From a1bfa0120cc65560ec9b7d1f3e81afc4177dcdbe Mon Sep 17 00:00:00 2001 From: kalipso Date: Sun, 22 Feb 2026 21:47:34 +0100 Subject: [PATCH 1/8] [pretalx] init --- machines/fanny/configuration.nix | 9 ++++ machines/hosts.nix | 5 ++ machines/pretalx/configuration.nix | 74 ++++++++++++++++++++++++++++++ 3 files changed, 88 insertions(+) create mode 100644 machines/pretalx/configuration.nix diff --git a/machines/fanny/configuration.nix b/machines/fanny/configuration.nix index 1d494c8..276aae7 100644 --- a/machines/fanny/configuration.nix +++ b/machines/fanny/configuration.nix @@ -229,6 +229,15 @@ in }; }; + virtualHosts."talks.malobeo.org" = { + locations."/" = { + proxyPass = "http://${hosts.malobeo.hosts.pretalx.network.address}"; + extraConfig = '' + proxy_set_header Host $host; + ''; + }; + }; + virtualHosts."tasklist.malobeo.org" = { locations."/" = { proxyPass = "http://${hosts.malobeo.hosts.durruti.network.address}:8080"; diff --git a/machines/hosts.nix b/machines/hosts.nix index f04d03d..e194ed1 100644 --- a/machines/hosts.nix +++ b/machines/hosts.nix @@ -103,6 +103,11 @@ in type = "microvm"; network = createMaloNet "17" "52:DA:0D:F9:EF:F3"; }; + + pretalx = { + type = "microvm"; + network = createMaloNet "18" "52:DA:0D:F9:EF:F4"; + }; }; }; } diff --git a/machines/pretalx/configuration.nix b/machines/pretalx/configuration.nix new file mode 100644 index 0000000..7387523 --- /dev/null +++ b/machines/pretalx/configuration.nix @@ -0,0 +1,74 @@ +{ config, self, lib, pkgs, ... }: + +with lib; + +let + hosts = import ../hosts.nix {}; +in +{ + networking = { + hostName = mkDefault "pretalx"; + useDHCP = false; + }; + + imports = [ + self.nixosModules.malobeo.metrics + ../modules/malobeo_user.nix + ../modules/sshd.nix + ../modules/minimal_tools.nix + ../modules/autoupdate.nix + ]; + + malobeo.metrics = { + enable = true; + enablePromtail = true; + logNginx = true; + }; + + services.postgresqlBackup = { + enable = true; + }; + + services.nginx = { + enable = true; + commonHttpConfig = /* nginx */ '' + proxy_headers_hash_bucket_size 64; + ''; + virtualHosts = { + "talks.malobeo.org" = { + forceSSL = false; + enableACME = false; + }; + }; + }; + + + services.pretalx = { + enable = true; + celery.extraArgs = [ + "--concurrency=${toString config.microvm.vcpu}" + ]; + gunicorn.extraArgs = [ + # https://docs.pretalx.org/administrator/installation/#step-6-starting-pretalx-as-a-service + "--log-level=info" + "--max-requests-jitter=50" + "--max-requests=1200" + "--workers=${toString config.microvm.vcpu}" + + # TODO: 25.11 upstream + "--name=pretalx" + "--preload" + ]; + nginx.domain = "talks.malobeo.org"; + settings = { + locale = { + language_code = "de"; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ 80 443 ]; + + system.stateVersion = "22.11"; # Did you read the comment? +} + From bbf8decea167c7afb480a9c1d90203b2d7453b59 Mon Sep 17 00:00:00 2001 From: kalipso Date: Sun, 22 Feb 2026 21:52:50 +0100 Subject: [PATCH 2/8] [pretalx] add monitoring --- machines/overwatch/configuration.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/machines/overwatch/configuration.nix b/machines/overwatch/configuration.nix index 8fd70fd..72fbbf3 100644 --- a/machines/overwatch/configuration.nix +++ b/machines/overwatch/configuration.nix @@ -144,6 +144,12 @@ in targets = [ "${hosts.malobeo.hosts.zineshop.network.address}:9002" ]; }]; } + { + job_name = "pretalx"; + static_configs = [{ + targets = [ "${hosts.malobeo.hosts.pretalx.network.address}:9002" ]; + }]; + } { job_name = "fanny"; static_configs = [{ From 56c1ae5332858f87d0f1bb34b8792dfc43bb0d1f Mon Sep 17 00:00:00 2001 From: kalipso Date: Sun, 22 Feb 2026 21:53:05 +0100 Subject: [PATCH 3/8] [vaultwarden] add monitoring --- machines/overwatch/configuration.nix | 6 ++++++ machines/vaultwarden/configuration.nix | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/machines/overwatch/configuration.nix b/machines/overwatch/configuration.nix index 72fbbf3..06cac14 100644 --- a/machines/overwatch/configuration.nix +++ b/machines/overwatch/configuration.nix @@ -144,6 +144,12 @@ in targets = [ "${hosts.malobeo.hosts.zineshop.network.address}:9002" ]; }]; } + { + job_name = "vaultwarden"; + static_configs = [{ + targets = [ "${hosts.malobeo.hosts.vaultwarden.network.address}:9002" ]; + }]; + } { job_name = "pretalx"; static_configs = [{ diff --git a/machines/vaultwarden/configuration.nix b/machines/vaultwarden/configuration.nix index 8a43711..5e6461a 100644 --- a/machines/vaultwarden/configuration.nix +++ b/machines/vaultwarden/configuration.nix @@ -22,6 +22,12 @@ with lib; networking.firewall.allowedTCPPorts = [ 80 ]; + malobeo.metrics = { + enable = true; + enablePromtail = true; + logNginx = true; + }; + services.nginx = { enable = true; virtualHosts."keys.malobeo.org" = { From ff340d69fb03d6657050e787e84b28f0e6cef764 Mon Sep 17 00:00:00 2001 From: kalipso Date: Sun, 22 Feb 2026 21:55:44 +0100 Subject: [PATCH 4/8] [fanny] deploy pretalx --- machines/fanny/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/fanny/configuration.nix b/machines/fanny/configuration.nix index 276aae7..8e1c3ff 100644 --- a/machines/fanny/configuration.nix +++ b/machines/fanny/configuration.nix @@ -145,6 +145,7 @@ in "durruti" "zineshop" "vaultwarden" + "pretalx" ]; networking = { From e021f46b4d721b56009aba709515f2b85ff937bc Mon Sep 17 00:00:00 2001 From: kalipso Date: Sun, 22 Feb 2026 23:28:56 +0100 Subject: [PATCH 5/8] [vaultwarden] fix missing input --- machines/vaultwarden/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/vaultwarden/configuration.nix b/machines/vaultwarden/configuration.nix index 5e6461a..cc6a088 100644 --- a/machines/vaultwarden/configuration.nix +++ b/machines/vaultwarden/configuration.nix @@ -18,6 +18,7 @@ with lib; imports = [ ../modules/malobeo_user.nix ../modules/sshd.nix + inputs.self.nixosModules.malobeo.metrics ]; networking.firewall.allowedTCPPorts = [ 80 ]; From c3474f9c273206c4b0aaa09a2374e6cf83eaa973 Mon Sep 17 00:00:00 2001 From: kalipso Date: Sat, 7 Mar 2026 16:01:15 +0100 Subject: [PATCH 6/8] [pretalx] proxy through vpn --- machines/durruti/host_config.nix | 10 ++++++++++ machines/vpn/configuration.nix | 9 +++++++++ 2 files changed, 19 insertions(+) diff --git a/machines/durruti/host_config.nix b/machines/durruti/host_config.nix index bcef133..cd71b11 100644 --- a/machines/durruti/host_config.nix +++ b/machines/durruti/host_config.nix @@ -63,6 +63,16 @@ in }; }; + services.nginx.virtualHosts."talks.malobeo.org" = { + forceSSL = true; + enableACME= true; + locations."/" = { + proxyPass = "http://10.0.0.10"; + extraConfig = '' + ''; + }; + }; + services.nginx.virtualHosts."tasklist.malobeo.org" = { forceSSL = true; enableACME= true; diff --git a/machines/vpn/configuration.nix b/machines/vpn/configuration.nix index e2ebee3..21720a8 100644 --- a/machines/vpn/configuration.nix +++ b/machines/vpn/configuration.nix @@ -58,6 +58,15 @@ with lib; }; }; + virtualHosts."talks.malobeo.org" = { + locations."/" = { + proxyPass = "http://10.100.0.101"; + extraConfig = '' + proxy_set_header Host $host; + ''; + }; + }; + virtualHosts."tasklist.malobeo.org" = { locations."/" = { proxyPass = "http://10.100.0.101"; From e32e4d77741fa24bc898146adae2bc1806f9ffde Mon Sep 17 00:00:00 2001 From: kalipso Date: Sat, 7 Mar 2026 16:03:02 +0100 Subject: [PATCH 7/8] [pretalx] enable admin user --- machines/pretalx/configuration.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/machines/pretalx/configuration.nix b/machines/pretalx/configuration.nix index 7387523..ff903af 100644 --- a/machines/pretalx/configuration.nix +++ b/machines/pretalx/configuration.nix @@ -13,7 +13,7 @@ in imports = [ self.nixosModules.malobeo.metrics - ../modules/malobeo_user.nix + inputs.self.nixosModules.malobeo.users ../modules/sshd.nix ../modules/minimal_tools.nix ../modules/autoupdate.nix @@ -25,6 +25,11 @@ in logNginx = true; }; + malobeo.users = { + admin = true; + }; + + services.postgresqlBackup = { enable = true; }; From cd5db6a61619872fff89c9b289322d8c86ee9b52 Mon Sep 17 00:00:00 2001 From: kalipso Date: Sat, 7 Mar 2026 16:10:07 +0100 Subject: [PATCH 8/8] [pretalx] fix wrong import --- machines/pretalx/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/machines/pretalx/configuration.nix b/machines/pretalx/configuration.nix index ff903af..22114d0 100644 --- a/machines/pretalx/configuration.nix +++ b/machines/pretalx/configuration.nix @@ -13,7 +13,7 @@ in imports = [ self.nixosModules.malobeo.metrics - inputs.self.nixosModules.malobeo.users + self.nixosModules.malobeo.users ../modules/sshd.nix ../modules/minimal_tools.nix ../modules/autoupdate.nix