = {}; + "pretalx/init/admin/password" = {}; + "pretalx/celery/backend" = {}; + "pretalx/celery/broker" = {}; }; };