bill
/
deployed-nixos-server-and-apps
1
1
Fork 0
Code

Compare commits

base: bill:3db497ce1a8db542bcc0a61121cf939140116804
Branches Tags
bill:main
...
compare: bill:128f444d696d63a1ac5d56216158021615d20b7e
Branches Tags
bill:main

5 Commits
3db497ce1a ... 128f444d69

Author SHA1 Message Date
Bill Ewanick 128f444d69 Fix config formatting 2023-06-27 17:01:14 -04:00
Bill Ewanick 613364e557 Update alice public key 2023-06-27 16:33:43 -04:00
Bill Ewanick f1b8e734f0 Update system and settings to 23.05 2023-06-27 16:32:21 -04:00
Bill Ewanick 5fa5995711 adding submodules 2023-06-27 16:32:21 -04:00
Bill Ewanick 3ccdf98fb0 Increase git timeouts for migration 2023-06-27 11:17:10 -04:00
7 changed files with 33 additions and 17 deletions
Show Stats Expand all files Collapse all files

3
.gitmodules vendored Normal file
View File

@ -0,0 +1,3 @@
[submodule "nixos-apps/seal-blog"]
path = nixos-apps/seal-blog
url = gitea@git.ewanick.com:bill/seal-blog.git

15
nixos-apps/git.ewanick.com.nix
View File

@ -2,13 +2,22 @@
services.gitea = { services.gitea = {
enable = true; enable = true;
appName = "Bill's Gitea server, hosted on Linode using NixOS"; appName = "Bill's Gitea server, hosted on Linode using NixOS";
domain = "git.ewanick.com";
rootUrl = "https://git.ewanick.com/";
httpPort = 3000;
settings = { settings = {
server = {
DOMAIN = "git.ewanick.com";
ROOT_URL = "https://git.ewanick.com/";
HTTP_PORT = 3000;
};
service = { service = {
DISABLE_REGISTRATION = true; DISABLE_REGISTRATION = true;
}; };
"git.timeout" = {
MIGRATE = 60 * 100; # seconds, 100 minutes
MIRROR = 60 * 100;
PULL = 60 * 100;
GC = 60 * 100;
};
}; };
}; };

4
nixos-apps/jitsi.crueltysquad.com.nix
View File

@ -20,8 +20,8 @@
services.jitsi-videobridge.enable = true; services.jitsi-videobridge.enable = true;
services.jitsi-videobridge.openFirewall = true; services.jitsi-videobridge.openFirewall = true;
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
security.acme.email = "me@example.com"; # security.acme.email = "me@example.com";
security.acme.acceptTerms = true; # security.acme.acceptTerms = true;
# services.caddy = { # services.caddy = {
# enable = true; # enable = true;

1
nixos-apps/seal-blog Submodule

@ -0,0 +1 @@
Subproject commit f5accae1dbc4abfd6694c57ec93ba49982ad3272

17
server-config/configuration.nix
View File

@ -17,11 +17,11 @@
../nixos-apps/jitsi.crueltysquad.com.nix ../nixos-apps/jitsi.crueltysquad.com.nix
../nixos-apps/cutesealfanpage.love.nix ../nixos-apps/cutesealfanpage.love.nix
../nixos-apps/fancytypist.com.nix ../nixos-apps/fancytypist.com.nix
# ../nixos-apps/seal-blog
]; ];
# Use the GRUB 2 boot loader. # Use the GRUB 2 boot loader.
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
networking.usePredictableInterfaceNames = false; networking.usePredictableInterfaceNames = false;
networking.hostName = "linode-nixos"; networking.hostName = "linode-nixos";
@ -69,9 +69,10 @@
packages = with pkgs; [ packages = with pkgs; [
tldr tldr
]; ];
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDVbzPri8LUe9p1r96Jvdkm7HveJ7FLtGAe8GhDmgQR alice@foobar" ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGzXqcOu6/EjS60Ke55w4hj//lY6u3S1DYPoSd7yjdR3 alice@foobar" ];
}; };
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -88,16 +89,18 @@
# Enable Nix-ld for remote VSCode SSH to work # Enable Nix-ld for remote VSCode SSH to work
programs.nix-ld.enable = true; programs.nix-ld.enable = true;
environment.variables = { environment.variables = {
NIX_LD_LIBRARY_PATH = lib.makeLibraryPath [ NIX_LD_LIBRARY_PATH = lib.mkDefault (lib.makeLibraryPath [
pkgs.stdenv.cc.cc pkgs.stdenv.cc.cc
]; ]);
NIX_LD = lib.fileContents "${pkgs.stdenv.cc}/nix-support/dynamic-linker"; NIX_LD = lib.mkDefault (lib.fileContents "${pkgs.stdenv.cc}/nix-support/dynamic-linker");
}; };
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh = { services.openssh = {
enable = true; enable = true;
permitRootLogin = "no"; settings = {
PermitRootLogin = "no";
};
}; };
# Open ports in the firewall. # Open ports in the firewall.
@ -117,5 +120,5 @@
# this value at the release version of the first install of this system. # this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option # Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment? system.stateVersion = "23.05"; # Did you read the comment?
} }

8
server-config/flake.lock
View File

@ -2,16 +2,16 @@
"nodes": { "nodes": {
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1680865339, "lastModified": 1687729501,
"narHash": "sha256-H6rmJ1CyJ3Q5ZyoLMYq/UEYMS9Q1orJjRpWiQ47HudE=", "narHash": "sha256-mTLkMePoHUWvTCf3NuKbeYEea/tsikSIKBWwb9OfRr4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "0040164e473509b4aee6aedb3b923e400d6df10b", "rev": "35130d4b4f0b8c50ed2aceb909a538c66c91d4a0",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-22.11", "ref": "nixos-23.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

2
server-config/flake.nix
View File

@ -2,7 +2,7 @@
description = "System flake for Linode NixOS server"; description = "System flake for Linode NixOS server";
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
}; };
outputs = inputs@{ nixpkgs, ... }: outputs = inputs@{ nixpkgs, ... }: