dark-firepit removed. no more crisises
This commit is contained in:
parent
dc894caebc
commit
c53e17b49f
|
@ -1,37 +0,0 @@
|
||||||
[
|
|
||||||
{
|
|
||||||
hostname = "aether@subsurface";
|
|
||||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFLDtlpOnQFQq9mPMhR1uQnjrTexcof+c+y+ot/7Jgnt aether@subsurface";
|
|
||||||
wg = "XEVSwNNPR7RTt/O0ihYmv3nopbPmqkCMGrVRCixnPWw=";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
hostname = "oatmealine@void-defragmented";
|
|
||||||
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDbJDo79TD9RV77MnArQwS94wzBo+6l6dYQnaNdPk2xo019+tc7GyuQ+GHyh4qewIUQOwe3Ddj4YxJN9IS3E360/6RdaNDxn3hUp2jh/x9SOjh0W86FJfdHEQViNeFVSXJv+QBZT9ibR9IbOHYezhD6gtz15pNhEqhQyqw2hJuQzxLvnictTc4lPQnWN9I8ga+OVSh7Uauu5OKbUOyRRj1Er/hasNviCaGBJnLDYjSqTDRvEbdYlfuhrYITJ+viZOQq7Nczs6dbsl627FCvhr5vQi+/vvpx9DKHDvpGvbEglOmOwgffSkaOIIx/pNHTsRccX7c3/im6z4pCDj4bEuiqqawv2C6DV0aM01bW8cchOJrmSQGTygTrJuuVPHp4IRIZNvQGS+97j4u+d7ofricLR1RoxJcQibvRA9rhhYI2FhwrAweuuLktjSj5RkQnypd9kjOuH+nhgLZunreNoyPNDCmcOBA7BA0rD2pCIKB9SzlelMjVuvy0PA8uWfNFfxGU+m3BH7lQS/A6V+NeYrMGiZ+u+t9Pgr6kAoR7mAUO+obIdMM/lOp1/zGBY8lk2Aq3GQcyGVNi18VR0uA+NMaJYXA1JzSiPCz7cQn1pKIAKiDEnzicf5MxDHIi5F1iQ/Lc+NftgmDXZEAHDY1bQepScOttaOZQZLpYP/eWwlEQJQ== oatmealine@beppy";
|
|
||||||
wg = "533BncNpHKzJVx5lwdxBg+aUfLGqea9uUYz70C6wxyg=";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
hostname = "oatmealine@beppy-phone";
|
|
||||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJUgEsAQ7EL5/3STLAk/0qWJddYqfBY71yS9RtRSWd3w JuiceSSH";
|
|
||||||
wg = "qT7gX8beM/kW9AYg5dV1e3cLzLDTLxMO2CmnbFpMVj4=";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
hostname = "mayflower@BMW-M550d-xDrive"; # car 5
|
|
||||||
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCIeoFll8XBRwu6vbQHUj4LNbvRvLMTdqUP1su9hGxow8olGKIZf/nINkt+/B5w4UumLFnOOROIWVhSH/04oxGVCWdk29ibPo3yYJIAoQrqOXYWCrGpMDd0z2n/0CwyXRAqmQ4rubnUZtnlabYCLh0eWMu9ZRSsSrQ+MiaUHES/vv1MxlLWHoEGfhLzoq7SyIsK88Mirgu9lSeHd/+2JybkQ9kNEWTxnzUPKwOMT0zLGo7vNLmfPhJ1WilQoV4F8skDbbgFNRuLO13ZDn6W2jqZ+zjf3H9khzPivG+oaKfHLMDD/zCwHM3rm3JyJzX7GF9EV73AqbNkzzsf54vKhYRT";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
hostname = "aether@phone";
|
|
||||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP5LPWVgsFAH9XErXGZB+lzwb/+7EiEb6eatNWoJag5i JuiceSSH";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
hostname = "lilith@bms-cab";
|
|
||||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFb9uVy1x4XaO1uFOQBuERy6xw8cf7Dh24UT0jJs7g3z lilith@bms-cab";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
hostname = "swag@BMW-M550d-xDrive"; # mayflower 2
|
|
||||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC1fJn2ZY9fhBr4E1Gc91uRWS5r+EZ4OHy3RmuAjx7kr swag@BMW-M550d-xDrive";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
hostname = "aether@Aethers-Mini.station";
|
|
||||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHa1Nv8RlnJ4XnyCyMnpixnjNlGwvrj8cpUrFDJ6UhGs aether@Aethers-Mini.station";
|
|
||||||
}
|
|
||||||
]
|
|
|
@ -1,269 +0,0 @@
|
||||||
{ pkgs, inputs, lib, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
keys = import ./authorizedKeys.nix;
|
|
||||||
fetchSSH = (host: lib._.getSSH host keys);
|
|
||||||
fetchSSHKeys = map fetchSSH;
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
./hardware-configuration.nix
|
|
||||||
./minecraft.nix
|
|
||||||
./srb2k.nix
|
|
||||||
./yugoslavia-best.nix
|
|
||||||
./webapps/default.nix
|
|
||||||
inputs.nix-minecraft.nixosModules.minecraft-servers
|
|
||||||
#inputs.watch-party.nixosModules.watch-party
|
|
||||||
(fetchTarball "https://github.com/msteen/nixos-vscode-server/tarball/master")
|
|
||||||
];
|
|
||||||
|
|
||||||
# services.auto-fix-vscode-server.enable = true;
|
|
||||||
# services.vscode-server.enable = true;
|
|
||||||
|
|
||||||
user = {
|
|
||||||
packages = with pkgs; [
|
|
||||||
git
|
|
||||||
curl
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
users.groups.dotfiles = {};
|
|
||||||
users.groups.yugoslavia = {};
|
|
||||||
|
|
||||||
normalUsers = {
|
|
||||||
# aether??? is that... reference.../.??? aether https://www.curseforge.com/minecraft/mc-mods/aether mod Curseforge minecraft Forge Patreon Chat twitter code license Assets license All rights reserved categories Last Updated apr 17 2021 Game Version 1.12.2 aether
|
|
||||||
aether = {
|
|
||||||
conf = {
|
|
||||||
packages = with pkgs; [ bat duf broot nftables tmux bottom writefreely helix ];
|
|
||||||
shell = pkgs.unstable.fish;
|
|
||||||
extraGroups = [ "wheel" "nix-users" "dotfiles" ];
|
|
||||||
initialHashedPassword = "!";
|
|
||||||
openssh.authorizedKeys.keys = fetchSSHKeys [
|
|
||||||
"aether@subsurface"
|
|
||||||
"aether@phone"
|
|
||||||
"aether@Aethers-Mini.station"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
homeConf.home = {
|
|
||||||
sessionVariables = {
|
|
||||||
EDITOR = "nvim";
|
|
||||||
NIX_REMOTE = "daemon";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# oatmealine ?? is that a reference to jill oatmealine monoids from the beloved videogame franchise "oateamelin jill monoids???" .oat. zone??? from va11hall-a??? video game???? woman????? minecraft???????
|
|
||||||
oatmealine = {
|
|
||||||
conf = {
|
|
||||||
packages = with pkgs; [ bat tmux micro direnv nix-direnv ripgrep ];
|
|
||||||
shell = pkgs.unstable.fish;
|
|
||||||
extraGroups = [ "wheel" "nix-users" "dotfiles" "yugoslavia" ];
|
|
||||||
initialHashedPassword = "!";
|
|
||||||
openssh.authorizedKeys.keys = fetchSSHKeys [
|
|
||||||
"oatmealine@void-defragmented"
|
|
||||||
"oatmealine@beppy-phone"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
homeConf.home = {
|
|
||||||
sessionVariables = {
|
|
||||||
EDITOR = "micro";
|
|
||||||
NIX_REMOTE = "daemon";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
# i yearn for the day this name ceases to mean
|
|
||||||
mayflower = {
|
|
||||||
conf = {
|
|
||||||
packages = with pkgs; [ micro tmux ];
|
|
||||||
shell = pkgs.unstable.fish;
|
|
||||||
extraGroups = [ "wheel" "nix-users" "dotfiles" "yugoslavia" ];
|
|
||||||
initialHashedPassword = "!";
|
|
||||||
openssh.authorizedKeys.keys = fetchSSHKeys [
|
|
||||||
"mayflower@BMW-M550d-xDrive"
|
|
||||||
"swag@BMW-M550d-xDrive"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
homeConf.home = {
|
|
||||||
sessionVariables = {
|
|
||||||
EDITOR = "micro";
|
|
||||||
NIX_REMOTE = "daemon";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
winter = {
|
|
||||||
conf = {
|
|
||||||
packages = with pkgs; [ micro ];
|
|
||||||
shell = pkgs.unstable.fish;
|
|
||||||
extraGroups = [ "wheel" "nix-users" "dotfiles" ];
|
|
||||||
initialHashedPassword = "!";
|
|
||||||
openssh.authorizedKeys.keys = fetchSSHKeys [
|
|
||||||
"lilith@bms-cab"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
keyboard = {
|
|
||||||
locale = "en_US.UTF-8";
|
|
||||||
variant = "qwerty";
|
|
||||||
};
|
|
||||||
|
|
||||||
services.vscode-server.enable = true;
|
|
||||||
|
|
||||||
modules = {
|
|
||||||
shell.fish.enable = true;
|
|
||||||
security.isLocalMachine = false;
|
|
||||||
editors.neovim.enable = true;
|
|
||||||
remote = {
|
|
||||||
enable = true;
|
|
||||||
keys = [
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAoV7ymOtfC8SYvv31/GGso8DoHKE/KOfoEZ0hjmYtaQg7dyi5ijfDikLZUux8aWivvRofa7SqyaK0Ea+s9KuTX/dreJKz/RKG+QHLjw6U0FSoJ765q56pUy0j0TZoVy4PjSb38of56urg1UmHkK13WQXrvjwdHUjAcVx6PurHAxsbmxhYkJO9Jmvr8CB+PZFKIHjewkgBWkBxD97WFNwDfmBmvh1F5xRn8WhgT+2DVdQ2coN4Eqwc4NWzBUSfrro0gARsJsUvQxdx8f1kJDQKy2lQWCnlgRiD+pK5ocf1wCZfJMs0NQ6xqCZDKDJTcyGNLWH/L57Pg5U5t7BWRTTPmQ== yugoslavia"
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCX2uRTaL1Nu4KzsSJSVc7R2yCIa4Mw3KuJAMluQO746eXBFeTmRN6Pqc+H0Rpz9nkQ/fB8tYl70FfrYy4suM0QCY1IDbPWaUBmLQYCt6nzCfFY8PTpLoJmeQW3jzG7VqSjjl+uG2KLQqPtzxmvukIJRovhrKcUnPzw4tU4BLy2uGWgJN9sGofWczmtxdijADyOYtasVIr6/Hca5IwMCldbqQ9B1k+VIE87Kv2k5n+LVRVMsVHaVSubIMYZFbZFDW2/oRVg2ainewO0e9XPbtBREVraPnuf7s4uBByk4goQfLhz3B6L4JLbYYijw25+SmeJcesDxJUIIKMCuZChNcyb aura@LAPTOP-MEN8UH6Q"
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRI9sGl0EmOkNNnh8SgRq197gkEy3XEwKZjLIr27V9PfaVOLIAcZiGcOa5q7rc5FjcCtkQ9+/twE24bZpxkK0ygrRJBEdT+HGAUmpY/kRPEn/tqjmwNu43vQqOhNSYmAAzdjJ4AuRPK5st8QQyOzKv5Pnghwy8xPAjOM3o4n9ULMLjVvAu0eTmCJMKxEvz5FUEIVZtEid/ng46k/bJ/njSh8vyGBQV4fJei6M9Ovw0HPqqzWyV/e0c3hTClG4dfLCK3Qv3hLhXQ+8I9iaL7D2wZdr3F2lbg0vS/QctPZc28f1gpkFEzVflEzAk4aFwJMMflY04IG1Dr44IfM1gJbpj rsa-key-20220423"
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCL75/Pg5bP7LaXE6uPyyv8QDRivWJC6YcH6oJJztkjqL6g+0xPPiN6I54q/bNF4nHA2BHVUktKUU9bGDEOpYIRq7kegp2/K/+FNTM1Kz6rJSrSc8e0Ogxg8vhD6maxqLU8q+D1OMhBu0UiWUB+GxXmeYfBtXPjpcE+AaJ80BPs7vwiulHPGn7UAcRuP36Z+3JJiN2BQnU2aizXWsgyU575Uy3DVvAt7eHon+SoJiTCs2//5KexJ42U6ZiE6f/oTFdiud70lpxhGgiiFvj6M9RZ0aLoxspiskW45jKLXIMJ+mO6husg9GfvCchbps3YkmH0hZ24Ii1EiFhi5HZMY0Lt mayflower"
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHrlqH2OShvXdzq1sV5IDuWQzeC9OHBVvwj0+Y0XXwi7 mayflower-thinkpad"
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCBKMXTLBJ5iIPiO9jiN+AHWxpgG1kcdI0h23+G1FLMnK+xhkmaP9Vjr9QbqQ4mmRqfGERfJW5H2/OvTEUXnrkAp1Jc8oPrc14/auwKivtbMC5tsWzioDMbcAYKrcP37D3Kw1P7nzSyAz3QsRXBRx26OE5NeTo4YfGl/TOkQnoBCDTt8kcziWEvUVeOgnHf3hnszs2H4P6RAyOqjuOH6BWhtbKsCHThTHaAadLgeH5nB1WXLYqG2N1KEzAhj8WBBzPmeZcMMRr5xkqYVj14cd+9syEaenV+wXapoPyDtOb6YtOKArN9RkT0OOqQk17OzxvGqHUEXQ4eGmNgc8BLsGJn rsa-key-20230402"
|
|
||||||
#fetchSSH "oatmealine@void-defragmented"
|
|
||||||
#fetchSSH "oatmealine@beppy-phone"
|
|
||||||
];
|
|
||||||
packages = with pkgs; [ tmux micro ];
|
|
||||||
shell = pkgs.unstable.fish;
|
|
||||||
};
|
|
||||||
services = {
|
|
||||||
ssh = {
|
|
||||||
enable = true;
|
|
||||||
requirePassword = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
postgres.enable = true;
|
|
||||||
|
|
||||||
mosh = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
wireguard = {
|
|
||||||
enable = true;
|
|
||||||
server = true;
|
|
||||||
externalInterface = "eno1";
|
|
||||||
interfaces."wg0" = import ./wireguardInterface.nix;
|
|
||||||
};
|
|
||||||
|
|
||||||
terraria = {
|
|
||||||
enable = false;
|
|
||||||
port = 7777; # port-forwarded
|
|
||||||
messageOfTheDay = "hi";
|
|
||||||
openFirewall = true;
|
|
||||||
worldPath = "/var/lib/terraria/gbj.wld";
|
|
||||||
autoCreatedWorldSize = "large";
|
|
||||||
dataDir = "/var/lib/terraria";
|
|
||||||
};
|
|
||||||
|
|
||||||
jmusicbot = let
|
|
||||||
baseOptions = {
|
|
||||||
owner = 276416332894044160;
|
|
||||||
game = "Listening to your heartbeat :heart";
|
|
||||||
status = "ONLINE";
|
|
||||||
songinstatus = true;
|
|
||||||
|
|
||||||
success = "<:observer:1004408859831586907>";
|
|
||||||
warning = "<:slugclose:1000202980403974144>";
|
|
||||||
error = "🚫!!!!! 🚫🚫🚫 >:((((";
|
|
||||||
loading = "<:handsl:966010145698086993><:handsr:966010145886830692>";
|
|
||||||
searching = "<:scripulous_fingore_point:1012777703323222087><:scripulous_fingore:1012777704455667754>";
|
|
||||||
|
|
||||||
npimages = true;
|
|
||||||
stayinchannel = true;
|
|
||||||
|
|
||||||
aliases = {
|
|
||||||
nowplaying = [ "np" "current" ];
|
|
||||||
play = [ "p" ];
|
|
||||||
queue = [ "list" "q" ];
|
|
||||||
remove = [ "delete" "d" ];
|
|
||||||
skip = [ "s" ];
|
|
||||||
forceskip = [ "fs" ];
|
|
||||||
movetrack = [ "move" "m" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
enable = true;
|
|
||||||
instances = {
|
|
||||||
"jomble" = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.unstable.jmusicbot;
|
|
||||||
|
|
||||||
options = baseOptions // {
|
|
||||||
token = lib.removeSuffix "\n" (builtins.readFile /etc/jomble_token);
|
|
||||||
prefix = ";";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"jillo" = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.unstable.jmusicbot;
|
|
||||||
|
|
||||||
options = baseOptions // {
|
|
||||||
token = lib.removeSuffix "\n" (builtins.readFile /etc/jillo_token);
|
|
||||||
prefix = ":";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
security.doas = {
|
|
||||||
extraRules = [
|
|
||||||
{ users = [ "aether" ]; noPass = false; persist = true; keepEnv = true; }
|
|
||||||
{ users = [ "oatmealine" ]; noPass = true; persist = false; keepEnv = true; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
time.timeZone = "Europe/Amsterdam";
|
|
||||||
|
|
||||||
# If you uncomment this, I will uncomment the spores in your body
|
|
||||||
# mmm spores ymmnu.uyyy.., :)
|
|
||||||
networking.useDHCP = false;
|
|
||||||
|
|
||||||
networking = {
|
|
||||||
# for docs, start here
|
|
||||||
# https://nixos.org/manual/nixos/stable/options.html#opt-networking.enableB43Firmware
|
|
||||||
|
|
||||||
# temporarily disabled
|
|
||||||
enableIPv6 = false;
|
|
||||||
|
|
||||||
interfaces.eno1.ipv4.addresses = [
|
|
||||||
{ address = "51.89.98.8";
|
|
||||||
prefixLength = 24;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
defaultGateway = "51.89.98.254";
|
|
||||||
nameservers = [ "8.8.8.8" "1.1.1.1" ];
|
|
||||||
|
|
||||||
#interfaces.eno1.ipv6.addresses = [
|
|
||||||
# { address = "2001:41d0:0700:3308::";
|
|
||||||
# prefixLength = 64;
|
|
||||||
# }
|
|
||||||
#
|
|
||||||
# { address = "2001:41d0:0700:33ff::";
|
|
||||||
# prefixLength = 64;
|
|
||||||
# }
|
|
||||||
#];
|
|
||||||
|
|
||||||
#defaultGateway6 = {
|
|
||||||
# address = "2001:41d0:0700:33ff:00ff:00ff:00ff:00ff";
|
|
||||||
# address = "33ff::1";
|
|
||||||
# address = "2001::1";
|
|
||||||
# interface = "eno1";
|
|
||||||
#};
|
|
||||||
|
|
||||||
firewall.allowPing = true;
|
|
||||||
# minecraft proximity voice chat
|
|
||||||
firewall.allowedTCPPorts = [ 24454 25567 4499 21025 ];
|
|
||||||
firewall.allowedUDPPorts = [ 24454 25567 4499 21025 ];
|
|
||||||
};
|
|
||||||
|
|
||||||
# environment.etc."dhcpcd.duid".text = "d0:50:99:d4:04:68:d0:50:99:d4:04:68";
|
|
||||||
}
|
|
|
@ -1,59 +0,0 @@
|
||||||
{ config, lib, pkgs, inputs, modulesPath, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
(modulesPath + "/installer/scan/not-detected.nix")
|
|
||||||
];
|
|
||||||
|
|
||||||
boot = {
|
|
||||||
initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
|
|
||||||
initrd.kernelModules = [ ];
|
|
||||||
kernelPackages = pkgs.linuxPackages_hardened;
|
|
||||||
kernelModules = [ "kvm-intel" ];
|
|
||||||
loader = {
|
|
||||||
systemd-boot = {
|
|
||||||
enable = true;
|
|
||||||
configurationLimit = 10;
|
|
||||||
};
|
|
||||||
efi.canTouchEfiVariables = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
nix.settings.cores = 3;
|
|
||||||
nix.settings.max-jobs = 6;
|
|
||||||
|
|
||||||
# disabling this is what's considered a "Bad Idea"
|
|
||||||
# however it is required by packages/ghost.nix, which
|
|
||||||
# is borrowed from https://notes.abhinavsarkar.net/2022/ghost-on-nixos
|
|
||||||
#
|
|
||||||
# i don't know of a cleaner way to do this, and i
|
|
||||||
# don't want to deal with ghost any longer than i
|
|
||||||
# already have, so This Will Do
|
|
||||||
nix.settings.sandbox = false;
|
|
||||||
|
|
||||||
modules.hardware.fs = {
|
|
||||||
enable = true;
|
|
||||||
ssd.enable = true;
|
|
||||||
xfs.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems = {
|
|
||||||
"/" = {
|
|
||||||
device = "/dev/disk/by-uuid/819f03bb-73d2-4ae1-9fd2-01099e8efae6";
|
|
||||||
fsType = "xfs";
|
|
||||||
};
|
|
||||||
|
|
||||||
"/boot" = {
|
|
||||||
device = "/dev/disk/by-uuid/D018-F9AF";
|
|
||||||
fsType = "vfat";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices = [
|
|
||||||
{ device = "/dev/disk/by-uuid/01ba93e4-71e3-404d-9549-351e22130185"; }
|
|
||||||
{ device = "/dev/disk/by-uuid/dee63218-1666-4035-8d63-b9e0e0b2cd28"; }
|
|
||||||
];
|
|
||||||
|
|
||||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
|
||||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
|
||||||
}
|
|
|
@ -1,190 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
let
|
|
||||||
darkFirepitWhitelist = {
|
|
||||||
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
|
|
||||||
RustyMyHabibi = "e20305fa-a44c-44c9-b62e-6918e7c779d6";
|
|
||||||
Dj_Afganistan = "1f879917-1ad4-49c3-9908-90769ee73f85";
|
|
||||||
DumbDogDoodles = "d33e5e3b-85ab-4c93-a61b-605e2673fbe8";
|
|
||||||
SuneFoxie = "82e82ef9-ea17-4794-9051-928b5b8629c1";
|
|
||||||
FuzziestRedMoth = "21e1adf8-93f7-4173-a087-b3a9c02edec5";
|
|
||||||
hewoicvewse = "98e715cf-b1a4-4d50-9ed0-7d20fbdf240e";
|
|
||||||
numpad_7 = "44e6e6d7-770d-4afc-96b1-9999b61ced1d";
|
|
||||||
_Zydra = "0af7b31f-63a5-426d-8cee-6c54385856b6";
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
config = {
|
|
||||||
modules.services.minecraft = {
|
|
||||||
enable = true;
|
|
||||||
servers = {
|
|
||||||
"dark-firepit" = {
|
|
||||||
enable = false;
|
|
||||||
#autoStart = false;
|
|
||||||
openFirewall = true;
|
|
||||||
serverProperties = {
|
|
||||||
server-port = 25565;
|
|
||||||
gamemode = 0;
|
|
||||||
motd = "dark-firepit, 1.19.2 Fabric";
|
|
||||||
white-list = true;
|
|
||||||
max-players = 8;
|
|
||||||
allow-flight = true;
|
|
||||||
enable-command-block = true;
|
|
||||||
enforce-secure-profile = false;
|
|
||||||
level-type = "terra:overworld/overworld";
|
|
||||||
snooper-enabled = false;
|
|
||||||
spawn-protection = 0;
|
|
||||||
};
|
|
||||||
whitelist = darkFirepitWhitelist;
|
|
||||||
package = pkgs.minecraftServers.fabric-1_19_2;
|
|
||||||
jvmOpts = "-Xmx6G";
|
|
||||||
};
|
|
||||||
"gayrats" = let
|
|
||||||
packURL = "https://oat.zone/f/gayrats/pack.toml";
|
|
||||||
|
|
||||||
# https://git.sleeping.town/unascribed/unsup/releases
|
|
||||||
unsup = pkgs.fetchurl {
|
|
||||||
url = "https://git.sleeping.town/attachments/c521d178-8938-40a5-b21b-0333eef4099e";
|
|
||||||
sha256 = "c5bd49784392b651e4bc71fe57976f5b4fb14f09e0e23183ae5b94a821ae4756";
|
|
||||||
};
|
|
||||||
unsupIni = ''
|
|
||||||
version=1
|
|
||||||
preset=minecraft
|
|
||||||
|
|
||||||
source_format=packwiz
|
|
||||||
source=${packURL}
|
|
||||||
|
|
||||||
force_env=server
|
|
||||||
no_gui=true
|
|
||||||
'';
|
|
||||||
in {
|
|
||||||
enable = true;
|
|
||||||
autoStart = true;
|
|
||||||
openFirewall = true;
|
|
||||||
serverProperties = {
|
|
||||||
server-port = 25565;
|
|
||||||
gamemode = 0;
|
|
||||||
motd = "dark-firepit, 1.19.2 Fabric";
|
|
||||||
white-list = true;
|
|
||||||
max-players = 8;
|
|
||||||
allow-flight = true;
|
|
||||||
enable-command-block = true;
|
|
||||||
enforce-secure-profile = false;
|
|
||||||
snooper-enabled = false;
|
|
||||||
spawn-protection = 0;
|
|
||||||
};
|
|
||||||
symlinks = {
|
|
||||||
"unsup.ini" = pkgs.writeTextFile {
|
|
||||||
name = "unsup.ini";
|
|
||||||
text = unsupIni;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
whitelist = darkFirepitWhitelist;
|
|
||||||
package = pkgs.minecraftServers.fabric-1_19_2;
|
|
||||||
jvmOpts = "-Xmx6G -javaagent:${unsup}";
|
|
||||||
};
|
|
||||||
"n3ko-test" = {
|
|
||||||
enable = true;
|
|
||||||
autoStart = true;
|
|
||||||
openFirewall = true;
|
|
||||||
serverProperties = {
|
|
||||||
server-port = 25595;
|
|
||||||
gamemode = 1;
|
|
||||||
motd = "N3KO SMP Testing server";
|
|
||||||
white-list = true;
|
|
||||||
max-players = 8;
|
|
||||||
allow-flight = true;
|
|
||||||
enable-command-block = true;
|
|
||||||
enforce-secure-profile = false;
|
|
||||||
#level-type = "terra:overworld/overworld";
|
|
||||||
snooper-enabled = false;
|
|
||||||
spawn-protection = 0;
|
|
||||||
};
|
|
||||||
whitelist = {
|
|
||||||
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
|
|
||||||
Cardboxneko = "3d406152-008c-4ec9-bf49-44c883baca6d";
|
|
||||||
};
|
|
||||||
package = pkgs.fabricServers.fabric-1_18_2;
|
|
||||||
jvmOpts = "-Xmx4G";
|
|
||||||
};
|
|
||||||
"wafflecraft" = let
|
|
||||||
packURL = "https://oat.zone/f/wafflecraft/pack.toml";
|
|
||||||
|
|
||||||
# https://git.sleeping.town/unascribed/unsup/releases
|
|
||||||
unsup = pkgs.fetchurl {
|
|
||||||
url = "https://git.sleeping.town/attachments/c521d178-8938-40a5-b21b-0333eef4099e";
|
|
||||||
sha256 = "c5bd49784392b651e4bc71fe57976f5b4fb14f09e0e23183ae5b94a821ae4756";
|
|
||||||
};
|
|
||||||
unsupIni = ''
|
|
||||||
version=1
|
|
||||||
preset=minecraft
|
|
||||||
|
|
||||||
source_format=packwiz
|
|
||||||
source=${packURL}
|
|
||||||
|
|
||||||
force_env=server
|
|
||||||
no_gui=true
|
|
||||||
|
|
||||||
[flavors]
|
|
||||||
shaders=no_shaders
|
|
||||||
minimap=no_minimap
|
|
||||||
barrel_roll=no_barrel_roll
|
|
||||||
'';
|
|
||||||
in {
|
|
||||||
enable = true;
|
|
||||||
autoStart = true;
|
|
||||||
openFirewall = true;
|
|
||||||
serverProperties = {
|
|
||||||
server-port = 25535;
|
|
||||||
gamemode = "survival";
|
|
||||||
motd = "wafflecraft Real";
|
|
||||||
max-players = 32;
|
|
||||||
allow-flight = true;
|
|
||||||
enable-command-block = false;
|
|
||||||
enforce-secure-profile = false;
|
|
||||||
snooper-enabled = false;
|
|
||||||
spawn-protection = 0;
|
|
||||||
white-list = true;
|
|
||||||
view-distance = 16;
|
|
||||||
};
|
|
||||||
whitelist = {
|
|
||||||
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
|
|
||||||
plightshift = "de87f3e6-d44f-40af-8bff-48828694b616";
|
|
||||||
mangoafterdawn = "840ad485-1060-4bcf-8730-c552e5c8d62a";
|
|
||||||
drazilspirits = "1d912f45-978b-4edc-b026-26bd5ed6ce31";
|
|
||||||
segaskullll = "e6d510e6-a1d3-4801-8a5e-52d2c75b2446";
|
|
||||||
Tetaes = "4b149260-d56e-4835-b3f6-2dce173a92a5";
|
|
||||||
sorae_ = "9639d272-4c20-459d-adea-4aa89ee3cdc1";
|
|
||||||
GelloISMello = "a2883a99-fe5d-454d-98b9-d65e4cec7e7e";
|
|
||||||
Triplejy2k = "dced0fad-3802-4544-aaad-64d8fd12b1e8";
|
|
||||||
RAKKIIsan = "0706e583-82e3-478c-8769-1131fb9aef5d";
|
|
||||||
CyberBlue = "151bea19-3d16-45eb-8ae3-3057cde8e8f4";
|
|
||||||
numpad_7 = "44e6e6d7-770d-4afc-96b1-9999b61ced1d";
|
|
||||||
CERiNG = "8dd710ce-fd30-45a5-9252-739d3c03df19";
|
|
||||||
electr1ca = "c18dcc3b-6c11-42e9-b7d8-4b458ea7017d";
|
|
||||||
bigboyty69 = "ed735421-c22b-467a-9eac-5c08437ea3e8";
|
|
||||||
};
|
|
||||||
symlinks = {
|
|
||||||
"unsup.ini" = pkgs.writeTextFile {
|
|
||||||
name = "unsup.ini";
|
|
||||||
text = unsupIni;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
# this is UGLY as FUCK; but unfortunately https://github.com/Infinidoge/nix-minecraft/issues/15
|
|
||||||
package = pkgs.jdk17;
|
|
||||||
jvmOpts = "-Xmx6G -javaagent:${unsup} "
|
|
||||||
+ lib.replaceStrings ["\n"] [" "] (lib.readFile "/srv/minecraft/wafflecraft/libraries/net/minecraftforge/forge/1.18.2-40.2.1/unix_args.txt");
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.minecraft-server-dark-firepit.serviceConfig = {
|
|
||||||
# packwiz workaround
|
|
||||||
# https://github.com/Infinidoge/nix-minecraft/issues/12#issuecomment-1235999072
|
|
||||||
# TODO: this doesn't work!!! it just goes "error code 1" and refuses to elaborate
|
|
||||||
#ExecStartPre = [
|
|
||||||
# ''cd "/srv/minecraft/dark-firepit"; nix-shell -p adoptopenjdk-hotspot-bin-16 --run "java -jar /srv/minecraft/dark-firepit/packwiz-installer-bootstrap.jar -g 'https://dark-firepit.oat.zone/Fire Pit 1.19.2/pack.toml'"''
|
|
||||||
#];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,6 +0,0 @@
|
||||||
let
|
|
||||||
keys = import ../authorizedKeys.nix;
|
|
||||||
|
|
||||||
"subsurface.aether" = keys."aether@subsurface".ssh;
|
|
||||||
in
|
|
||||||
{}
|
|
|
@ -1,116 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
let
|
|
||||||
colors = builtins.fromJSON ''{
|
|
||||||
"white": "\u0080",
|
|
||||||
"purple": "\u0081",
|
|
||||||
"yellow": "\u0082",
|
|
||||||
"green": "\u0083",
|
|
||||||
"blue": "\u0084",
|
|
||||||
"red": "\u0085",
|
|
||||||
"gray": "\u0086",
|
|
||||||
"orange": "\u0087",
|
|
||||||
"cyan": "\u0088",
|
|
||||||
"lavender": "\u0089",
|
|
||||||
"gold": "\u008a",
|
|
||||||
"lime": "\u008b",
|
|
||||||
"steel": "\u008c",
|
|
||||||
"pink": "\u008d",
|
|
||||||
"brown": "\u008e",
|
|
||||||
"peach": "\u008f"
|
|
||||||
}'';
|
|
||||||
colorsLua = {
|
|
||||||
white = "\\128";
|
|
||||||
purple = "\\129";
|
|
||||||
yellow = "\\130";
|
|
||||||
green = "\\131";
|
|
||||||
blue = "\\132";
|
|
||||||
red = "\\133";
|
|
||||||
gray = "\\134";
|
|
||||||
orange = "\\135";
|
|
||||||
cyan = "\\136";
|
|
||||||
lavender = "\\137";
|
|
||||||
gold = "\\138";
|
|
||||||
lime = "\\139";
|
|
||||||
steel = "\\140";
|
|
||||||
pink = "\\141";
|
|
||||||
brown = "\\142";
|
|
||||||
peach = "\\143";
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
config = {
|
|
||||||
modules.services.srb2k = with lib; with builtins; let
|
|
||||||
addonDir = "/var/lib/srb2k/firepit/";
|
|
||||||
fileNames = attrNames (readDir (/. + addonDir));
|
|
||||||
addonFileNames = filter (n: hasSuffix ".lua" n || hasSuffix ".kart" n || hasSuffix ".pk3" n || hasSuffix ".wad" n) fileNames;
|
|
||||||
in {
|
|
||||||
enable = true;
|
|
||||||
advertise = true;
|
|
||||||
addons = map (n: "${addonDir}${n}") addonFileNames;
|
|
||||||
config = {
|
|
||||||
maxplayers = 16;
|
|
||||||
http_source = "https://yugoslavia.best/srb2kaddons/";
|
|
||||||
maxsend = "max";
|
|
||||||
servername = with colors; "${white}[${cyan}EU${white}] ${lime}yugoslavia.best";
|
|
||||||
server_contact = "oat.zone||home of bar";
|
|
||||||
};
|
|
||||||
serv = with colorsLua; ''
|
|
||||||
kmp_hardsneakers on
|
|
||||||
kmp_extendflashtics on
|
|
||||||
kmp_floatingitemfuse on
|
|
||||||
kmp_hyudoro on
|
|
||||||
kmp_haste on
|
|
||||||
kmp_respawnpoints on
|
|
||||||
kmp_battleaccel on
|
|
||||||
maxsend max
|
|
||||||
fr_enabled off
|
|
||||||
khaos enable off
|
|
||||||
|
|
||||||
wait 1
|
|
||||||
|
|
||||||
fd_finishkill off
|
|
||||||
fd_hitkill off
|
|
||||||
|
|
||||||
wait 1
|
|
||||||
|
|
||||||
nametag_star on
|
|
||||||
|
|
||||||
wait 1
|
|
||||||
|
|
||||||
hm_bail on
|
|
||||||
hm_timelimit 8
|
|
||||||
hm_motd on
|
|
||||||
hm_motd_nag on
|
|
||||||
hm_motd_name "${lime}yugoslavia.best"
|
|
||||||
hm_motd_tagline "home of bar"
|
|
||||||
hm_motd_contact "oat.zone"
|
|
||||||
hm_restat on
|
|
||||||
hm_restat_notify on
|
|
||||||
hm_votable exitlevel
|
|
||||||
hm_vote_timer 20
|
|
||||||
|
|
||||||
wait 1
|
|
||||||
|
|
||||||
hm_specbomb on
|
|
||||||
|
|
||||||
hm_scoreboard on
|
|
||||||
hm_scoreboard_humor on
|
|
||||||
wait 1
|
|
||||||
hm_scoreboard_addline "${lime}yugoslavia.best${white}: home of bar"
|
|
||||||
wait 1
|
|
||||||
hm_scoreboard_addline " hosted by ${lime}oat.zone"
|
|
||||||
wait 1
|
|
||||||
hm_scoreboard_addline "casual server, anything goes,"
|
|
||||||
hm_scoreboard_addline "feel free to suggest mods to"
|
|
||||||
wait 1
|
|
||||||
hm_scoreboard_addline "${pink}oatmealine#5397 ${white}/ ${pink}oatmealine@disroot.org"
|
|
||||||
//hm_scoreboard_addline "${white}80${purple}81${yellow}82${green}83${blue}84${red}85${gray}86${orange}87${cyan}88${lavender}89${gold}8a${lime}8b${steel}8c${pink}8d${brown}8e${peach}8f"
|
|
||||||
|
|
||||||
wait 1
|
|
||||||
|
|
||||||
hf_displaymode 3
|
|
||||||
''; #"
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,193 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
let
|
|
||||||
in {
|
|
||||||
config = {
|
|
||||||
modules = {
|
|
||||||
services = {
|
|
||||||
#nextcloud = {
|
|
||||||
# enable = true;
|
|
||||||
# domain = "nextcloud.dark-firepit.cloud";
|
|
||||||
# settings.app.federation = true;
|
|
||||||
#};
|
|
||||||
|
|
||||||
#writefreely = {
|
|
||||||
# enable = true;
|
|
||||||
# name = "Corruption Biome";
|
|
||||||
# domain = "blog.dark-firepit.cloud";
|
|
||||||
#};
|
|
||||||
|
|
||||||
forgejo = {
|
|
||||||
enable = true;
|
|
||||||
domain = "git.oat.zone";
|
|
||||||
port = 3000;
|
|
||||||
};
|
|
||||||
|
|
||||||
matrix.conduit = {
|
|
||||||
enable = false;
|
|
||||||
domain = "matrix.dark-firepit.cloud";
|
|
||||||
};
|
|
||||||
|
|
||||||
vaultwarden = {
|
|
||||||
enable = true;
|
|
||||||
domain = "vault.aether.gay";
|
|
||||||
};
|
|
||||||
|
|
||||||
# not entirely necessary but makes it so that invalid domains and/or direct ip access aborts connection
|
|
||||||
# prevents other domains from "stealing" content by settings their dns to our ip
|
|
||||||
# this has happened before by the way on the vps. i have no clue how or why
|
|
||||||
# update: also optimizes gzip and tls stuff
|
|
||||||
nginx-config = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
staticSites = {
|
|
||||||
"aether.gay".dataDir = "/var/www/aether.gay";
|
|
||||||
"dark-firepit.cloud".dataDir = "/var/www/dark-firepit.cloud";
|
|
||||||
#"dark-firepit.oat.zone".dataDir = "/var/www/dark-firepit.oat.zone";
|
|
||||||
"va11halla.oat.zone".dataDir = "/var/www/va11halla.oat.zone";
|
|
||||||
"giger.yugoslavia.fishing".dataDir = "/var/www/giger.yugoslavia.fishing";
|
|
||||||
"modfiles.oat.zone".dataDir = "/var/www/modfiles.oat.zone";
|
|
||||||
"shop.yugoslavia.best".dataDir = "/var/www/shop.yugoslavia.best";
|
|
||||||
"tesco-underground-dev.oat.zone".dataDir = "/var/www/tesco-underground-dev.oat.zone";
|
|
||||||
"tesco-underground-dev.oat.zone".auth = { tesco = builtins.readFile /etc/tesco; };
|
|
||||||
"oat.zone".dataDir = "/var/www/oat.zone";
|
|
||||||
"oat.zone".php = true;
|
|
||||||
"yugoslavia.fishing".dataDir = "/var/www/yugoslavia.fishing";
|
|
||||||
"yugoslavia.fishing".php = true;
|
|
||||||
"educationmath.oat.zone".dataDir = "/var/www/proxy.oat.zone";
|
|
||||||
"educationmath.oat.zone".php = true;
|
|
||||||
"educationmath.oat.zone".auth = { twh = builtins.readFile /etc/proxy_twh; };
|
|
||||||
"rivervalleychocolate.com".dataDir = "/var/www/rivervalleychocolate.com";
|
|
||||||
"rivervalleychocolate.com".php = true;
|
|
||||||
"tac.yugoslavia.best".dataDir = "/var/www/tac.yugoslavia.best/public";
|
|
||||||
"tac.yugoslavia.best".php = true;
|
|
||||||
"tac.yugoslavia.best".phpHandlePathing = true;
|
|
||||||
"pjsk.oat.zone".dataDir = "/var/www/pjsk.oat.zone";
|
|
||||||
"mayf.pink".dataDir = "/var/www/mayf.pink";
|
|
||||||
"mayf.pink".php = true;
|
|
||||||
"mayf.pink".phpHandlePathing = true;
|
|
||||||
"mayf.pink".forceSSL = false;
|
|
||||||
"wint0r.zone".dataDir = "/var/www/wint0r.zone";
|
|
||||||
"puzzle.wint0r.zone".dataDir = "/var/www/puzzle.wint0r.zone";
|
|
||||||
};
|
|
||||||
|
|
||||||
nitter = {
|
|
||||||
enable = true;
|
|
||||||
lightweight = false; # enable if shit gets wild; check config for more info
|
|
||||||
port = 3005;
|
|
||||||
domain = "nitter.oat.zone";
|
|
||||||
};
|
|
||||||
|
|
||||||
libreddit = {
|
|
||||||
enable = true;
|
|
||||||
domain = "libreddit.oat.zone";
|
|
||||||
port = 1950;
|
|
||||||
};
|
|
||||||
|
|
||||||
#watch-party = {
|
|
||||||
# enable = true;
|
|
||||||
# port = 1984;
|
|
||||||
#};
|
|
||||||
|
|
||||||
matomo = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
code-server = {
|
|
||||||
enable = true;
|
|
||||||
domain = "dev-firepit.oat.zone";
|
|
||||||
port = 4444;
|
|
||||||
};
|
|
||||||
|
|
||||||
ghost = {
|
|
||||||
enable = true;
|
|
||||||
domain = "blog.oat.zone";
|
|
||||||
port = 1357;
|
|
||||||
};
|
|
||||||
|
|
||||||
isso = {
|
|
||||||
enable = true;
|
|
||||||
port = 1995;
|
|
||||||
domain = "comments.oat.zone";
|
|
||||||
target = "blog.oat.zone";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services = {
|
|
||||||
nginx.virtualHosts = {
|
|
||||||
"oat.zone" = {
|
|
||||||
locations."/f/".extraConfig = ''
|
|
||||||
add_header Access-Control-Allow-Origin "*";
|
|
||||||
'';
|
|
||||||
extraConfig = ''
|
|
||||||
error_page 404 /404.html;
|
|
||||||
error_page 403 /403.html;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
# todo: move to flake
|
|
||||||
"gdpstest.oat.zone" = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = false;
|
|
||||||
addSSL = true;
|
|
||||||
locations."/" = {
|
|
||||||
proxyPass = "http://127.0.0.1:1982/";
|
|
||||||
};
|
|
||||||
extraConfig = ''
|
|
||||||
client_max_body_size 500M;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
# todo: move to flake
|
|
||||||
"gdicon.oat.zone" = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
locations."/" = {
|
|
||||||
proxyPass = "http://127.0.0.1:3436/";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# https://www.edwinwenink.xyz/posts/47-tilde_server/
|
|
||||||
# todo: fix this
|
|
||||||
"dark-firepit.cloud" = {
|
|
||||||
locations."~ ^/~([^/\\s]+?)(/[^\\s]*)?$".extraConfig = ''
|
|
||||||
add_header X-debug-message "/home/$1/www$2" always;
|
|
||||||
alias /home/$1/www$2;
|
|
||||||
index index.html index.htm;
|
|
||||||
autoindex on;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
"nitter.oat.zone" = {
|
|
||||||
locations."/".extraConfig = ''
|
|
||||||
if ($http_user_agent = 'Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)') {
|
|
||||||
return 302 $scheme://fxtwitter.com$request_uri;
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
"libreddit.oat.zone" = {
|
|
||||||
locations."/".extraConfig = ''
|
|
||||||
if ($http_user_agent = 'Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)') {
|
|
||||||
return 302 $scheme://proxy.knotty.dev$request_uri;
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
#"git.oat.zone" = {
|
|
||||||
# forceSSL = true;
|
|
||||||
# enableACME = true;
|
|
||||||
# root = "/var/www/temporarily-down";
|
|
||||||
# extraConfig = ''
|
|
||||||
# error_page 503 /index.html;
|
|
||||||
# '';
|
|
||||||
# locations."/".extraConfig = ''
|
|
||||||
# return 503;
|
|
||||||
# try_files /index.html =404;
|
|
||||||
# '';
|
|
||||||
#};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,22 +0,0 @@
|
||||||
{ lib, pkgs, config, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
let
|
|
||||||
peerKeys = import ./authorizedKeys.nix;
|
|
||||||
wgKeys = filter (hasAttr "wg") peerKeys;
|
|
||||||
in {
|
|
||||||
ips = [ "10.100.0.1/24" ];
|
|
||||||
|
|
||||||
privateKeyFile = "/etc/wg0.keys/wg0";
|
|
||||||
|
|
||||||
listenPort = 51820;
|
|
||||||
|
|
||||||
peers = genList (n:
|
|
||||||
let
|
|
||||||
keychain = elemAt wgKeys n;
|
|
||||||
ip = "10.100.0.${toString (n+2)}/32";
|
|
||||||
in {
|
|
||||||
publicKey = trace "${keychain.hostname}: ${ip}" keychain.wg;
|
|
||||||
allowedIPs = [ ip ];
|
|
||||||
}) (length wgKeys);
|
|
||||||
}
|
|
|
@ -1,131 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
let
|
|
||||||
domain = "yugoslavia.best";
|
|
||||||
root = "/var/www/${domain}";
|
|
||||||
in {
|
|
||||||
config = {
|
|
||||||
modules.services.staticSites.${domain} = {
|
|
||||||
dataDir = root;
|
|
||||||
php = true;
|
|
||||||
forceSSL = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
services = {
|
|
||||||
nginx.virtualHosts.${domain} = {
|
|
||||||
locations."/" = {
|
|
||||||
extraConfig = ''
|
|
||||||
error_page 404 /error.php;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."= /brackets2.html" = {
|
|
||||||
extraConfig = ''
|
|
||||||
return 451;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."/modding-txts/" = {
|
|
||||||
extraConfig = ''
|
|
||||||
autoindex on;
|
|
||||||
sub_filter </head>
|
|
||||||
'<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300italic,700,700italic"><link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.css"><link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/milligram/1.4.1/milligram.css"><style>body {background: #34373c;border-bottom: 0.1rem solid #1b1c1d;padding:20px;} .header {background-color: #141518;} pre {background: #141518;} .prettyprint {color: #f2f2f2;} .prettyprint.lang-md * {color: #f2f2f2 !important;} code {background: #141518;} .prettyprint .atv { color: rgba(73, 158, 223, 1);} .poop {display: flex; width: 100%; flex-direction: row; justify-content: space-between}</style><!-- Matomo --><script>var _paq = window._paq = window._paq || [];/* tracker methods like "setCustomDimension" should be called before "trackPageView" */_paq.push(["trackPageView"]);_paq.push(["enableLinkTracking"]);(function() {var u="//analytics.oat.zone/";_paq.push(["setTrackerUrl", u+"matomo.php"]);_paq.push(["setSiteId", "2"]);var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0];g.async=true; g.src=u+"matomo.js"; s.parentNode.insertBefore(g,s);})();</script><!-- End Matomo Code --></head>';
|
|
||||||
sub_filter <pre> ' ';
|
|
||||||
sub_filter </pre> ' ';
|
|
||||||
sub_filter '<a ' '</span><span class="poop"><a ';
|
|
||||||
sub_filter '</a>' '</a>';
|
|
||||||
sub_filter '<body bgcolor="white">' '<body><div class="container box" style="margin:5rem auto; padding:4rem">';
|
|
||||||
sub_filter </body> '</div></body>';
|
|
||||||
sub_filter <hr> '</span><hr>';
|
|
||||||
sub_filter_once off;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."/srb2kaddons/" = {
|
|
||||||
extraConfig = ''
|
|
||||||
autoindex on;
|
|
||||||
alias /var/lib/srb2k/firepit/;
|
|
||||||
sub_filter </head>
|
|
||||||
'<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300italic,700,700italic"><link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.css"><link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/milligram/1.4.1/milligram.css"><style>body {background: #34373c;border-bottom: 0.1rem solid #1b1c1d;padding:20px;} .header {background-color: #141518;} pre {background: #141518;} .prettyprint {color: #f2f2f2;} .prettyprint.lang-md * {color: #f2f2f2 !important;} code {background: #141518;} .prettyprint .atv { color: rgba(73, 158, 223, 1);} .poop {display: flex; width: 100%; flex-direction: row; justify-content: space-between}</style><!-- Matomo --><script>var _paq = window._paq = window._paq || [];/* tracker methods like "setCustomDimension" should be called before "trackPageView" */_paq.push(["trackPageView"]);_paq.push(["enableLinkTracking"]);(function() {var u="//analytics.oat.zone/";_paq.push(["setTrackerUrl", u+"matomo.php"]);_paq.push(["setSiteId", "2"]);var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0];g.async=true; g.src=u+"matomo.js"; s.parentNode.insertBefore(g,s);})();</script><!-- End Matomo Code --></head>';
|
|
||||||
sub_filter <pre> ' ';
|
|
||||||
sub_filter </pre> ' ';
|
|
||||||
sub_filter '<a ' '</span><span class="poop"><a ';
|
|
||||||
sub_filter '</a>' '</a>';
|
|
||||||
sub_filter '<body bgcolor="white">' '<body><div class="container box" style="margin:5rem auto; padding:4rem">';
|
|
||||||
sub_filter </body> '</div></body>';
|
|
||||||
sub_filter <hr> '</span><hr>';
|
|
||||||
sub_filter_once off;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."/__special" = {
|
|
||||||
extraConfig = ''
|
|
||||||
internal;
|
|
||||||
allow all;
|
|
||||||
root ${root}/nginx/html/__special;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."= /__md_file" = {
|
|
||||||
extraConfig = ''
|
|
||||||
internal;
|
|
||||||
allow all;
|
|
||||||
|
|
||||||
add_header 'Vary' 'Accept';
|
|
||||||
|
|
||||||
# redefining
|
|
||||||
add_header Strict-Transport-Security $hsts_header;
|
|
||||||
add_header Referrer-Policy origin-when-cross-origin;
|
|
||||||
add_header X-Content-Type-Options nosniff;
|
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
|
||||||
|
|
||||||
sub_filter </head>
|
|
||||||
'<title>$request_filename - yugoslavia.best</title><meta name="description" content="$request_filename - Modding TXTs"><meta name="og:title" content="$request_filename"><meta property="og:type" content="article"><meta property="og:site_name" content="yugoslavia.best"></head>';
|
|
||||||
sub_filter_once on;
|
|
||||||
|
|
||||||
default_type text/html;
|
|
||||||
alias ${root}/nginx/html/__special/md-renderer.html;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."~* \\.md" = {
|
|
||||||
extraConfig = ''
|
|
||||||
error_page 418 = /__md_file;
|
|
||||||
|
|
||||||
add_header 'Vary' 'Accept';
|
|
||||||
|
|
||||||
# redefining
|
|
||||||
add_header Strict-Transport-Security $hsts_header;
|
|
||||||
add_header Referrer-Policy origin-when-cross-origin;
|
|
||||||
add_header X-Content-Type-Options nosniff;
|
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
|
||||||
|
|
||||||
if (!-f $request_filename) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
# if no "text/markdown" in "accept" header:
|
|
||||||
# redirect to /__md_file to serve html renderer
|
|
||||||
if ($http_accept !~* "text/markdown") {
|
|
||||||
return 418;
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
extraConfig = ''
|
|
||||||
types {
|
|
||||||
text/plain md;
|
|
||||||
text/html html;
|
|
||||||
text/plain txt;
|
|
||||||
text/css css;
|
|
||||||
application/javascript js;
|
|
||||||
image/x-icon ico;
|
|
||||||
image/png png;
|
|
||||||
image/gif gif;
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -233,7 +233,7 @@ in {
|
||||||
# https://nixos.org/manual/nixos/stable/options.html#opt-networking.enableB43Firmware
|
# https://nixos.org/manual/nixos/stable/options.html#opt-networking.enableB43Firmware
|
||||||
|
|
||||||
# temporarily disabled
|
# temporarily disabled
|
||||||
enableIPv6 = true;
|
enableIPv6 = false;
|
||||||
|
|
||||||
usePredictableInterfaceNames = false;
|
usePredictableInterfaceNames = false;
|
||||||
interfaces.eth0.ipv4.addresses = [
|
interfaces.eth0.ipv4.addresses = [
|
||||||
|
|
|
@ -22,15 +22,12 @@ in {
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
permitRootLogin = "no";
|
|
||||||
passwordAuthentication = cfg.requirePassword;
|
|
||||||
/*
|
|
||||||
settings = {
|
settings = {
|
||||||
PasswordAuthentication = cfg.requirePassword;
|
PasswordAuthentication = cfg.requirePassword;
|
||||||
PermitRootLogin = "no";
|
PermitRootLogin = "no";
|
||||||
};
|
};
|
||||||
*/
|
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.gnupg.agent = {
|
programs.gnupg.agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableSSHSupport = true;
|
enableSSHSupport = true;
|
||||||
|
|
Loading…
Reference in New Issue