xyno/nix-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nosrebuild logging

Browse source
This commit is contained in:
Lucy Hochkamp 2024-01-04 15:36:28 +01:00
parent 1aa80a380b
commit 9c1343bfbd
No known key found for this signature in database
4 changed files with 40 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

4
hm-imports/vscode/default.nix
View file

@ -11,7 +11,7 @@ in
home.packages = with pkgs; [ home.packages = with pkgs; [
nixd nixd
nixpkgs-fmt nixpkgs-fmt
# (unstable.quarto.overrideAttrs (curr: { meta.platforms = [ pkgs.system ]; })) (unstable.quarto.overrideAttrs (curr: { meta.platforms = [ pkgs.system ]; }))
]; ];
programs.vscode = { programs.vscode = {
enable = true; enable = true;
@ -32,7 +32,7 @@ in
marketplace.james-yu.latex-workshop # latex, also provides pdf preview marketplace.james-yu.latex-workshop # latex, also provides pdf preview
yzhang.markdown-all-in-one # markdown yzhang.markdown-all-in-one # markdown
marketplace.davidanson.vscode-markdownlint marketplace.davidanson.vscode-markdownlint
# marketplace.quarto.quarto marketplace.quarto.quarto
# marketplace.pokey.cursorless # too much xe exposure # marketplace.pokey.cursorless # too much xe exposure
#marketplace.valentjn.vscode-ltex # languagetool #marketplace.valentjn.vscode-ltex # languagetool
valentjn.vscode-ltex valentjn.vscode-ltex

43
hosts/picard/default.nix
View file

@ -44,16 +44,20 @@
services.postgresql.package = pkgs.postgresql_13; services.postgresql.package = pkgs.postgresql_13;
systemd.services.caddy.serviceConfig.EnvironmentFile = config.age.secrets.desec.path; systemd.services.caddy.serviceConfig.EnvironmentFile = config.age.secrets.desec.path;
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.caddy = { services.caddy = {
logFormat = "level INFO";
enable = true; enable = true;
package = (pkgs.callPackage ./custom-caddy.nix { package = (pkgs.callPackage ./custom-caddy.nix {
externalPlugins = [ externalPlugins = [
{ name = "dns-desec"; repo = "github.com/caddy-dns/desec"; version = "e1e64971fe34c29ce3f4176464adb84d6890aa50"; } { name = "desec"; repo = "github.com/caddy-dns/desec"; version = "e1e64971fe34c29ce3f4176464adb84d6890aa50"; }
]; ];
vendorHash = lib.fakeSha256; vendorHash = "sha256-WWMR4ZpUcDmIv355LBuN5TqVfiCc0+Byxw8LnYei4fs=";
}); });
globalConfig = '' globalConfig = ''
acme_dns desec {$TOKEN} acme_dns desec {
token "{$TOKEN}"
}
''; '';
virtualHosts."*.ragon.xyz".extraConfig = '' virtualHosts."*.ragon.xyz".extraConfig = ''
@8081 host 8081.ragon.xyz @8081 host 8081.ragon.xyz
@ -67,9 +71,9 @@
@files host files.ragon.xyz @files host files.ragon.xyz
handle @files { handle @files {
encode zstd gzip encode zstd gzip
root /srv/www root * /srv/www
file_server browse file_server browse
basicauth /* { basicauth * {
{$BAUSER} {$BAPASSWD} {$BAUSER} {$BAPASSWD}
} }
} }
@ -95,20 +99,20 @@
'' ''
encode zstd gzip encode zstd gzip
handle /.well-known/matrix/server { handle /.well-known/matrix/server {
header Content-Type "application/json" header Content-Type application/json
respond "${builtins.toJSON wkServer}" respond `${builtins.toJSON wkServer}` 200
} }
handle /.well-known/matrix/client { handle /.well-known/matrix/client {
header Content-Type "application/json" header Content-Type application/json
header Access-Control-Allow-Origin "*" header Access-Control-Allow-Origin "*"
respond "${builtins.toJSON wkClient}" respond `${builtins.toJSON wkClient}` 200
} }
handle /gyakapyukawfyuokfgwtyutf.js { handle /gyakapyukawfyuokfgwtyutf.js {
rewrite * /js/plausible.outbound-links.js rewrite * /js/plausible.outbound-links.js
reverse_proxy http://[::1]:${toString config.services.plausible.server.port} reverse_proxy http://127.0.0.1:${toString config.services.plausible.server.port}
} }
handle /api/event { handle /api/event {
reverse_proxy http://[::1]:${toString config.services.plausible.server.port} reverse_proxy http://127.0.0.1:${toString config.services.plausible.server.port}
} }
reverse_proxy http://[::1]${config.services.xynoblog.listen} reverse_proxy http://[::1]${config.services.xynoblog.listen}
@ -116,11 +120,20 @@
virtualHosts."*.xyno.space".extraConfig = '' virtualHosts."*.xyno.space".extraConfig = ''
@stats host stats.xyno.space @stats host stats.xyno.space
handle @stats { handle @stats {
reverse_proxy http://[::1]${toString config.services.plausible.server.port} reverse_proxy http://127.0.0.1:${toString config.services.plausible.server.port}
} }
@matrix host matrix.xyno.space @matrix host matrix.xyno.space
handle @matrix { handle @matrix {
handle /_matrix/* /notifications /_synapse/client/* /health { handle /_matrix/* {
reverse_proxy http://192.168.100.11:8008
}
handle /notifications {
reverse_proxy http://192.168.100.11:8008
}
handle /_synapse/client/* {
reverse_proxy http://192.168.100.11:8008
}
handle /health {
reverse_proxy http://192.168.100.11:8008 reverse_proxy http://192.168.100.11:8008
} }
} }
@ -131,7 +144,7 @@
virtualHosts."*.xyno.systems".extraConfig = '' virtualHosts."*.xyno.systems".extraConfig = ''
@md host md.xyno.systems @md host md.xyno.systems
handle @md { handle @md {
reverse_proxy http://[::1]${toString config.services.hedgedoc.settings.port} reverse_proxy http://[::1]:${toString config.services.hedgedoc.settings.port}
} }
@sso host sso.xyno.systems @sso host sso.xyno.systems
handle @sso { handle @sso {
@ -202,7 +215,7 @@
cli.enable = true; cli.enable = true;
user.enable = true; user.enable = true;
persist.enable = true; persist.enable = true;
persist.extraDirectories = [ "/srv/www" config.services.caddy.dataDir "/var/lib/syncthing" "/var/lib/${config.services.xynoblog.stateDirectory}" ]; persist.extraDirectories = [ "/srv/www" config.services.caddy.dataDir "/var/lib/syncthing" "/var/lib/${config.services.xynoblog.stateDirectory}" "/var/lib/postgresql" ];
services = { services = {
ssh.enable = true; ssh.enable = true;

8
hosts/picard/xynospace-matrix.nix
View file

@ -7,6 +7,14 @@ let
stateVer = config.system.stateVersion; stateVer = config.system.stateVersion;
in in
{ {
users.users.matrix-synapse = {
group = "matrix-synapse";
shell = "${pkgs.bash}/bin/bash";
uid = config.ids.uids.matrix-synapse;
};
users.groups.matrix-synapse = {
gid = config.ids.gids.matrix-synapse;
};
ragon.agenix.secrets."matrixSecrets" = { owner = "matrix-synapse"; }; ragon.agenix.secrets."matrixSecrets" = { owner = "matrix-synapse"; };
services.postgresql.enable = true; services.postgresql.enable = true;
services.postgresql.initialScript = lib.mkForce (pkgs.writeText "synapse-init.sql" '' services.postgresql.initialScript = lib.mkForce (pkgs.writeText "synapse-init.sql" ''

7
packages/scripts/nosrebuild
View file

@ -5,10 +5,7 @@ set -euo pipefail
REV=$(curl https://api.github.com/repos/thexyno/nixos-config/branches/main | jq -r .commit.sha) REV=$(curl https://api.github.com/repos/thexyno/nixos-config/branches/main | jq -r .commit.sha)
if [[ $(uname) == "Linux" ]]; then if [[ $(uname) == "Linux" ]]; then
sudo nixos-rebuild switch --flake "github:thexyno/nixos-config?rev=$REV" sudo nixos-rebuild switch --flake "github:thexyno/nixos-config?rev=$REV" -L
else # Darwin else # Darwin
PRIVATEREV=$(git ls-remote ssh://git@github.com/thexyno/nixos-config-private.git HEAD | awk '{print($1)}') darwin-rebuild switch --flake "github:thexyno/nixos-config?rev=$REV" -L
darwin-rebuild switch \
--flake "github:thexyno/nixos-config?rev=$REV" \
--override-input private "git+ssh://git@github.com/thexyno/nixos-config-private?rev=$PRIVATEREV"
fi fi