diff --git a/configuration/default.nix b/configuration/default.nix index a12aceb..f6ff072 100644 --- a/configuration/default.nix +++ b/configuration/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, pkgs, ... }: { imports = [ @@ -54,20 +54,18 @@ recommendedGzipSettings = true; recommendedProxySettings = true; clientMaxBodySize = "10G"; - domain = "tlater.net"; virtualHosts = let host = port: extra: - lib.recursiveUpdate { + { forceSSL = true; enableACME = true; - locations."/" = { proxyPass = "http://127.0.0.1:${toString port}"; }; - } extra; - domain = config.services.nginx.domain; + locations."/" = { proxyPass = "http://localhost:${toString port}"; }; + } // extra; in { - "${domain}" = host 3002 { serverAliases = [ "www.${domain}" ]; }; - "gitea.${domain}" = host 3000 { }; - "nextcloud.${domain}" = host 3001 { }; + "tlater.net" = host 3002 { serverAliases = [ "www.tlater.net" ]; }; + "gitea.tlater.net" = host 3000 { }; + "nextcloud.tlater.net" = host 3001 { }; }; }; diff --git a/configuration/services/gitea.nix b/configuration/services/gitea.nix index 978760a..4ca6454 100644 --- a/configuration/services/gitea.nix +++ b/configuration/services/gitea.nix @@ -14,7 +14,6 @@ virtualisation.pods.gitea = { hostname = "gitea.tlater.net"; publish = [ "3000:3000" "2221:2221" ]; - network = "slirp4netns"; containers = { gitea = { @@ -27,6 +26,7 @@ DB_HOST = "gitea-postgres:5432"; DB_NAME = "gitea"; DB_USER = "gitea"; + DB_PASSWD = "/qNDDK9WCMuubfA7D8DFwfl9T+Gy2IMDvPhiNpcxZjY="; USER_UID = toString config.users.extraUsers.gitea.uid; USER_GID = toString config.users.extraGroups.gitea.gid; @@ -47,6 +47,7 @@ environment = { POSTGRES_DB = "gitea"; POSTGRES_USER = "gitea"; + POSTGRES_PASSWORD = "/qNDDK9WCMuubfA7D8DFwfl9T+Gy2IMDvPhiNpcxZjY="; }; volumes = [ "gitea-db-data:/var/lib/postgresql/data" ]; }; diff --git a/configuration/services/minecraft.nix b/configuration/services/minecraft.nix index 9b77c09..c3831aa 100644 --- a/configuration/services/minecraft.nix +++ b/configuration/services/minecraft.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, pkgs, ... }: let minecraft-server-args = [ @@ -52,7 +52,7 @@ let in { nixpkgs.config.allowUnfreePredicate = pkg: - builtins.elem (lib.getName pkg) [ "forge-server" ]; + builtins.elem (pkgs.lib.getName pkg) [ "forge-server" ]; virtualisation.oci-containers.containers.minecraft-voor-kia = let properties = ./configs/minecraft/voor-kia/server.properties; diff --git a/configuration/services/nextcloud.nix b/configuration/services/nextcloud.nix index 4b74ac7..ba1754b 100644 --- a/configuration/services/nextcloud.nix +++ b/configuration/services/nextcloud.nix @@ -4,7 +4,6 @@ virtualisation.pods.nextcloud = { hostname = "nextcloud.tlater.net"; publish = [ "3001:80" ]; - network = "slirp4netns"; containers = { nextcloud = { @@ -19,6 +18,7 @@ POSTGRES_DB = "nextcloud"; POSTGRES_USER = "nextcloud"; POSTGRES_HOST = "nextcloud-postgres"; + POSTGRES_PASSWORD = "rI7t7Nek1yGA9ucrRc7Uhy0jcjwPjnXa8me4o8tJON8="; OVERWRITEPROTOCOL = "https"; }; }; @@ -43,6 +43,7 @@ environment = { POSTGRES_DB = "nextcloud"; POSTGRES_USER = "nextcloud"; + POSTGRES_PASSWORD = "rI7t7Nek1yGA9ucrRc7Uhy0jcjwPjnXa8me4o8tJON8="; }; volumes = [ "nextcloud-db-data:/var/lib/postgresql/data" ]; }; diff --git a/configuration/services/webserver.nix b/configuration/services/webserver.nix index c1966a5..e1c396d 100644 --- a/configuration/services/webserver.nix +++ b/configuration/services/webserver.nix @@ -34,10 +34,6 @@ ports = [ "3002:3002" ]; volumes = [ "tlaternet-mail:/srv/mail" ]; - extraOptions = [ - "--hostname=tlater.net" - # Rocket 0.4 doesn't support SIGTERM anyway, so SIGKILL is the cleanest exit possible. - "--stop-signal=SIGKILL" - ]; + extraOptions = [ "--hostname=tlater.net" ]; }; } diff --git a/flake.nix b/flake.nix index 78a3cfb..a9baf34 100644 --- a/flake.nix +++ b/flake.nix @@ -68,16 +68,12 @@ (import ./modules) (import ./configuration) - ({ lib, ... }: { + ({ ... }: { users.users.tlater.password = "insecure"; # Disable graphical tty so -curses works boot.kernelParams = [ "nomodeset" ]; - # Sets the base domain for nginx to localhost so that we - # can easily test locally with the VM. - services.nginx.domain = lib.mkOverride 99 "localhost"; - # # Set up VM settings to match real VPS # virtualisation.memorySize = 3941; # virtualisation.cores = 2; diff --git a/modules/default.nix b/modules/default.nix index 1963d8e..4b9cea4 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,12 +1,5 @@ -{ lib, ... }: - -with lib; +{ ... }: { imports = [ ./virtualisation/pods.nix ./virtualisation/oci-containers.nix ]; - - options.services.nginx.domain = mkOption { - type = types.str; - description = "The base domain name to append to virtual domain names"; - }; }