Yisroel Baum
d195c6b37c
Imports the tide nixos module from the TIDE flake and configures it for tide.yisroelbaum.com (frontend) and apitide.yisroelbaum.com (backend), reusing the existing wildcard ACME cert. Secrets are pulled from sops-encrypted secrets/tide.yaml; replace the placeholder with real encrypted content before deploy.
20 lines
603 B
Text
20 lines
603 B
Text
# Encrypt this with sops to produce ./tide.yaml:
|
|
#
|
|
# sops --encrypt --age $(cat ~/.config/sops/age/keys.txt | grep public | cut -d: -f2 | tr -d ' ') \
|
|
# secrets/tide.yaml.example > secrets/tide.yaml
|
|
#
|
|
# Or set up .sops.yaml with the host's age public key and run
|
|
# `sops secrets/tide.yaml`.
|
|
#
|
|
# Generate APP_KEY with:
|
|
# php -r "echo 'base64:'.base64_encode(random_bytes(32)).PHP_EOL;"
|
|
|
|
tide-env: |
|
|
APP_KEY=base64:REPLACE_ME
|
|
DB_PASSWORD=REPLACE_ME
|
|
MAIL_HOST=127.0.0.1
|
|
MAIL_PORT=1025
|
|
MAIL_USERNAME=
|
|
MAIL_PASSWORD=
|
|
MAIL_FROM_ADDRESS=noreply@tide.yisroelbaum.com
|
|
MAIL_FROM_NAME=TIDE
|