From 5bb0e81fa59a44884f4a83fb9faf90355217a48d Mon Sep 17 00:00:00 2001 From: noe Date: Thu, 1 May 2025 12:17:18 -0700 Subject: [PATCH] awawa --- flake.lock | 36 +++++++++++++-------------- nixos/hosts/dis-sociat-ing/.flags | 2 +- nixos/hosts/ingress-proxy/default.nix | 22 +++++++++++++++- nixos/hosts/sapphic-engineer/.flags | 1 + 4 files changed, 41 insertions(+), 20 deletions(-) create mode 100644 nixos/hosts/sapphic-engineer/.flags diff --git a/flake.lock b/flake.lock index 02eea45..846475f 100644 --- a/flake.lock +++ b/flake.lock @@ -331,11 +331,11 @@ ] }, "locked": { - "lastModified": 1745810134, - "narHash": "sha256-WfnYH/i7DFzn4SESQfWviXiNUZjohZhzODqLwKYHIPI=", + "lastModified": 1746040799, + "narHash": "sha256-osgPX/SzIpkR50vev/rqoTEAVkEcOWXoQXmbzsaI4KU=", "owner": "nix-community", "repo": "home-manager", - "rev": "be7cf1709b469a2a2c62169172a167d1fed3509f", + "rev": "5f217e5a319f6c186283b530f8c975e66c028433", "type": "github" }, "original": { @@ -523,11 +523,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1745503349, - "narHash": "sha256-bUGjvaPVsOfQeTz9/rLTNLDyqbzhl0CQtJJlhFPhIYw=", + "lastModified": 1745955289, + "narHash": "sha256-mmV2oPhQN+YF2wmnJzXX8tqgYmUYXUj3uUUBSTmYN5o=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "f7bee55a5e551bd8e7b5b82c9bc559bc50d868d1", + "rev": "72081c9fbbef63765ae82bff9727ea79cc86bd5b", "type": "github" }, "original": { @@ -642,11 +642,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1745820364, - "narHash": "sha256-dszf++6yKpgVEmNLUWX3cKX2XicAC17sGpGnXrUP7Tk=", + "lastModified": 1746126702, + "narHash": "sha256-FyNfRI3HU2bzNvgGrEjj0XcKpDuUvOINyYOaA3oCZ7M=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7327564431a1d9c8ee886357c55023a389ed7d97", + "rev": "91c5ad6583b95460619d18943b5df35498c56a51", "type": "github" }, "original": { @@ -658,11 +658,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1745742390, - "narHash": "sha256-1rqa/XPSJqJg21BKWjzJZC7yU0l/YTVtjRi0RJmipus=", + "lastModified": 1746055187, + "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "26245db0cb552047418cfcef9a25da91b222d6c7", + "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", "type": "github" }, "original": { @@ -674,11 +674,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1745526057, - "narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=", + "lastModified": 1745930157, + "narHash": "sha256-y3h3NLnzRSiUkYpnfvnS669zWZLoqqI6NprtLQ+5dck=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f771eb401a46846c1aebd20552521b233dd7e18b", + "rev": "46e634be05ce9dc6d4db8e664515ba10b78151ae", "type": "github" }, "original": { @@ -754,11 +754,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1745526057, - "narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=", + "lastModified": 1745930157, + "narHash": "sha256-y3h3NLnzRSiUkYpnfvnS669zWZLoqqI6NprtLQ+5dck=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f771eb401a46846c1aebd20552521b233dd7e18b", + "rev": "46e634be05ce9dc6d4db8e664515ba10b78151ae", "type": "github" }, "original": { diff --git a/nixos/hosts/dis-sociat-ing/.flags b/nixos/hosts/dis-sociat-ing/.flags index d499edf..079b120 100644 --- a/nixos/hosts/dis-sociat-ing/.flags +++ b/nixos/hosts/dis-sociat-ing/.flags @@ -1 +1 @@ ---option sandbox false +--no-write-lock-file diff --git a/nixos/hosts/ingress-proxy/default.nix b/nixos/hosts/ingress-proxy/default.nix index 7cd3764..cdb11be 100644 --- a/nixos/hosts/ingress-proxy/default.nix +++ b/nixos/hosts/ingress-proxy/default.nix @@ -33,6 +33,7 @@ in rec { ps2l_aggpop.servers."${tsHost "ps2live" 8201}" = {}; ps2l_metagame.servers."${tsHost "ps2live" 8301}" = {}; ps2l_plapkit.servers."${tsHost "ps2live" 8555}" = {}; + ps2l_switcheroo.servers."${tsHost "ps2live" 8666}" = {}; pdr.servers."${tsHost "porcelain-doll-repair" 3000}" = {}; dsi.servers."${tsHost "dis-sociat-ing" 3000}" = {}; se.servers."${tsHost "sapphic-engineer" 4000}" = {}; @@ -73,6 +74,22 @@ in rec { enableACME = true; }; + internalConfig = { + listen = lib.mkForce [ + { addr = "0.0.0.0"; port = 80; } + { addr = "[::]"; port = 80; } + ]; + http2 = lib.mkForce false; + http3 = lib.mkForce false; + forceSSL = lib.mkForce false; + enableACME = lib.mkForce false; + extraConfig = '' + allow 100.64.0.0/10; + allow fd7a:115c:a1e0::/48; + deny all; + ''; + }; + staticSite = { locations."/" = { proxyPass = "http://staticsites"; @@ -105,6 +122,7 @@ in rec { "saerro.ps2.live" = ps2live "saerro"; "metagame.ps2.live" = ps2live "metagame"; "i-pk.noe.sh" = ps2live "plapkit"; + "sw.doll" = ps2live "switcheroo" // internalConfig; "proxy.ps2.live" = { locations."/" = { @@ -114,8 +132,9 @@ in rec { }; extraConfig = '' allow 127.0.0.1; - allow 100.64.0.0/10; allow 10.0.0.0/8; + allow 100.64.0.0/10; + allow fd7a:115c:a1e0::/48; allow 15.204.161.37; allow 172.13.181.252; allow 162.197.1.49; @@ -139,6 +158,7 @@ in rec { allow 162.197.1.49; allow 2600:1700:6850:2300::/64; allow 2600:1700:5890:ee2f::/64; + allow fd7a:115c:a1e0::/48; deny all; ''; } // defaultConfig; diff --git a/nixos/hosts/sapphic-engineer/.flags b/nixos/hosts/sapphic-engineer/.flags new file mode 100644 index 0000000..079b120 --- /dev/null +++ b/nixos/hosts/sapphic-engineer/.flags @@ -0,0 +1 @@ +--no-write-lock-file