diff --git a/flake.lock b/flake.lock index c01927a..28914fe 100644 --- a/flake.lock +++ b/flake.lock @@ -27,7 +27,7 @@ "inputs": { "crane": "crane_2", "flake-compat": "flake-compat", - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "nixpkgs": "nixpkgs", "nixpkgs-stable": "nixpkgs-stable" }, @@ -96,14 +96,15 @@ "nixpkgs" ], "parts": "parts_3", + "sbt-derivation": "sbt-derivation", "systems": "systems_2" }, "locked": { - "lastModified": 1723714328, - "narHash": "sha256-Cjvm/k3uV4L7D/zxXY+LkhWX7yu0fvVcr3YqcMozqfs=", + "lastModified": 1724420821, + "narHash": "sha256-luP6c8jJNrBEbQPt/AIQ4czHm7R6fOMPc0GIL+VmQwc=", "ref": "refs/heads/svelte", - "rev": "cdaf8214edafcabce321e6b0b2854cbd42cee0eb", - "revCount": 91, + "rev": "95b08631ff1b98a69f4ad7b07b686cb9a2e81151", + "revCount": 100, "type": "git", "url": "https://git.gaze.systems/dusk/website.git" }, @@ -118,7 +119,7 @@ "crane": "crane_3", "fenix": "fenix", "flake-compat": "flake-compat_2", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "nix-filter": "nix-filter", "nixpkgs": [ "nixpkgs" @@ -283,7 +284,7 @@ }, "devshell": { "inputs": { - "flake-utils": "flake-utils_7", + "flake-utils": "flake-utils_8", "nixpkgs": [ "nixtopo", "nixpkgs" @@ -585,7 +586,40 @@ "type": "github" } }, + "flake-utils_10": { + "inputs": { + "systems": "systems_11" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "flake-utils_2": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { "inputs": { "systems": "systems_3" }, @@ -603,7 +637,7 @@ "type": "github" } }, - "flake-utils_3": { + "flake-utils_4": { "inputs": { "systems": "systems_4" }, @@ -621,7 +655,7 @@ "type": "github" } }, - "flake-utils_4": { + "flake-utils_5": { "inputs": { "systems": "systems_5" }, @@ -639,7 +673,7 @@ "type": "github" } }, - "flake-utils_5": { + "flake-utils_6": { "inputs": { "systems": "systems_6" }, @@ -657,7 +691,7 @@ "type": "github" } }, - "flake-utils_6": { + "flake-utils_7": { "inputs": { "systems": "systems_8" }, @@ -675,7 +709,7 @@ "type": "github" } }, - "flake-utils_7": { + "flake-utils_8": { "inputs": { "systems": "systems_9" }, @@ -693,27 +727,9 @@ "type": "github" } }, - "flake-utils_8": { - "inputs": { - "systems": "systems_10" - }, - "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "flake-utils_9": { "inputs": { - "systems": "systems_11" + "systems": "systems_10" }, "locked": { "lastModified": 1710146030, @@ -754,7 +770,7 @@ "helix": { "inputs": { "crane": "crane_4", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "nixpkgs": "nixpkgs_2", "rust-overlay": "rust-overlay_2" }, @@ -817,7 +833,7 @@ "limbusart": { "inputs": { "crane": "crane_5", - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_5", "nixpkgs": [ "nixpkgs" ], @@ -1125,7 +1141,7 @@ "nixos-wsl": { "inputs": { "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_6", + "flake-utils": "flake-utils_7", "nixpkgs": [ "nixpkgs" ] @@ -1301,7 +1317,7 @@ "nixtopo": { "inputs": { "devshell": "devshell", - "flake-utils": "flake-utils_8", + "flake-utils": "flake-utils_9", "nixpkgs": [ "nixpkgs" ], @@ -1736,7 +1752,7 @@ }, "rust-overlay_3": { "inputs": { - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_6", "nixpkgs": [ "limbusart", "nixpkgs" @@ -1794,6 +1810,28 @@ "type": "github" } }, + "sbt-derivation": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "blog", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1698464090, + "narHash": "sha256-Pnej7WZIPomYWg8f/CZ65sfW85IfIUjYhphMMg7/LT0=", + "owner": "zaninime", + "repo": "sbt-derivation", + "rev": "6762cf2c31de50efd9ff905cbcc87239995a4ef9", + "type": "github" + }, + "original": { + "owner": "zaninime", + "repo": "sbt-derivation", + "type": "github" + } + }, "slimlock": { "inputs": { "nixpkgs": [ @@ -2179,7 +2217,7 @@ "vscode-extensions": { "inputs": { "flake-compat": "flake-compat_6", - "flake-utils": "flake-utils_9", + "flake-utils": "flake-utils_10", "nixpkgs": [ "nixpkgs" ] diff --git a/hosts/wolumonde/default.nix b/hosts/wolumonde/default.nix index 18d056d..0af03e4 100644 --- a/hosts/wolumonde/default.nix +++ b/hosts/wolumonde/default.nix @@ -1,6 +1,7 @@ { inputs, tlib, + pkgs, ... }: { imports = @@ -10,6 +11,8 @@ ] ++ (tlib.importFolder (toString ./modules)); + environment.systemPackages = [pkgs.magic-wormhole-rs]; + boot.tmp.cleanOnBoot = true; zramSwap.enable = true; diff --git a/hosts/wolumonde/modules/blog.nix b/hosts/wolumonde/modules/blog.nix index cc225c9..64c797b 100644 --- a/hosts/wolumonde/modules/blog.nix +++ b/hosts/wolumonde/modules/blog.nix @@ -2,13 +2,43 @@ pkgs, inputs, ... -}: { +}: let + PUBLIC_BASE_URL = "https://gaze.systems"; + pkg = inputs.blog.packages.${pkgs.system}.default.overrideAttrs (old: { + inherit PUBLIC_BASE_URL; + GUESTBOOK_BASE_URL = "http://localhost:5173"; + }); + port = 3000; +in { + users.users.website = { + isSystemUser = true; + group = "website"; + }; + users.groups.website = {}; + + systemd.services.website = { + description = "website"; + wantedBy = ["multi-user.target"]; + after = ["network.target" "guestbook.service"]; + serviceConfig = { + User = "website"; + ExecStart = "${pkg}/bin/website"; + Restart = "on-failure"; + RestartSec = 5; + WorkingDirectory = "/var/lib/website"; + Environment = "HOME=/var/lib/website"; + EnvironmentFile = pkgs.writeText "website-env" '' + ORIGIN="${PUBLIC_BASE_URL}" + PORT=${toString port} + ''; + }; + }; + services.nginx.virtualHosts."gaze.systems" = { useACMEHost = "gaze.systems"; forceSSL = true; - root = "${inputs.blog.packages.${pkgs.system}.default}"; - locations."/".extraConfig = '' - add_header cache-control max-age=1800; - ''; + locations."/" = { + proxyPass = "http://localhost:${toString port}"; + }; }; } diff --git a/hosts/wolumonde/modules/gitea.nix b/hosts/wolumonde/modules/gitea.nix index 764f0cb..d0b1e46 100644 --- a/hosts/wolumonde/modules/gitea.nix +++ b/hosts/wolumonde/modules/gitea.nix @@ -1,14 +1,30 @@ {config, ...}: { services.gitea = { enable = true; + lfs.enable = true; + appName = "meow :3"; settings = { server = { DOMAIN = "git.gaze.systems"; ROOT_URL = "https://git.gaze.systems/"; HTTP_PORT = 3001; }; - service.DISABLE_REGISTRATION = true; + service = { + DISABLE_REGISTRATION = false; + ALLOW_ONLY_EXTERNAL_REGISTRATION = true; + }; session.COOKIE_SECURE = true; + repository.MAX_CREATION_LIMIT = 0; + oauth2_client = { + ENABLE_AUTO_REGISTRATION = false; + UPDATE_AVATAR = true; + }; + ui = { + DEFAULT_SHOW_FULL_NAME = true; + DEFAULT_THEME = "edge-dark"; + THEMES = "edge-dark,gitea"; + THEME_COLOR_META_TAG = "#333644"; + }; }; }; diff --git a/hosts/wolumonde/modules/guestbook.nix b/hosts/wolumonde/modules/guestbook.nix new file mode 100644 index 0000000..2a343f8 --- /dev/null +++ b/hosts/wolumonde/modules/guestbook.nix @@ -0,0 +1,33 @@ +{ + pkgs, + inputs, + ... +}: let + GUESTBOOK_WEBSITE_URI = "https://gaze.systems"; + pkg = inputs.blog.packages.${pkgs.system}.guestbook; + port = 5173; +in { + users.users.guestbook = { + isSystemUser = true; + group = "guestbook"; + }; + users.groups.guestbook = {}; + + systemd.services.guestbook = { + description = "guestbook"; + wantedBy = ["multi-user.target"]; + after = ["network.target"]; + serviceConfig = { + User = "guestbook"; + ExecStart = "${pkg}/bin/guestbook"; + Restart = "on-failure"; + RestartSec = 5; + WorkingDirectory = "/var/lib/guestbook"; + Environment = "HOME=/var/lib/guestbook"; + EnvironmentFile = pkgs.writeText "guestbook-env" '' + GUESTBOOK_WEBSITE_URI="${GUESTBOOK_WEBSITE_URI}" + PORT=${toString port} + ''; + }; + }; +}