uku/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(etna): move some stuff in default.nix

Browse source
This commit is contained in:
uku 2024-05-19 10:34:48 +02:00
parent 3df6633d33
commit 9a254038ba
Signed by: uku
SSH key fingerprint: SHA256:4P0aN6M8ajKukNi6aPOaX0LacanGYtlfjmN+m/sHY/o
4 changed files with 60 additions and 62 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
systems/etna/default.nix
View file

@ -38,6 +38,17 @@ in {
services = {
openssh.openFirewall = true;
nginx.enable = true;
frp = {
enable = true;
role = "client";
settings = {
serverAddr = "49.13.148.129";
serverPort = 7000;
};
};
cloudflared = {
enable = true;
tunnels.${tunnelId} = {

42
systems/etna/dendrite.nix
View file

@ -59,31 +59,27 @@
];
};
nginx = {
enable = true;
nginx.virtualHosts."m.uku.moe".locations = let
server = {"m.server" = "m.uku.moe:443";};
client = {"m.homeserver"."base_url" = "https://m.uku.moe";};
in {
"=/.well-known/matrix/server" = {
return = "200 '${builtins.toJSON server}'";
};
virtualHosts."m.uku.moe".locations = let
server = {"m.server" = "m.uku.moe:443";};
client = {"m.homeserver"."base_url" = "https://m.uku.moe";};
in {
"=/.well-known/matrix/server" = {
return = "200 '${builtins.toJSON server}'";
};
"=/.well-known/matrix/client" = {
return = "200 '${builtins.toJSON client}'";
};
"=/.well-known/matrix/client" = {
return = "200 '${builtins.toJSON client}'";
};
"/" = {
proxyPass = "http://localhost:8008";
proxyWebsockets = true;
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 600;
client_max_body_size 100M;
'';
};
"/" = {
proxyPass = "http://localhost:8008";
proxyWebsockets = true;
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 600;
client_max_body_size 100M;
'';
};
};
};

60
systems/etna/forgejo.nix
View file

@ -2,43 +2,43 @@ _: {
cfTunnels."git.uku3lig.net" = "http://localhost:3000";
services.forgejo = {
enable = true;
enable = true;
database = {
type = "postgres";
createDatabase = true;
database = {
type = "postgres";
createDatabase = true;
};
settings = {
DEFAULT.APP_NAME = "uku's forge";
server = {
DISABLE_SSH = true;
ROOT_URL = "https://git.uku3lig.net";
};
settings = {
DEFAULT.APP_NAME = "uku's forge";
service = {
ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
# TODO enable turnstile once it gets fixed
# see codeberg:forgejo/forgejo#3832
ENABLE_CAPTCHA = true;
};
server = {
DISABLE_SSH = true;
ROOT_URL = "https://git.uku3lig.net";
};
oauth2 = {
# providers are configured in the admin panel
ENABLED = true;
};
service = {
ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
# TODO enable turnstile once it gets fixed
# see codeberg:forgejo/forgejo#3832
ENABLE_CAPTCHA = true;
};
actions.ENABLED = false;
oauth2 = {
# providers are configured in the admin panel
ENABLED = true;
};
"ui.meta" = {
AUTHOR = "uku's forge";
DESCRIPTION = "the place where literally nothing gets done";
};
actions.ENABLED = false;
"ui.meta" = {
AUTHOR = "uku's forge";
DESCRIPTION = "the place where literally nothing gets done";
};
"repository.signing" = {
DEFAULT_TRUST_MODEL = "committer";
};
"repository.signing" = {
DEFAULT_TRUST_MODEL = "committer";
};
};
};
}

9
systems/etna/minecraft.nix
View file

@ -63,15 +63,6 @@ in
lib.recursiveUpdate {
age.secrets = mkSecret "minecraftEnv" {};
services.frp = {
enable = true;
role = "client";
settings = {
serverAddr = "49.13.148.129";
serverPort = 7000;
};
};
virtualisation.oci-containers.backend = "docker";
systemd.services.restart-minecraft-servers = {