configured the purge bot

2025-01-18 17:11:39 +01:00 · 2023-04-13 14:24:39 +02:00 · 2023-04-13 14:24:39 +02:00 · a207695b2b
commit a207695b2b
parent 8dc4c74526
3 changed files with 47 additions and 0 deletions
--- a/flake.lock
+++ b/flake.lock
@ -444,6 +444,27 @@
        "type": "github"
      }
    },
+    "purge": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1681388319,
+        "narHash": "sha256-vyZKyXkF/EvgHa3V9eh0RcFr+GpryX8BTp39X8xw6qw=",
+        "owner": "therealr5",
+        "repo": "purge",
+        "rev": "706233355bb912a0a41654773bce1e64a92aef0c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "therealr5",
+        "ref": "nix",
+        "repo": "purge",
+        "type": "github"
+      }
+    },
    "root": {
      "inputs": {
        "flake-utils": "flake-utils",
@ -455,6 +476,7 @@
        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs_2",
        "nixvim": "nixvim",
+        "purge": "purge",
        "sops-nix": "sops-nix",
        "xdph": "xdph"
      }
--- a/flake.nix
+++ b/flake.nix
@ -57,6 +57,11 @@
        flake-utils.follows = "flake-utils";
      };
    };
+ 
+    purge = {
+      url = github:therealr5/purge/nix;
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
  };

  outputs =
@ -69,6 +74,7 @@
    , nix-colors
    , nixos-hardware
    , nixvim
+    , purge
    , ...
    }@attrs: {
      formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
@ -114,6 +120,7 @@
            ./hosts/falkenstein-1
            ./shared
            sops-nix.nixosModules.sops
+            purge.nixosModules.default
          ];
        };
      };
--- a/hosts/falkenstein-1/modules/purge/default.nix
+++ b/hosts/falkenstein-1/modules/purge/default.nix
@ -0,0 +1,18 @@
+{ config, pkgs, ... }:
+let
+  domain = "purge.rfive.de";
+in
+{
+  sops.secrets."purge/environment".owner = "purge";
+  services.purge = {
+    enable = true;
+    environmentFile = config.sops.secrets."purge/environment".path;
+  };
+  services.nginx.virtualHosts."${domain}" = {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:${toString config.services.purge.port}";
+    };
+  };
+}