all repos — nixfiles @ 70d04f125ec7cd5df5c94922fa5c80a1c8341db9

System and user configuration, managed by nix and home-manager

linde: Add redis server for website

Alan Pearce
commit

70d04f125ec7cd5df5c94922fa5c80a1c8341db9

parent

bd2f43382e6166e72ba86d18c1215d5dc509cdc3

1 file changed, 16 insertions(+), 0 deletions(-)

changed files
M system/linde.nixsystem/linde.nix
@@ -13,6 +13,7 @@ net-mask4 = "32";
net-gw = "172.31.1.1"; net-ip6 = "2a01:4f8:c012:23a4::1"; net-rdnsip = "2a01:4f8:c012:23a4::53"; + net-redisip = "2a01:4f8:c012:23a4::6379"; net-mask6 = "64"; net-gw6 = "fe80::1"; domain = "alanpearce.eu";
@@ -42,6 +43,7 @@ acme.file = ../secrets/acme.age;
binarycache.file = ../secrets/binarycache.age; dex.file = ../secrets/dex.age; powerdns.file = ../secrets/powerdns.age; + redis-website.file = ../secrets/redis-website.age; golink = let golink = config.services.golink; in { # hope this doesn't collide... path = "${golink.dataDir}/.config/tsnet-golink/auth.key";
@@ -162,6 +164,7 @@ hosts = lib.mkForce {
${net-ip4} = [ "${hostname}.alanpearce.eu" hostname ]; ${net-ip6} = [ "${hostname}.alanpearce.eu" hostname ]; ${net-rdnsip} = [ "dns" ]; + ${net-redisip} = [ "redis" ]; }; firewall = { enable = true;
@@ -219,6 +222,7 @@ ];
address = [ "${net-ip6}/${net-mask6}" "${net-rdnsip}/${net-mask6}" + "${net-redisip}/${net-mask6}" ]; addresses = [{ Address = "${net-ip4}/${net-mask4}";
@@ -959,6 +963,18 @@ After = [ "etcd.service" ];
Requires = [ "etcd.service" ]; }; + services.redis = { + servers = { + website = { + port = 6379; + bind = net-redisip; + openFirewall = true; + databases = 1; + maxclients = 6; + requirePassFile = config.age.secrets.redis-website.path; + }; + }; + }; services.syncthing = { enable = true;