uku/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(etna): move some stuff in default.nix

Browse source
This commit is contained in:
uku 2024-05-19 10:34:48 +02:00
parent 3df6633d33
commit 9a254038ba
Signed by: uku
SSH key fingerprint: SHA256:4P0aN6M8ajKukNi6aPOaX0LacanGYtlfjmN+m/sHY/o
4 changed files with 60 additions and 62 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
systems/etna/default.nix
View file

@ -38,6 +38,17 @@ in {
services = { services = {
openssh.openFirewall = true; openssh.openFirewall = true;
nginx.enable = true;
frp = {
enable = true;
role = "client";
settings = {
serverAddr = "49.13.148.129";
serverPort = 7000;
};
};
cloudflared = { cloudflared = {
enable = true; enable = true;
tunnels.${tunnelId} = { tunnels.${tunnelId} = {

42
systems/etna/dendrite.nix
View file

@ -59,31 +59,27 @@
]; ];
}; };
nginx = { nginx.virtualHosts."m.uku.moe".locations = let
enable = true; server = {"m.server" = "m.uku.moe:443";};
client = {"m.homeserver"."base_url" = "https://m.uku.moe";};
in {
"=/.well-known/matrix/server" = {
return = "200 '${builtins.toJSON server}'";
};
virtualHosts."m.uku.moe".locations = let "=/.well-known/matrix/client" = {
server = {"m.server" = "m.uku.moe:443";}; return = "200 '${builtins.toJSON client}'";
client = {"m.homeserver"."base_url" = "https://m.uku.moe";}; };
in {
"=/.well-known/matrix/server" = {
return = "200 '${builtins.toJSON server}'";
};
"=/.well-known/matrix/client" = { "/" = {
return = "200 '${builtins.toJSON client}'"; proxyPass = "http://localhost:8008";
}; proxyWebsockets = true;
extraConfig = ''
"/" = { proxy_set_header Host $host;
proxyPass = "http://localhost:8008"; proxy_set_header X-Real-IP $remote_addr;
proxyWebsockets = true; proxy_read_timeout 600;
extraConfig = '' client_max_body_size 100M;
proxy_set_header Host $host; '';
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 600;
client_max_body_size 100M;
'';
};
}; };
}; };
}; };

60
systems/etna/forgejo.nix
View file

@ -2,43 +2,43 @@ _: {
cfTunnels."git.uku3lig.net" = "http://localhost:3000"; cfTunnels."git.uku3lig.net" = "http://localhost:3000";
services.forgejo = { services.forgejo = {
enable = true; enable = true;
database = { database = {
type = "postgres"; type = "postgres";
createDatabase = true; createDatabase = true;
};
settings = {
DEFAULT.APP_NAME = "uku's forge";
server = {
DISABLE_SSH = true;
ROOT_URL = "https://git.uku3lig.net";
}; };
settings = { service = {
DEFAULT.APP_NAME = "uku's forge"; ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
# TODO enable turnstile once it gets fixed
# see codeberg:forgejo/forgejo#3832
ENABLE_CAPTCHA = true;
};
server = { oauth2 = {
DISABLE_SSH = true; # providers are configured in the admin panel
ROOT_URL = "https://git.uku3lig.net"; ENABLED = true;
}; };
service = { actions.ENABLED = false;
ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
# TODO enable turnstile once it gets fixed
# see codeberg:forgejo/forgejo#3832
ENABLE_CAPTCHA = true;
};
oauth2 = { "ui.meta" = {
# providers are configured in the admin panel AUTHOR = "uku's forge";
ENABLED = true; DESCRIPTION = "the place where literally nothing gets done";
}; };
actions.ENABLED = false; "repository.signing" = {
DEFAULT_TRUST_MODEL = "committer";
"ui.meta" = {
AUTHOR = "uku's forge";
DESCRIPTION = "the place where literally nothing gets done";
};
"repository.signing" = {
DEFAULT_TRUST_MODEL = "committer";
};
}; };
}; };
};
} }

9
systems/etna/minecraft.nix
View file

@ -63,15 +63,6 @@ in
lib.recursiveUpdate { lib.recursiveUpdate {
age.secrets = mkSecret "minecraftEnv" {}; age.secrets = mkSecret "minecraftEnv" {};
services.frp = {
enable = true;
role = "client";
settings = {
serverAddr = "49.13.148.129";
serverPort = 7000;
};
};
virtualisation.oci-containers.backend = "docker"; virtualisation.oci-containers.backend = "docker";
systemd.services.restart-minecraft-servers = { systemd.services.restart-minecraft-servers = {