nixos/applications/open_governance/keyserver.nix

/*
This file is for hosting teh open governance for other societies
*/
{
  lib,
  config,
  pkgs,
  ...
}:
with lib; let
  name = "keyserver";
  cfg = config.services.skynet."${name}";
  port = 11371;
in {
  imports = [
    ../acme.nix
    ../dns.nix
  ];

  options.services.skynet."${name}" = {
    host = {
      ip = mkOption {
        type = types.str;
      };
      name = mkOption {
        type = types.str;
      };
    };
  };

  config = {
    skynet_acme.domains = [
      "${name}.skynet.ie"
    ];

    skynet_dns.records = [
      {
        record = "${name}";
        r_type = "CNAME";
        value = cfg.host.name;
      }
    ];

    services.hockeypuck = {
      enable = true;
      port = port;
    };

    # hockeypuck needs a database backend
    services.postgresql = {
      enable = true;
      ensureDatabases = ["hockeypuck"];
      ensureUsers = [
        {
          name = "hockeypuck";
          ensureDBOwnership = true;
        }
      ];
    };

    services.nginx.virtualHosts = {
      "${name}.skynet.ie" = {
        forceSSL = true;
        useACMEHost = "skynet";
        locations."/" = {
          proxyPass = "http://localhost:${toString port}";
        };
      };
    };
  };
}
feat: add a keyserver 2024-05-07 00:37:19 +00:00			`/*`
			`This file is for hosting teh open governance for other societies`
			`*/`
			`{`
			`lib,`
			`config,`
			`pkgs,`
			`...`
			`}:`
			`with lib; let`
			`name = "keyserver";`
			`cfg = config.services.skynet."${name}";`
			`port = 11371;`
			`in {`
			`imports = [`
			`../acme.nix`
			`../dns.nix`
			`];`

			`options.services.skynet."${name}" = {`
			`host = {`
			`ip = mkOption {`
			`type = types.str;`
			`};`
			`name = mkOption {`
			`type = types.str;`
			`};`
			`};`
			`};`

			`config = {`
			`skynet_acme.domains = [`
			`"${name}.skynet.ie"`
			`];`

			`skynet_dns.records = [`
			`{`
			`record = "${name}";`
			`r_type = "CNAME";`
			`value = cfg.host.name;`
			`}`
			`];`

feat: use hockeypuck instead of sks 2024-05-30 12:04:44 +00:00			`services.hockeypuck = {`
feat: add a keyserver 2024-05-07 00:37:19 +00:00			`enable = true;`
feat: use hockeypuck instead of sks 2024-05-30 12:04:44 +00:00			`port = port;`
			`};`

			`# hockeypuck needs a database backend`
			`services.postgresql = {`
			`enable = true;`
			`ensureDatabases = ["hockeypuck"];`
			`ensureUsers = [`
			`{`
			`name = "hockeypuck";`
			`ensureDBOwnership = true;`
			`}`
			`];`
feat: add a keyserver 2024-05-07 00:37:19 +00:00			`};`

			`services.nginx.virtualHosts = {`
			`"${name}.skynet.ie" = {`
			`forceSSL = true;`
			`useACMEHost = "skynet";`
			`locations."/" = {`
			`proxyPass = "http://localhost:${toString port}";`
			`};`
			`};`
			`};`
			`};`
			`}`