Find a file
Tristan Daniël Maat 2304711359
config: Mitigate upcoming SSL CVE
See
https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html

As 1.1 is unaffected, this override should be sufficient to evade this
problem.
2022-10-31 16:07:41 +00:00
configuration config: Mitigate upcoming SSL CVE 2022-10-31 16:07:41 +00:00
keys matrix: Add coturn support for calls 2022-10-29 01:39:09 +01:00
lib conduit: Use dependencies from stable 2022-10-31 16:06:31 +00:00
modules webserver: Use a hardened systemd unit instead of a container 2022-10-14 05:58:11 +01:00
pkgs Update 2022-10-30 17:13:15 +00:00
.gitignore Start reworking the server for nix flakes 2021-04-12 01:58:03 +01:00
.sops.yaml sops: Improve secrets provisioning to split out staging 2022-10-12 23:22:50 +01:00
flake.lock Update 2022-10-30 17:13:15 +00:00
flake.nix conduit: Add new conduit service 2022-10-22 21:22:55 +01:00
LICENSE Add LICENSE 2019-11-26 23:26:10 +00:00
README.md README.md: Update to new and improved flake mechanisms 2022-10-17 14:29:56 +01:00

tlater.net server configuration

This is the NixOS configuration for tlater.net.

Testing

Run a test VM with:

nix run

Running

Note: M-2 will bring up a console for poweroff and such

One caveat: create a larger disk image first. This can be done by running the following in the repository root:

qemu-img create -f qcow2 ./tlaternet.qcow2 20G

New services

Whenever a new service is added, add an appropriate port binding to qemuNetOpts in the default app.

There is no way to test this without binding to the host port, sadly.

Deploying

Deployment is handled using deploy-rs:

deploy .#tlaternet