diff options
Diffstat (limited to 'ops')
-rw-r--r-- | ops/machines/whitby/default.nix | 5 | ||||
-rw-r--r-- | ops/modules/teleirc.nix | 40 | ||||
-rw-r--r-- | ops/secrets/secrets.nix | 4 | ||||
-rw-r--r-- | ops/secrets/teleirc.age | bin | 0 -> 1006 bytes | |||
-rw-r--r-- | ops/users/default.nix | 5 |
5 files changed, 54 insertions, 0 deletions
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 6a8ee56abc..41391c8c0b 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -25,6 +25,7 @@ in (mod "restic.nix") (mod "smtprelay.nix") (mod "sourcegraph.nix") + (mod "teleirc.nix") (mod "tvl-buildkite.nix") (mod "tvl-slapd/default.nix") (mod "tvl-users.nix") @@ -232,6 +233,7 @@ in owothia.file = secretFile "owothia"; panettone.file = secretFile "panettone"; smtprelay.file = secretFile "smtprelay"; + teleirc.file = secretFile "teleirc"; buildkite-agent-token = { file = secretFile "buildkite-agent-token"; @@ -410,6 +412,9 @@ in }; }; + # Run the Telegram<>IRC bridge for Volga Sprint. + teleirc.enable = true; + # Run atward, the search engine redirection thing. atward.enable = true; diff --git a/ops/modules/teleirc.nix b/ops/modules/teleirc.nix new file mode 100644 index 0000000000..9f9ac059ce --- /dev/null +++ b/ops/modules/teleirc.nix @@ -0,0 +1,40 @@ +# Run the Telegram<>IRC sync bot for the Volga Sprint channel. +# +# This module is written in a pretty ad-hoc style, as it is sort of a +# throwaway thing (will be removed again after the event). +{ depot, config, lib, pkgs, ... }: + +let + cfg = config.services.depot.owothia; + description = "IRC<>Telegram sync for Volga Sprint channel"; + configFile = builtins.toFile "teleirc.env" '' + # connect through tvlbot's ZNC bouncer + IRC_SERVER="localhost" + IRC_PORT=2627 + IRC_USE_SSL=false + IRC_CHANNEL="#volgasprint" + IRC_BLACKLIST="tvlbot" + IRC_BOT_NAME="tvlbot" + IRC_BOT_REALNAME="TVL bot for Volga Sprint" + IRC_BOT_IDENT="tvlbot" + IRC_SEND_STICKER_EMOJI=false # look into this + TELEGRAM_CHAT_ID=-1002153072030 + ''; +in +{ + options.services.depot.teleirc.enable = lib.mkEnableOption description; + + config = lib.mkIf cfg.enable { + systemd.services.teleirc = { + inherit description; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + DynamicUser = true; + Restart = "always"; + EnvironmentFile = "/run/agenix/teleirc"; + ExecStart = "${depot.third_party.teleirc}/bin/teleirc -conf ${configFile}"; + }; + }; + }; +} diff --git a/ops/secrets/secrets.nix b/ops/secrets/secrets.nix index 5cbf2bf612..660fe5a79c 100644 --- a/ops/secrets/secrets.nix +++ b/ops/secrets/secrets.nix @@ -9,6 +9,9 @@ let # zamalek "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBRXeb8EuecLHP0bW4zuebXp4KRnXgJTZfeVWXQ1n1R" + + # khamovnik + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1ptE5HvGSXxSXo+aHBTKa5PBlAM1HqmpzWz0yAhHLj" ]; aspen = [ @@ -47,6 +50,7 @@ in "owothia.age" = whitbyDefault; "panettone.age" = whitbyDefault; "smtprelay.age" = whitbyDefault; + "teleirc.age" = whitbyDefault; "tf-buildkite.age" = terraform; "tf-glesys.age" = terraform; "tf-keycloak.age" = terraform; diff --git a/ops/secrets/teleirc.age b/ops/secrets/teleirc.age new file mode 100644 index 0000000000..ebc88fc9ef --- /dev/null +++ b/ops/secrets/teleirc.age Binary files differdiff --git a/ops/users/default.nix b/ops/users/default.nix index a50575f3fb..f9d277ab2c 100644 --- a/ops/users/default.nix +++ b/ops/users/default.nix @@ -22,6 +22,11 @@ password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$5NEYPJ19nDITK5sGr4bzhQ$Xzpzth6y4w+HGvioHiYgzqFiwMDx0B7HAh+PVbkRuuk"; } { + username = "chickadee"; + email = "matthewktromp@gmail.com"; + password = "{ARGON2}$argon2id$v=19$m=19456,t=2,p=1$HoZjVdJ90JmTEJf1MMLuDg$5Pa8kpJdFVsIxgoOTDsH0gv6CLumSIkMqYEn5UVfjwU"; + } + { username = "cschilling"; email = "christian.schilling.de@gmail.com"; password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$9VN3IS6ViW5FFbVKWOZI6Q$gZxuYAYk0Opq4E5i8cbcNjfznCQNc+RiP7Xv1CUnrQU"; |