From 9d8d95a025e0c61a332867ba102b078f0fb6ade9 Mon Sep 17 00:00:00 2001
From: kalipso <kalipso@c3d2.de>
Date: Sun, 22 Feb 2026 21:47:34 +0100
Subject: [PATCH] [pretalx] init

---
 machines/fanny/configuration.nix   |  9 ++++
 machines/hosts.nix                 |  5 ++
 machines/pretalx/configuration.nix | 74 ++++++++++++++++++++++++++++++
 3 files changed, 88 insertions(+)
 create mode 100644 machines/pretalx/configuration.nix

diff --git a/machines/fanny/configuration.nix b/machines/fanny/configuration.nix
index 1d494c8..276aae7 100644
--- a/machines/fanny/configuration.nix
+++ b/machines/fanny/configuration.nix
@@ -229,6 +229,15 @@ in
       };
     };
 
+    virtualHosts."talks.malobeo.org" = {
+      locations."/" = {
+        proxyPass = "http://${hosts.malobeo.hosts.pretalx.network.address}";
+        extraConfig = ''
+          proxy_set_header Host $host;
+        '';
+      };
+    };
+
     virtualHosts."tasklist.malobeo.org" = {
       locations."/" = {
         proxyPass = "http://${hosts.malobeo.hosts.durruti.network.address}:8080";
diff --git a/machines/hosts.nix b/machines/hosts.nix
index f04d03d..e194ed1 100644
--- a/machines/hosts.nix
+++ b/machines/hosts.nix
@@ -103,6 +103,11 @@ in
         type = "microvm";
         network = createMaloNet "17" "52:DA:0D:F9:EF:F3";
       };
+
+      pretalx = {
+        type = "microvm";
+        network = createMaloNet "18" "52:DA:0D:F9:EF:F4";
+      };
     };
   };
 }
diff --git a/machines/pretalx/configuration.nix b/machines/pretalx/configuration.nix
new file mode 100644
index 0000000..7387523
--- /dev/null
+++ b/machines/pretalx/configuration.nix
@@ -0,0 +1,74 @@
+{ config, self, lib, pkgs,  ... }:
+
+with lib;
+
+let
+  hosts = import ../hosts.nix {};
+in
+{
+  networking = {
+    hostName = mkDefault "pretalx";
+    useDHCP = false;
+  };
+
+  imports = [
+    self.nixosModules.malobeo.metrics
+    ../modules/malobeo_user.nix
+    ../modules/sshd.nix
+    ../modules/minimal_tools.nix
+    ../modules/autoupdate.nix
+  ];
+
+  malobeo.metrics = {
+    enable = true;
+    enablePromtail = true;
+    logNginx = true;
+  };
+
+  services.postgresqlBackup = {
+    enable = true;
+  };
+
+  services.nginx = {
+    enable = true;
+    commonHttpConfig = /* nginx */ ''
+      proxy_headers_hash_bucket_size 64;
+    '';
+    virtualHosts = {
+      "talks.malobeo.org" = {
+        forceSSL = false;
+        enableACME = false;
+      };
+    };
+  };
+
+
+  services.pretalx = {
+    enable = true;
+    celery.extraArgs = [
+      "--concurrency=${toString config.microvm.vcpu}"
+    ];
+    gunicorn.extraArgs = [
+      # https://docs.pretalx.org/administrator/installation/#step-6-starting-pretalx-as-a-service
+      "--log-level=info"
+      "--max-requests-jitter=50"
+      "--max-requests=1200"
+      "--workers=${toString config.microvm.vcpu}"
+
+      # TODO: 25.11 upstream
+      "--name=pretalx"
+      "--preload"
+    ];
+    nginx.domain = "talks.malobeo.org";
+    settings = {
+      locale = {
+        language_code = "de";
+      };
+    };
+  };
+
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+
+  system.stateVersion = "22.11"; # Did you read the comment?
+}
+