noe/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

ingress: reduce to matrix

Browse source
This commit is contained in:
41666 2023-12-29 14:31:16 -05:00
parent d36b35436c
commit f9ecf557e3
5 changed files with 241 additions and 307 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

374
flake.lock generated
View file

@ -20,19 +20,53 @@
"type": "github" "type": "github"
} }
}, },
"base16-schemes": { "conduit": {
"flake": false, "inputs": {
"crane": "crane",
"fenix": "fenix",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1689473676, "lastModified": 1703432212,
"narHash": "sha256-L0RhUr9+W5EPWBpLcmkKpUeCEWRs/kLzVMF3Vao2ZU0=", "narHash": "sha256-v/wpbH/xuh9SJjLeCQIDiCeEbyui2WuWvIjOIH+lx80=",
"owner": "tinted-theming", "owner": "famedly",
"repo": "base16-schemes", "repo": "conduit",
"rev": "d95123ca6377cd849cfdce92c0a24406b0c6a789", "rev": "ca6219723b0d562d86a69824720215f8a1851836",
"type": "gitlab"
},
"original": {
"owner": "famedly",
"repo": "conduit",
"type": "gitlab"
}
},
"crane": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": [
"conduit",
"flake-utils"
],
"nixpkgs": [
"conduit",
"nixpkgs"
],
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1688772518,
"narHash": "sha256-ol7gZxwvgLnxNSZwFTDJJ49xVY5teaSvF7lzlo3YQfM=",
"owner": "ipetkov",
"repo": "crane",
"rev": "8b08e96c9af8c6e3a2b69af5a7fa168750fcf88e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "tinted-theming", "owner": "ipetkov",
"repo": "base16-schemes", "repo": "crane",
"type": "github" "type": "github"
} }
}, },
@ -56,25 +90,26 @@
"type": "github" "type": "github"
} }
}, },
"firefox-addons": { "fenix": {
"inputs": { "inputs": {
"flake-utils": "flake-utils", "nixpkgs": [
"nixpkgs": "nixpkgs_2" "conduit",
"nixpkgs"
],
"rust-analyzer-src": "rust-analyzer-src"
}, },
"locked": { "locked": {
"dir": "pkgs/firefox-addons", "lastModified": 1689488573,
"lastModified": 1703661208, "narHash": "sha256-diVASflKCCryTYv0djvMnP2444mFsIG0ge5pa7ahauQ=",
"narHash": "sha256-YCtNeOEx8cH6RUjCk6k/G4h9aC+SCk1lm1MnSbipzxA=", "owner": "nix-community",
"owner": "rycee", "repo": "fenix",
"repo": "nur-expressions", "rev": "39096fe3f379036ff4a5fa198950b8e79defe939",
"rev": "e640ba0f3337926052a7bc99f968e3d9ff31a66d", "type": "github"
"type": "gitlab"
}, },
"original": { "original": {
"dir": "pkgs/firefox-addons", "owner": "nix-community",
"owner": "rycee", "repo": "fenix",
"repo": "nur-expressions", "type": "github"
"type": "gitlab"
} }
}, },
"flake-compat": { "flake-compat": {
@ -125,12 +160,15 @@
} }
}, },
"flake-utils": { "flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": { "locked": {
"lastModified": 1629284811, "lastModified": 1689068808,
"narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c", "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -140,24 +178,6 @@
} }
}, },
"flake-utils_2": { "flake-utils_2": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_2"
}, },
@ -175,7 +195,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_4": { "flake-utils_3": {
"inputs": { "inputs": {
"systems": "systems_3" "systems": "systems_3"
}, },
@ -194,28 +214,6 @@
} }
}, },
"gitignore": { "gitignore": {
"inputs": {
"nixpkgs": [
"kde2nix",
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1660459072,
"narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "a20de23b925fd8264fd7fad6454652e142fd7f73",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixvim", "nixvim",
@ -244,11 +242,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1703657526, "lastModified": 1703838268,
"narHash": "sha256-C3fQG/tasnhtfJb0cvXthMDUJ/OLgCKNLqfMuR/M+0k=", "narHash": "sha256-SRg5nXcdPnrsQR2MTAp7en0NyJnQ2wB1ivmsgEbvN+o=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "d1d950841d230490f308f5fcf8c0d4f2bd3f24a7", "rev": "2aff324cf65f5f98f89d878c056b779466b17db8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -257,45 +255,6 @@
"type": "github" "type": "github"
} }
}, },
"kde2nix": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_3",
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1703361984,
"narHash": "sha256-3pZJY6h2OsmLi9iA6vHLYrlOcv3OK4ZCX9ljw66Q5xc=",
"owner": "nix-community",
"repo": "kde2nix",
"rev": "cc627fe32d9283205592574208ae4fcdf93d3414",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "kde2nix",
"type": "github"
}
},
"nix-colors": {
"inputs": {
"base16-schemes": "base16-schemes",
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1695388192,
"narHash": "sha256-2jelpE7xK+4M7jZNyWL7QYOYegQLYBDQS5bvdo8XRUQ=",
"owner": "misterio77",
"repo": "nix-colors",
"rev": "37227f274b34a3b51649166deb94ce7fec2c6a4c",
"type": "github"
},
"original": {
"owner": "misterio77",
"repo": "nix-colors",
"type": "github"
}
},
"nixlib": { "nixlib": {
"locked": { "locked": {
"lastModified": 1693701915, "lastModified": 1693701915,
@ -314,7 +273,7 @@
"nixos-generators": { "nixos-generators": {
"inputs": { "inputs": {
"nixlib": "nixlib", "nixlib": "nixlib",
"nixpkgs": "nixpkgs_4" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1701689616, "lastModified": 1701689616,
@ -346,38 +305,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1694911725,
"narHash": "sha256-8YqI+YU1DGclEjHsnrrGfqsQg3Wyga1DfTbJrN3Ud0c=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "819180647f428a3826bfc917a54449da1e532ce0",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": {
"lastModified": 1685801374,
"narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c37ca420157f4abc31e26f436c1145f8951ff373",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": { "locked": {
"lastModified": 1703467016, "lastModified": 1703467016,
"narHash": "sha256-/5A/dNPhbQx/Oa2d+Get174eNI3LERQ7u6WTWOlR1eQ=", "narHash": "sha256-/5A/dNPhbQx/Oa2d+Get174eNI3LERQ7u6WTWOlR1eQ=",
@ -393,7 +321,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable_3": { "nixpkgs-stable_2": {
"locked": { "locked": {
"lastModified": 1685801374, "lastModified": 1685801374,
"narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=", "narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=",
@ -409,7 +337,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable_4": { "nixpkgs-stable_3": {
"locked": { "locked": {
"lastModified": 1703351344, "lastModified": 1703351344,
"narHash": "sha256-9FEelzftkE9UaJ5nqxidaJJPEhe9TPhbypLHmc2Mysc=", "narHash": "sha256-9FEelzftkE9UaJ5nqxidaJJPEhe9TPhbypLHmc2Mysc=",
@ -425,7 +353,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable_5": { "nixpkgs-stable_4": {
"locked": { "locked": {
"lastModified": 1692492726, "lastModified": 1692492726,
"narHash": "sha256-rld5qm2B4oRkDwcPD+yOSyTrZQdfCR6mzJGGkecjvTs=", "narHash": "sha256-rld5qm2B4oRkDwcPD+yOSyTrZQdfCR6mzJGGkecjvTs=",
@ -458,38 +386,6 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1627814220,
"narHash": "sha256-P+MDgdZw2CBk9X1ZZaUgHgN+32pTfLFf3XVIBOXirI4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ab5b6828af26215bf2646c31961da5d3749591ef",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1702319469,
"narHash": "sha256-vxXgbGOmGLr5JUbFZUM/TVYYn/quMTqfFJrx5EXyhbk=",
"owner": "K900",
"repo": "nixpkgs",
"rev": "80878a189a3a7dd9c7253370e2771596936b8a74",
"type": "github"
},
"original": {
"owner": "K900",
"ref": "qt6ening",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1693714546, "lastModified": 1693714546,
"narHash": "sha256-3EMJZeGSZT6pD1eNwI/6Yc0R4rxklNvJ2SDFcsCnjpM=", "narHash": "sha256-3EMJZeGSZT6pD1eNwI/6Yc0R4rxklNvJ2SDFcsCnjpM=",
@ -505,7 +401,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_5": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1703438236, "lastModified": 1703438236,
"narHash": "sha256-aqVBq1u09yFhL7bj1/xyUeJjzr92fXVvQSSEx6AdB1M=", "narHash": "sha256-aqVBq1u09yFhL7bj1/xyUeJjzr92fXVvQSSEx6AdB1M=",
@ -521,7 +417,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_6": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1703134684, "lastModified": 1703134684,
"narHash": "sha256-SQmng1EnBFLzS7WSRyPM9HgmZP2kLJcPAz+Ug/nug6o=", "narHash": "sha256-SQmng1EnBFLzS7WSRyPM9HgmZP2kLJcPAz+Ug/nug6o=",
@ -537,7 +433,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_7": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1692463654, "lastModified": 1692463654,
"narHash": "sha256-F8hZmsQINI+S6UROM4jyxAMbQLtzE44pI8Nk6NtMdao=", "narHash": "sha256-F8hZmsQINI+S6UROM4jyxAMbQLtzE44pI8Nk6NtMdao=",
@ -555,18 +451,18 @@
}, },
"nixvim": { "nixvim": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_2",
"nixpkgs": [ "nixpkgs": [
"nixpkgs-unstable" "nixpkgs-unstable"
], ],
"pre-commit-hooks": "pre-commit-hooks_2" "pre-commit-hooks": "pre-commit-hooks"
}, },
"locked": { "locked": {
"lastModified": 1703435563, "lastModified": 1703859882,
"narHash": "sha256-BDnoVc9Kvc9wo9lt8GC0kkqwLedP7lnBBdh1UHl4cPw=", "narHash": "sha256-wRXgap0eEuswF9xXUKDiWBh0tKuJ9vtmlJZ4iAX3K/E=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixvim", "repo": "nixvim",
"rev": "c11158c73e9a488d803356127a54af8101fc0051", "rev": "1d8e7906c9606c956c6b40d8d088c8d2110dc0c0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -575,59 +471,16 @@
"type": "github" "type": "github"
} }
}, },
"nur": {
"locked": {
"lastModified": 1703663514,
"narHash": "sha256-dNiD2eIzzUavZjOAtUc0oyoXQak2/lH6jKjbdphqbzE=",
"owner": "nix-community",
"repo": "nur",
"rev": "057540a62d095ef5c3728d2d4e57d627570342fb",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nur",
"type": "github"
}
},
"pre-commit-hooks": { "pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": [
"kde2nix",
"flake-utils"
],
"gitignore": "gitignore",
"nixpkgs": [
"kde2nix",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1702290759,
"narHash": "sha256-DUPtcei6GJlrC05Y3cqwLLSst+sp07334aAZw4Uk118=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "f99ed8523fc3aef67a7c838ca31f4b94ef902837",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"pre-commit-hooks_2": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_3",
"gitignore": "gitignore_2", "gitignore": "gitignore",
"nixpkgs": [ "nixpkgs": [
"nixvim", "nixvim",
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-stable": "nixpkgs-stable_3" "nixpkgs-stable": "nixpkgs-stable_2"
}, },
"locked": { "locked": {
"lastModified": 1702456155, "lastModified": 1702456155,
@ -646,21 +499,35 @@
"root": { "root": {
"inputs": { "inputs": {
"apple-silicon": "apple-silicon", "apple-silicon": "apple-silicon",
"conduit": "conduit",
"darwin": "darwin", "darwin": "darwin",
"firefox-addons": "firefox-addons",
"home-manager": "home-manager", "home-manager": "home-manager",
"kde2nix": "kde2nix",
"nix-colors": "nix-colors",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_5", "nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable_2", "nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"nixvim": "nixvim", "nixvim": "nixvim",
"nur": "nur",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"sops-nix-darwin": "sops-nix-darwin" "sops-nix-darwin": "sops-nix-darwin"
} }
}, },
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1689441253,
"narHash": "sha256-4MSDZaFI4DOfsLIZYPMBl0snzWhX1/OqR/QHir382CY=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "996e054f1eb1dbfc8455ecabff0f6ff22ba7f7c8",
"type": "github"
},
"original": {
"owner": "rust-lang",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"rust-overlay": { "rust-overlay": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -677,10 +544,37 @@
"type": "github" "type": "github"
} }
}, },
"rust-overlay_2": {
"inputs": {
"flake-utils": [
"conduit",
"crane",
"flake-utils"
],
"nixpkgs": [
"conduit",
"crane",
"nixpkgs"
]
},
"locked": {
"lastModified": 1688351637,
"narHash": "sha256-CLTufJ29VxNOIZ8UTg0lepsn3X03AmopmaLTTeHDCL4=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "f9b92316727af9e6c7fee4a761242f7f46880329",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"sops-nix": { "sops-nix": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_6", "nixpkgs": "nixpkgs_4",
"nixpkgs-stable": "nixpkgs-stable_4" "nixpkgs-stable": "nixpkgs-stable_3"
}, },
"locked": { "locked": {
"lastModified": 1703387502, "lastModified": 1703387502,
@ -698,8 +592,8 @@
}, },
"sops-nix-darwin": { "sops-nix-darwin": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_7", "nixpkgs": "nixpkgs_5",
"nixpkgs-stable": "nixpkgs-stable_5" "nixpkgs-stable": "nixpkgs-stable_4"
}, },
"locked": { "locked": {
"lastModified": 1692658736, "lastModified": 1692658736,

35
flake.nix
View file

@ -21,35 +21,41 @@
apple-silicon.url = "github:tpwrules/nixos-apple-silicon"; apple-silicon.url = "github:tpwrules/nixos-apple-silicon";
# KDE Plasma 6+ # KDE Plasma 6+
kde2nix.url = "github:nix-community/kde2nix"; #kde2nix.url = "github:nix-community/kde2nix";
# Secrets # Secrets
sops-nix.url = "github:Mic92/sops-nix"; sops-nix.url = "github:Mic92/sops-nix";
sops-nix-darwin.url = "github:Kloenk/sops-nix?ref=darwin"; sops-nix-darwin.url = "github:Kloenk/sops-nix?ref=darwin";
# Fancy stuff # Fancy stuff
nix-colors.url = "github:misterio77/nix-colors"; #nix-colors.url = "github:misterio77/nix-colors";
nixvim = { nixvim = {
url = "github:nix-community/nixvim"; url = "github:nix-community/nixvim";
inputs.nixpkgs.follows = "nixpkgs-unstable"; inputs.nixpkgs.follows = "nixpkgs-unstable";
}; };
nur.url = "github:nix-community/nur"; #nur.url = "github:nix-community/nur";
firefox-addons.url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; #firefox-addons.url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
# Pro gamer move # Pro gamer move
nixos-generators.url = "github:nix-community/nixos-generators"; nixos-generators.url = "github:nix-community/nixos-generators";
# Server tools
conduit = {
url = "gitlab:famedly/conduit";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
nixConfig = { nixConfig = {
extra-substituters = [ #extra-substituters = [
"https://nix-community.cachix.org" # "https://nix-community.cachix.org"
"https://0uptime.cachix.org" # "https://0uptime.cachix.org"
]; #];
extra-trusted-public-keys = [ #extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" # "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"0uptime.cachix.org-1:ctw8yknBLg9cZBdqss+5krAem0sHYdISkw/IFdRbYdE=" # "0uptime.cachix.org-1:ctw8yknBLg9cZBdqss+5krAem0sHYdISkw/IFdRbYdE="
]; #];
}; };
outputs = { self, nixpkgs, home-manager, ... }@inputs: outputs = { self, nixpkgs, home-manager, ... }@inputs:
@ -138,8 +144,9 @@
drone = mkNixos [ ./nixos/hosts/drone ]; drone = mkNixos [ ./nixos/hosts/drone ];
# Lab # Lab
ingress-proxy = mkNixos [ ./nixos/hosts/ingress-proxy ]; ingress-proxy = mkNixos [ ./nixos/hosts/ingress-proxy ]; # nginx edge proxy
lab-alpha = mkNixos [ ./nixos/hosts/lab-alpha ]; lab-alpha = mkNixos [ ./nixos/hosts/lab-alpha ]; # what the mia doin
mango = mkNixos [ ./nixos/hosts/mango ]; # Matrix (mx.sapphic.engineer)
}; };
darwinConfigurations = { darwinConfigurations = {

2
nixos/features/nginx.nix
View file

@ -14,6 +14,8 @@
defaults.email = "acme@kat.cafe"; defaults.email = "acme@kat.cafe";
}; };
users.users.nginx.extraGroups = [ "acme" ];
networking.firewall = { networking.firewall = {
enable = true; enable = true;
allowedTCPPorts = [ 80 443 ]; allowedTCPPorts = [ 80 443 ];

115
nixos/hosts/ingress-proxy/default.nix
View file

@ -1,54 +1,5 @@
{ lib, ... }: let { lib, pkgs, ... }: let
tsHost = x: "http://${x}.hoki-porgy.ts.net"; tsHost = x: "http://${x}.hoki-porgy.ts.net";
aliases = x: { serverAliases = x; };
routes = [
{
host = "warme.st";
target = tsHost "honeydew";
extra = aliases [ "colde.st" ];
}
{
host = "saerro.ps2.live";
target = tsHost "durian";
extra = aliases [ "agg.ps2.live" "metagame.ps2.live" ];
}
{
host = "mx.sapphic.engineer";
target = tsHost "mango";
extra = aliases [ "i.mx.sapphic.engineer" ];
}
{
host = "static-sites.foxxolay.net";
target = tsHost "juniper";
extra = aliases [
"mekanoe.com"
"foxxolay.com"
"foxxolay.net"
"inaayoka.com"
"kat.cafe"
];
}
{
host = "ml.colde.st";
target = tsHost "lab-alpha";
extra = {};
}
];
proxyConfig = {
forceSSL = true;
#useHTTP3 = true;
#useHTTP2 = true;
enableACME = true;
};
virtualHosts = {
"m.la.mekanoe.com" = {
locations."/".proxyPass = tsHost "lab-alpha";
} // proxyConfig;
};
in { in {
imports = [ imports = [
../../templates/proxmox-lxc.nix ../../templates/proxmox-lxc.nix
@ -60,9 +11,67 @@ in {
networking.hostName = "ingress-proxy"; networking.hostName = "ingress-proxy";
system.stateVersion = "24.05"; system.stateVersion = "24.05";
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
networking.firewall.allowedTCPPorts = [ 80 443 8448 ];
networking.firewall.allowedUDPPorts = [ 80 443 8448 ];
services.nginx = { services.nginx = {
inherit virtualHosts; recommendedTlsSettings = true;
recommendedTlsSettings = true; virtualHosts = {
# Matrix (main)
"mx.sapphic.engineer" = {
forceSSL = true;
enableACME = true;
listen = [
{ addr = "0.0.0.0"; port = 443; ssl = true; }
{ addr = "[::]"; port = 443; ssl = true; }
{ addr = "0.0.0.0"; port = 8448; ssl = true; }
{ addr = "[::]"; port = 8448; ssl = true; }
];
locations."/_matrix/" = {
proxyPass = "${tsHost "mango"}:6167";
proxyWebsockets = true;
extraConfig = ''
proxy_set_header Host $host;
proxy_buffering off;
'';
};
extraConfig = ''
merge_slashes off;
'';
};
# Generic store for /.well-known/ paths.
"well-known.sapphic.engineer" = {
forceSSL = true;
enableACME = true;
locations."=/.well-known/matrix/server" = {
alias = pkgs.writeText "well-known-matrix-server" builtins.toJSON {
"m.server" = "mx.sapphic.engineer";
};
extraConfig = ''
default_type application/json;
'';
};
locations."=/.well-known/matrix/client" = {
alias = pkgs.writeText "well-known-matrix-client" builtins.toJSON {
"m.homeserver" = {
base_url = "https://mx.sapphic.engineer";
};
};
extraConfig = ''
default_type application/json;
add_header Access-Control-Allow-Origin "*";
'';
};
};
};
}; };
} }

22
nixos/hosts/mango/default.nix Normal file
View file

@ -0,0 +1,22 @@
{ inputs, pkgs, config, ... }: {
imports = [
../../templates/proxmox-lxc.nix
../../server.nix
../../features/dns-cache.nix
];
networking.hostName = "mango";
system.stateVersion = "24.05";
nixpkgs.hostPlatform = "x86_64-linux";
networking.firewall.allowedTCPPorts = [ config.services.matrix-conduit.settings.global.port ];
networking.firewall.allowedUDPPorts = [ config.services.matrix-conduit.settings.global.port ];
services.matrix-conduit = {
enable = true;
package = inputs.conduit.packages.${pkgs.system}.default;
settings.global = {
server_name = "sapphic.engineer";
};
};
}