Compare commits
No commits in common. "c56de6cf7e849b0b9ad5d6fe69f24e3389ecac09" and "bec05bafb1ac8b6daa2dcdc7de0ca24e038c6d4d" have entirely different histories.
c56de6cf7e
...
bec05bafb1
|
@ -8,7 +8,6 @@
|
||||||
"${modulesPath}/profiles/headless.nix"
|
"${modulesPath}/profiles/headless.nix"
|
||||||
(import ../modules)
|
(import ../modules)
|
||||||
|
|
||||||
./services/conduit.nix
|
|
||||||
./services/gitea.nix
|
./services/gitea.nix
|
||||||
./services/nextcloud.nix
|
./services/nextcloud.nix
|
||||||
./services/webserver.nix
|
./services/webserver.nix
|
||||||
|
@ -50,17 +49,7 @@
|
||||||
useDHCP = false;
|
useDHCP = false;
|
||||||
interfaces.eth0.useDHCP = true;
|
interfaces.eth0.useDHCP = true;
|
||||||
|
|
||||||
firewall.allowedTCPPorts = [
|
firewall.allowedTCPPorts = [80 443 2222 21025];
|
||||||
# http
|
|
||||||
80
|
|
||||||
443
|
|
||||||
# ssh
|
|
||||||
2222
|
|
||||||
# matrix
|
|
||||||
8448
|
|
||||||
# starbound
|
|
||||||
21025
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
time.timeZone = "Europe/London";
|
time.timeZone = "Europe/London";
|
||||||
|
|
|
@ -1,53 +0,0 @@
|
||||||
{config, ...}: let
|
|
||||||
cfg = config.services.matrix-conduit;
|
|
||||||
domain = "matrix.${config.services.nginx.domain}";
|
|
||||||
in {
|
|
||||||
services.matrix-conduit = {
|
|
||||||
enable = true;
|
|
||||||
settings.global = {
|
|
||||||
address = "127.0.0.1";
|
|
||||||
server_name = domain;
|
|
||||||
database_backend = "rocksdb";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.nginx.virtualHosts."${domain}" = {
|
|
||||||
enableACME = true;
|
|
||||||
|
|
||||||
listen = [
|
|
||||||
{
|
|
||||||
addr = "0.0.0.0";
|
|
||||||
port = 443;
|
|
||||||
ssl = true;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
addr = "[::0]";
|
|
||||||
port = 443;
|
|
||||||
ssl = true;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
addr = "0.0.0.0";
|
|
||||||
port = 8448;
|
|
||||||
ssl = true;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
addr = "[::0]";
|
|
||||||
port = 8488;
|
|
||||||
ssl = true;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
addSSL = true;
|
|
||||||
extraConfig = ''
|
|
||||||
merge_slashes off;
|
|
||||||
'';
|
|
||||||
|
|
||||||
locations."/_matrix" = {
|
|
||||||
proxyPass = "http://${cfg.settings.global.address}:${toString cfg.settings.global.port}";
|
|
||||||
# Recommended by conduit
|
|
||||||
extraConfig = ''
|
|
||||||
proxy_buffering off;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
17
flake.lock
17
flake.lock
|
@ -289,22 +289,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1666424192,
|
|
||||||
"narHash": "sha256-rb/a7Kg9s31jqkvdOQHFrUc5ig5kB+O2ZKB8mjU2kW8=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "4f8287f3d597c73b0d706cfad028c2d51821f64d",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "NixOS",
|
|
||||||
"ref": "nixpkgs-unstable",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1665466769,
|
"lastModified": 1665466769,
|
||||||
|
@ -406,7 +390,6 @@
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"deploy-rs": "deploy-rs",
|
"deploy-rs": "deploy-rs",
|
||||||
"nixpkgs": "nixpkgs_2",
|
"nixpkgs": "nixpkgs_2",
|
||||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
|
||||||
"nvfetcher": "nvfetcher",
|
"nvfetcher": "nvfetcher",
|
||||||
"sops-nix": "sops-nix",
|
"sops-nix": "sops-nix",
|
||||||
"tlaternet-webserver": "tlaternet-webserver"
|
"tlaternet-webserver": "tlaternet-webserver"
|
||||||
|
|
32
flake.nix
32
flake.nix
|
@ -3,7 +3,6 @@
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-22.05";
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-22.05";
|
||||||
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
|
||||||
deploy-rs.url = "github:serokell/deploy-rs";
|
deploy-rs.url = "github:serokell/deploy-rs";
|
||||||
sops-nix = {
|
sops-nix = {
|
||||||
url = "github:Mic92/sops-nix";
|
url = "github:Mic92/sops-nix";
|
||||||
|
@ -22,7 +21,6 @@
|
||||||
outputs = {
|
outputs = {
|
||||||
self,
|
self,
|
||||||
nixpkgs,
|
nixpkgs,
|
||||||
nixpkgs-unstable,
|
|
||||||
sops-nix,
|
sops-nix,
|
||||||
nvfetcher,
|
nvfetcher,
|
||||||
deploy-rs,
|
deploy-rs,
|
||||||
|
@ -68,7 +66,7 @@
|
||||||
# Helper functions #
|
# Helper functions #
|
||||||
####################
|
####################
|
||||||
lib = import ./lib {
|
lib = import ./lib {
|
||||||
inherit nixpkgs nixpkgs-unstable sops-nix tlaternet-webserver;
|
inherit nixpkgs sops-nix tlaternet-webserver;
|
||||||
lib = nixpkgs.lib;
|
lib = nixpkgs.lib;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -88,7 +86,6 @@
|
||||||
"2222" = "2222";
|
"2222" = "2222";
|
||||||
"3080" = "80";
|
"3080" = "80";
|
||||||
"3443" = "443";
|
"3443" = "443";
|
||||||
"8448" = "8448"; # Matrix
|
|
||||||
"21025" = "21025"; # Starbound
|
"21025" = "21025"; # Starbound
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
|
@ -114,16 +111,23 @@
|
||||||
###########################
|
###########################
|
||||||
# Development environment #
|
# Development environment #
|
||||||
###########################
|
###########################
|
||||||
devShells.${system}.default = nixpkgs.legacyPackages.${system}.mkShell {
|
devShells.${system}.default = let
|
||||||
sopsPGPKeyDirs = ["./keys/hosts/" "./keys/users/"];
|
inherit (sops-nix.packages.${system}) sops-import-keys-hook sops-init-gpg-key;
|
||||||
nativeBuildInputs = [
|
deploy-rs-bin = deploy-rs.packages.${system}.default;
|
||||||
sops-nix.packages.${system}.sops-import-keys-hook
|
pkgs = nixpkgs.legacyPackages.${system};
|
||||||
];
|
in
|
||||||
|
nixpkgs.legacyPackages.${system}.mkShell {
|
||||||
|
sopsPGPKeyDirs = ["./keys/hosts/" "./keys/users/"];
|
||||||
|
nativeBuildInputs = [
|
||||||
|
sops-import-keys-hook
|
||||||
|
];
|
||||||
|
|
||||||
packages = [
|
packages = with pkgs; [
|
||||||
sops-nix.packages.${system}.sops-init-gpg-key
|
nixfmt
|
||||||
deploy-rs.packages.${system}.default
|
git-lfs
|
||||||
];
|
sops-init-gpg-key
|
||||||
};
|
deploy-rs-bin
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{
|
{
|
||||||
lib,
|
lib,
|
||||||
nixpkgs,
|
nixpkgs,
|
||||||
nixpkgs-unstable,
|
|
||||||
sops-nix,
|
sops-nix,
|
||||||
tlaternet-webserver,
|
tlaternet-webserver,
|
||||||
}: let
|
}: let
|
||||||
|
@ -25,13 +24,6 @@ in {
|
||||||
sops-nix.nixosModules.sops
|
sops-nix.nixosModules.sops
|
||||||
tlaternet-webserver.nixosModules.default
|
tlaternet-webserver.nixosModules.default
|
||||||
(import ../configuration)
|
(import ../configuration)
|
||||||
{
|
|
||||||
nixpkgs.overlays = [
|
|
||||||
(self: super: {
|
|
||||||
matrix-conduit = nixpkgs-unstable.legacyPackages.${system}.matrix-conduit;
|
|
||||||
})
|
|
||||||
];
|
|
||||||
}
|
|
||||||
]
|
]
|
||||||
++ extraModules;
|
++ extraModules;
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue