Skip to content

Commit

Permalink
services/sicp-staging: update
Browse files Browse the repository at this point in the history
  • Loading branch information
@linyinfeng
linyinfeng committed Sep 22, 2024
1 parent 234c802 commit badc003
Show file tree
Hide file tree
Showing 11 changed files with 475 additions and 41 deletions.
1 change: 1 addition & 0 deletions lib/data/data.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
"minio_cache_test_key_id": "cache-test",
"minio_metrics_key_id": "metrics",
"minio_pastebin_key_id": "pastebin",
"minio_sicp_staging_key_id": "sicp-staging",
"secure_boot_db_cert_pem": "-----BEGIN CERTIFICATE-----\nMIIChDCCAgqgAwIBAgIQP+inRvdtZIUHOJ1NhPDk0DAKBggqhkjOPQQDAzAlMRAw\nDgYDVQQKEwdZaW5mZW5nMREwDwYDVQQDEwhsaTdnLmNvbTAeFw0yNDA3MTYxNjM0\nNDlaFw0zNDA3MTQxNjM0NDlaMDUxMzAxBgNVBAMTKllpbmZlbmcgU2VjdXJlIEJv\nb3QgU2lnbmF0dXJlIERhdGFiYXNlIEtleTCCASIwDQYJKoZIhvcNAQEBBQADggEP\nADCCAQoCggEBAKNtM41GpI5ziBLN2FKxBi0Ng2XDqUHuIyJSgTkUh8Hsm8lWsvLL\nrDwXPn/cjDLLQIrVYZaCbH9iHeE7nvidH5+9qsbGmZqlwI8k5H+068h12pdzE7HQ\nr2ABvF5Y2L+RqAUNeg8iG9BIed4pJoiTcdov7/Kj/FdeKlJHDSeThvOut1gpITrc\nxKmQj57FF65Oe9YrVNOENYkL/g9WpsW1FqO6pqoZGy5ya2YpS0W/yDZhubSzkZ+9\n18a5X5czRtfI9uXQ/rK+w+T/MoLTfDTyeueyHXZkvS2U6zPYmlqLlQYoRvrQkFZg\nm1fLhM+vmpjSQ6dwOILvHoUX3MCJt2gMw7sCAwEAAaNBMD8wDgYDVR0PAQH/BAQD\nAgeAMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUF7pFDP6qoO7y80SCJNbwPAzK\nohwwCgYIKoZIzj0EAwMDaAAwZQIxANVDj3KiwalLTx56S5aW38os3KoSDSKMwp1m\n2WxI++/NzXWv6Ki0DVxp3xcQypbCwQIwVkFQH7yvJJTmM7vwF1xWlooplr8Hd5Oz\nVK3662b68LrWuehwFr63PwdemLBpiuw1\n-----END CERTIFICATE-----\n",
"secure_boot_db_esl_base64": "oVnApeSUp0qHtasVXCvwcrQCAAAAAAAAmAIAAIQMU7LT8wtAtAEM/T3gdMowggKEMIICCqADAgEC\nAhA/6KdG921khQc4nU2E8OTQMAoGCCqGSM49BAMDMCUxEDAOBgNVBAoTB1lpbmZlbmcxETAPBgNV\nBAMTCGxpN2cuY29tMB4XDTI0MDcxNjE2MzQ0OVoXDTM0MDcxNDE2MzQ0OVowNTEzMDEGA1UEAxMq\nWWluZmVuZyBTZWN1cmUgQm9vdCBTaWduYXR1cmUgRGF0YWJhc2UgS2V5MIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAo20zjUakjnOIEs3YUrEGLQ2DZcOpQe4jIlKBORSHweybyVay8sus\nPBc+f9yMMstAitVhloJsf2Id4Tue+J0fn72qxsaZmqXAjyTkf7TryHXal3MTsdCvYAG8XljYv5Go\nBQ16DyIb0Eh53ikmiJNx2i/v8qP8V14qUkcNJ5OG8663WCkhOtzEqZCPnsUXrk571itU04Q1iQv+\nD1amxbUWo7qmqhkbLnJrZilLRb/INmG5tLORn73XxrlflzNG18j25dD+sr7D5P8ygtN8NPJ657Id\ndmS9LZTrM9iaWouVBihG+tCQVmCbV8uEz6+amNJDp3A4gu8ehRfcwIm3aAzDuwIDAQABo0EwPzAO\nBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQXukUM/qqg7vLzRIIk1vA8\nDMqiHDAKBggqhkjOPQQDAwNoADBlAjEA1UOPcqLBqUtPHnpLlpbfyizcqhINIozCnWbZbEj7783N\nda/oqLQNXGnfFxDKlsLBAjBWQVAfvK8klOYzu/AXXFaWiimWvwd3k7NUrfrrZvrwuta56HAWvrc/\nB16YsGmK7DU=",
"secure_boot_db_signed_esl_base64": "AAAAAAAAAAAAAAAAAAAAACoEAAAAAvEOndKvSt9o7kmKqTR9N1ZlpzCCBA4CAQExDzANBglghkgB\nZQMEAgEFADALBgkqhkiG9w0BBwGgggKBMIICfTCCAgSgAwIBAgIQNYH4M7+WBa1cAazRyjI+gzAK\nBggqhkjOPQQDAzAlMRAwDgYDVQQKEwdZaW5mZW5nMREwDwYDVQQDEwhsaTdnLmNvbTAeFw0yNDA3\nMTYxNjM0NDlaFw0zNDA3MTQxNjM0NDlaMC8xLTArBgNVBAMTJFlpbmZlbmcgU2VjdXJlIEJvb3Qg\nS2V5IEV4Y2hhbmdlIEtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANJaH1l4yo4B\nAiI6QuS2yGZ8vbJ8XCAN8QyMouyBDQAxnh61ApvuHRW2ZChZkSC5h1qv423TgcA+et7yS1pm+Gff\nMPUONBPf+uBmyE8NcPcDXR2AaUyFCKkKAjoRHaEJ0Kt+NJXyD2gz3bq1z7tr5UUxy+l+HgvA3NH5\nNiU5uIP5ZZPsQ2RRUt9wSobgbjeN2g/gH/UxepJXakt8oQbcH8i62O8ohQ/agJWUK3HS5nA3etYt\n+gVnXEaKiUUNgZi1kT1dEPsHANaveXkEOVAvR+C0XkyKy2nq2oBVACemhN50OiwMzZ7B1TQm5IgS\nqFC3ZokNpxSAhvOSpB5U/BJwdaMCAwEAAaNBMD8wDgYDVR0PAQH/BAQDAgGGMAwGA1UdEwEB/wQC\nMAAwHwYDVR0jBBgwFoAUF7pFDP6qoO7y80SCJNbwPAzKohwwCgYIKoZIzj0EAwMDZwAwZAIwdwuT\nXzU9TE17j5747MzrNT0mUCOxTyXWyeJEdWazD/oT06WCK4PhI4ATBxCoaJx+AjBjKeMO3+I5DvgL\nV2+ZCSwXuy4hPjkJK3wRmE95QaP3y3LntU6bPexd06MSyVYx/gIxggFkMIIBYAIBATA5MCUxEDAO\nBgNVBAoTB1lpbmZlbmcxETAPBgNVBAMTCGxpN2cuY29tAhA1gfgzv5YFrVwBrNHKMj6DMA0GCWCG\nSAFlAwQCAQUAMA0GCSqGSIb3DQEBAQUABIIBADPBoxdCdLNFMSrepwAhSPuxWNK2mq2zebFjPnP2\nN8fE6WO7UoyHEv0T+RnR9KVSe5Q5F0lABk1aCYj2Ury8JmNUlpBUzaZKIwxRmB3o/dbTnhjav/g1\nKLK66joGhhfHKzUjUMoaXPanYMQg+yJNm2yAYKwWDqgGVVzBtjaiw5PQBsDbPK9b5Dpx0XFghbK4\nOBxydp882uArC+Hl83MOcrvMC7TBFlkoWwMV356XVnZ3kAHYtIbG7BSonMbs7WODSAc63OQxuBoj\ne4qy0Ta2RMeoUniW+ImeBF7z6kMIMzyXQ1BfOyI90XcnjFc61vwlFM1lgn8dqwsu3kg04Tkgegmh\nWcCl5JSnSoe1qxVcK/BytAIAAAAAAACYAgAAhAxTstPzC0C0AQz9PeB0yjCCAoQwggIKoAMCAQIC\nED/op0b3bWSFBzidTYTw5NAwCgYIKoZIzj0EAwMwJTEQMA4GA1UEChMHWWluZmVuZzERMA8GA1UE\nAxMIbGk3Zy5jb20wHhcNMjQwNzE2MTYzNDQ5WhcNMzQwNzE0MTYzNDQ5WjA1MTMwMQYDVQQDEypZ\naW5mZW5nIFNlY3VyZSBCb290IFNpZ25hdHVyZSBEYXRhYmFzZSBLZXkwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQCjbTONRqSOc4gSzdhSsQYtDYNlw6lB7iMiUoE5FIfB7JvJVrLyy6w8\nFz5/3Iwyy0CK1WGWgmx/Yh3hO574nR+fvarGxpmapcCPJOR/tOvIddqXcxOx0K9gAbxeWNi/kagF\nDXoPIhvQSHneKSaIk3HaL+/yo/xXXipSRw0nk4bzrrdYKSE63MSpkI+exReuTnvWK1TThDWJC/4P\nVqbFtRajuqaqGRsucmtmKUtFv8g2Ybm0s5GfvdfGuV+XM0bXyPbl0P6yvsPk/zKC03w08nrnsh12\nZL0tlOsz2Jpai5UGKEb60JBWYJtXy4TPr5qY0kOncDiC7x6FF9zAibdoDMO7AgMBAAGjQTA/MA4G\nA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFBe6RQz+qqDu8vNEgiTW8DwM\nyqIcMAoGCCqGSM49BAMDA2gAMGUCMQDVQ49yosGpS08eekuWlt/KLNyqEg0ijMKdZtlsSPvvzc11\nr+iotA1cad8XEMqWwsECMFZBUB+8rySU5jO78BdcVpaKKZa/B3eTs1St+utm+vC61rnocBa+tz8H\nXpiwaYrsNQ==",
Expand Down
2 changes: 2 additions & 0 deletions nixos/hosts/mtl0/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,8 @@ in
services.prebuilt-zip
services.hledger-web
services.sicp-staging
services.rabbitmq
services.mongodb
i18n.input-method
virtualization.podman
users.yinfeng
Expand Down
5 changes: 5 additions & 0 deletions nixos/modules/misc/ports.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,10 @@
jellyfin-https = 3341;
iperf = 3350;
typhon = 3360;
rabbitmq = 3370;
rabbitmq-management = 3371;
sicp-staging = 3390;
sicp-staging-redis = 3391;

ipsec-nat-traversal = 4500;
babel = 6696;
Expand All @@ -99,6 +103,7 @@
minecraft = 25565;
minecraft-rcon = 25566;
minecraft-map = 25567;
mongodb = 27017; # currently change is not supported in nixpkgs module
teamspeak-voice = 9987;
teamspeak-file-transfer = 30033;
teamspeak-query = 10011;
Expand Down
22 changes: 22 additions & 0 deletions nixos/profiles/services/mongodb/default.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{ config, ... }:
{
services.mongodb = {
enable = true;
enableAuth = true;
extraConfig = ''
net.port: ${toString config.ports.mongodb}
'';
initialRootPassword = "temporary"; # will be replaced in initialScript
initialScript = config.sops.templates."mongodb-init.js".path;
};
sops.templates."mongodb-init.js" = {
content = ''
db.changeUserPassword("root", "${config.sops.placeholder."mongodb_admin_password"}")
'';
owner = config.services.mongodb.user;
};
sops.secrets."mongodb_admin_password" = {
terraformOutput.enable = true;
restartUnits = [ ]; # needs manual rotation
};
}
12 changes: 12 additions & 0 deletions nixos/profiles/services/rabbitmq/default.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
{ config, ... }:
{
services.rabbitmq = {
enable = true;
listenAddress = "127.0.0.1";
port = config.ports.rabbitmq;
managementPlugin = {
enable = true;
port = config.ports.rabbitmq-management;
};
};
}
Loading

0 comments on commit badc003

Please sign in to comment.