linde: Add redis server for website
1 file changed, 16 insertions(+), 0 deletions(-)
changed files
M system/linde.nix → system/linde.nix
@@ -13,6 +13,7 @@ net-mask4 = "32"; net-gw = "172.31.1.1"; net-ip6 = "2a01:4f8:c012:23a4::1"; net-rdnsip = "2a01:4f8:c012:23a4::53"; + net-redisip = "2a01:4f8:c012:23a4::6379"; net-mask6 = "64"; net-gw6 = "fe80::1"; domain = "alanpearce.eu";@@ -42,6 +43,7 @@ acme.file = ../secrets/acme.age; binarycache.file = ../secrets/binarycache.age; dex.file = ../secrets/dex.age; powerdns.file = ../secrets/powerdns.age; + redis-website.file = ../secrets/redis-website.age; golink = let golink = config.services.golink; in { # hope this doesn't collide... path = "${golink.dataDir}/.config/tsnet-golink/auth.key";@@ -162,6 +164,7 @@ hosts = lib.mkForce { ${net-ip4} = [ "${hostname}.alanpearce.eu" hostname ]; ${net-ip6} = [ "${hostname}.alanpearce.eu" hostname ]; ${net-rdnsip} = [ "dns" ]; + ${net-redisip} = [ "redis" ]; }; firewall = { enable = true;@@ -219,6 +222,7 @@ ]; address = [ "${net-ip6}/${net-mask6}" "${net-rdnsip}/${net-mask6}" + "${net-redisip}/${net-mask6}" ]; addresses = [{ Address = "${net-ip4}/${net-mask4}";@@ -959,6 +963,18 @@ After = [ "etcd.service" ]; Requires = [ "etcd.service" ]; }; + services.redis = { + servers = { + website = { + port = 6379; + bind = net-redisip; + openFirewall = true; + databases = 1; + maxclients = 6; + requirePassFile = config.age.secrets.redis-website.path; + }; + }; + }; services.syncthing = { enable = true;