Compare commits

..

4 Commits

Author SHA1 Message Date
Jill a6d0cd6e62 fix gitea deprecation warnings 2023-01-19 00:25:07 +01:00
Jill 7331092d87 partially update flake
nixpkgs has been left untouched because of this error:
error: Package ‘nix-linter-0.2.0.4’ in /nix/store/lzgxbh8c61phbh074y2707l2yw6vvaa1-source/pkgs/development/tools/analysis/nix-linter/default.nix:23 is marked as broken, refusing to evaluate.

additionally, nixpkgs-master has been removed - there was no real use for it
2023-01-19 00:21:18 +01:00
Jill 021fab40f7 we all communally keep forgetting to commit things arghhrg 2023-01-19 00:11:01 +01:00
Jill 389bf9c1fc domain name change cleanup 2022-11-20 04:56:13 +01:00
14 changed files with 389 additions and 94 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
result
result-*

View File

@ -9,7 +9,7 @@ DEFAULT_BRANCH = "main"
[ui]
DEFAULT_THEME = "arc-pink"
THEMES="auto,gitea,arc-green,arc-pink,arc-pink-modern,darkred,gitea-blue,gitea-modern,github"
CUSTOM_EMOJIS = "blurry_eyes,whenyoubigshit,he,ancapistanian,oralpleasure,horny,acab,tastymilk,gluttony,soul_of_fright,soul_of_night,soul_of_might,soul_of_blight,michael,bottom,spongesad,scripulous_fingore_point,scripulous_fingore,Tainted_John_F_Kennedy,John_F_Kennedy_Tainted,John_F_Kennedy,plumspin,despair,ihaveyourip,rusty50,entropy,peeeh,penis,gloopy,twister,stupib,speed,deadchat,cock,housj,dothejej,b_,trollgecommence,handsl,handsr,face,aiki,nervous,coffee,the_cowboy,dilf,child,closer,feddynite,orang,feddy_glamcock,elonmusk,slugclose,zonkerdoodle,pls,x3,slugloafspin,observer,pickle,zamiel_approves,ohgod,hapykity,i_see_chicory,i_see_pizza,cutely_blushes,gamer_boi,eeeeeeeeee,babytime,sleeby"
CUSTOM_EMOJIS = "blurry_eyes,horny,acab,tastymilk,gluttony,soul_of_fright,soul_of_night,soul_of_blight,bottom,spongesad,Tainted_John_F_Kennedy,John_F_Kennedy_Tainted,John_F_Kennedy,plumspin,despair,ihaveyourip,peeeh,penis,twister,speed,deadchat,housj,dothejej,b_,trollgecommence,nervous,coffee,dilf,closer,slugclose,pls,x3,observer,zamiel_approves,i_see_pizza,cutely_blushes,babytime,sleeby,zonkerdoodle,whenyoubigshit,the_cowboy,stupib,soul_of_might,scripulous_fingore_point,scripulous_fingore,rusty50,pickle,orang,oralpleasure,ohgod,michael,i_see_chicory,he,hapykity,handsr,handsl,slugloafspin,gamer_boi,feddynite,cock,feddy_glamcock,face,entropy,elonmusk,eeeeeeeeee,child,ancapistanian,aiki,gloopy,lamb,YOU,slightYOU,citat,ionn,eede,ed,blank,michael,BABAXD,BABA,EyesPepe,spamdance,pickledance,BABA_IS_OO,wieldr,wieldl,cinnamon,jillo,she,hydrogenperoxide,ObedientCitizen,misinformation,maenod,Snowsgiving22_AnimatedEmojis_mal"
[mailer]
ENABLED = false
@ -24,6 +24,7 @@ DEFAULT_KEEP_EMAIL_PRIVATE = true
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = "noreply.oat.zone"
DISABLE_REGISTRATION = true
[picture]
DISABLE_GRAVATAR = false
@ -34,7 +35,8 @@ ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false
[session]
PROVIDER = "file"
PROVIDER = "file"
COOKIE_SECURE = true
[other]
SHOW_FOOTER_BRANDING = true

View File

@ -7,11 +7,11 @@
]
},
"locked": {
"lastModified": 1665870395,
"narHash": "sha256-Tsbqb27LDNxOoPLh0gw2hIb6L/6Ow/6lIBvqcHzEKBI=",
"lastModified": 1673301561,
"narHash": "sha256-gRUWHbBAtMuPDJQXotoI8u6+3DGBIUZHkyQWpIv7WpM=",
"owner": "ryantm",
"repo": "agenix",
"rev": "a630400067c6d03c9b3e0455347dc8559db14288",
"rev": "42d371d861a227149dc9a7e03350c9ab8b8ddd68",
"type": "github"
},
"original": {
@ -28,11 +28,11 @@
]
},
"locked": {
"lastModified": 1666527089,
"narHash": "sha256-FDcMUWaL9XmZKGT+cLTH07sSxm14BJ4+49AYFTpITNI=",
"lastModified": 1674061743,
"narHash": "sha256-4xz24XJlAqRRjN2+HFUeaJn7CPqpO8N/TQLNinLLv7c=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "92c3c295daea9e71578b2e4f0cbe9906013c1adc",
"rev": "c02cfe11649018c3e31c8c4a4d91233b1e62d487",
"type": "github"
},
"original": {
@ -43,11 +43,11 @@
},
"flake-utils": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
@ -73,11 +73,11 @@
},
"flake-utils_3": {
"locked": {
"lastModified": 1656928814,
"narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=",
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
@ -123,11 +123,11 @@
]
},
"locked": {
"lastModified": 1665996265,
"narHash": "sha256-/k9og6LDBQwT+f/tJ5ClcWiUl8kCX5m6ognhsAxOiCY=",
"lastModified": 1667907331,
"narHash": "sha256-bHkAwkYlBjkupPUFcQjimNS8gxWSWjOTevEuwdnp5m0=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "b81e128fc053ab3159d7b464d9b7dedc9d6a6891",
"rev": "6639e3a837fc5deb6f99554072789724997bc8e5",
"type": "github"
},
"original": {
@ -139,17 +139,19 @@
},
"hyprland": {
"inputs": {
"hyprland-protocols": "hyprland-protocols",
"nixpkgs": [
"nixpkgs"
],
"wlroots": "wlroots"
"wlroots": "wlroots",
"xdph": "xdph"
},
"locked": {
"lastModified": 1667561425,
"narHash": "sha256-StR+7yu1cj72OOPSAYbfWNKkBHTXRsbp743H3k3qm1Y=",
"lastModified": 1674054764,
"narHash": "sha256-00cRYxCYmZvncLyCsVYrhQsCzFnjkZi+23TC2FpQU/U=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "34ad837fd93a55c2a234381c9077fba1c2fd154c",
"rev": "428063ff2304962387803fd59e5da8b9b82710cc",
"type": "github"
},
"original": {
@ -158,6 +160,27 @@
"type": "github"
}
},
"hyprland-protocols": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
]
},
"locked": {
"lastModified": 1671839510,
"narHash": "sha256-+PY1qqJfmZzzROgcIY4I7AkCwpnC+qBIYk2eFoA9RWc=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "b8f55e02a328c47ed373133c52483bbfa20a1b75",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-protocols",
"type": "github"
}
},
"hyprpaper": {
"inputs": {
"nixpkgs": [
@ -165,11 +188,11 @@
]
},
"locked": {
"lastModified": 1667775402,
"narHash": "sha256-+k/21qDW+RKBKFKkjRmntWemJR8/5bZyyoDTKr/emCU=",
"lastModified": 1673799209,
"narHash": "sha256-GMRM1IyIuDEzjEw5E4zWI/TCg3zWs65v86NuR+BAtW0=",
"owner": "hyprwm",
"repo": "hyprpaper",
"rev": "6d3a15f33cedaa8f01b0f96c8d2a1f8de24bbb33",
"rev": "f77a664e9d168fb7b332ede9db4a3e35a46dd6c5",
"type": "github"
},
"original": {
@ -185,11 +208,11 @@
]
},
"locked": {
"lastModified": 1666947305,
"narHash": "sha256-jgiDWLwCf6PQhXLUtSk4btaS/jZwJed2XLnlA51ANQk=",
"lastModified": 1673270158,
"narHash": "sha256-22VKnL4PT3CSy0IErOkL1U85jq8sXmI7VPhcPtRYSko=",
"owner": "hyprwm",
"repo": "hyprpicker",
"rev": "06be1c9348fdf8ff58fd05f54b62bdd73544db6a",
"rev": "fe4535a27389624445b96450a7c338136c619c95",
"type": "github"
},
"original": {
@ -204,11 +227,8 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1666029887,
"narHash": "sha256-QtyGcQ9DFUqXRe5x/BEV4QQQoSaoSfmcW8dHP7CkTgY=",
"ref": "main",
"rev": "72f30e2b8e007751731f8f1dd979f4f2e3ef8f8b",
"revCount": 27,
"lastModified": 1669389833,
"narHash": "sha256-khId6aJCxyeR6jWNNywAqJ+eEoZXSZciH8kkSYG5Jf8=",
"type": "git",
"url": "file:///home/oatmealine/jillo"
},
@ -246,11 +266,11 @@
]
},
"locked": {
"lastModified": 1666188576,
"narHash": "sha256-cBsCLCxT3V6wo3lJcRZSF4cngXm2VQNKzmr5EbndJrg=",
"lastModified": 1674006232,
"narHash": "sha256-RRfRRO3D/ezYzeGiu75moIDNm4ba2ZE3XSAIrbLuWVQ=",
"owner": "Infinidoge",
"repo": "nix-minecraft",
"rev": "75ac91689d19bb4944f4794082d7f13ad99ef40a",
"rev": "a2396d8c4c65ed5b41e7198cbf66a9de10573ccb",
"type": "github"
},
"original": {
@ -261,11 +281,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1665987993,
"narHash": "sha256-MvlaIYTRiqefG4dzI5p6vVCfl+9V8A1cPniUjcn6Ngc=",
"lastModified": 1673803274,
"narHash": "sha256-zaJDlHFXewT4KUsidMpRcPE+REymGH1Y3Eoc3Pjv4Xs=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "0e6593630071440eb89cd97a52921497482b22c6",
"rev": "7bd6b87b3712e68007823e8dd5c37ee9b114fee3",
"type": "github"
},
"original": {
@ -290,29 +310,13 @@
"type": "github"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1666203765,
"narHash": "sha256-r/wcNaof81uEkd9cx3ijSNMzg84NdT2FI/SI6o+jARk=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2df2b52806129828a1dafaa093027f10817e5b3b",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1666109165,
"narHash": "sha256-BMLyNVkr0oONuq3lKlFCRVuYqF75CO68Z8EoCh81Zdk=",
"lastModified": 1670064435,
"narHash": "sha256-+ELoY30UN+Pl3Yn7RWRPabykwebsVK/kYE9JsIsUMxQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "32096899af23d49010bd8cf6a91695888d9d9e73",
"rev": "61a8a98e6d557e6dd7ed0cdb54c3a3e3bbc5e25c",
"type": "github"
},
"original": {
@ -339,16 +343,16 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1666164185,
"narHash": "sha256-5v+YB4ijeUfg5LCz9ck4gIpCPhIS+qn02OyPJO48bCE=",
"lastModified": 1670064435,
"narHash": "sha256-+ELoY30UN+Pl3Yn7RWRPabykwebsVK/kYE9JsIsUMxQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c5203abb1329f7ea084c04acda330ca75d5b9fb5",
"rev": "61a8a98e6d557e6dd7ed0cdb54c3a3e3bbc5e25c",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.05",
"ref": "nixos-unstable",
"type": "indirect"
}
},
@ -429,7 +433,6 @@
"nix-minecraft": "nix-minecraft",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-unstable": "nixpkgs-unstable",
"watch-party": "watch-party"
}
@ -474,11 +477,11 @@
"flake": false,
"locked": {
"host": "gitlab.freedesktop.org",
"lastModified": 1666466001,
"narHash": "sha256-ZjxAnqtcGmHQHKL1Z9sIraDnzIqrJleWcJXfPtzAm74=",
"lastModified": 1672824257,
"narHash": "sha256-SbYoZj57VlopTzI+OSW9jlgYxN1gI1KLg/s/HV+87eE=",
"owner": "wlroots",
"repo": "wlroots",
"rev": "c2d2773df57750081b16d56da13b5015d752cbd7",
"rev": "5f264a7d6c8af27d41ff440c05262b022c055593",
"type": "gitlab"
},
"original": {
@ -487,6 +490,31 @@
"repo": "wlroots",
"type": "gitlab"
}
},
"xdph": {
"inputs": {
"hyprland-protocols": [
"hyprland",
"hyprland-protocols"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
]
},
"locked": {
"lastModified": 1673116118,
"narHash": "sha256-eR0yDSkR2XYMesfdRWJs25kAdXET2mbNNHu5t+KUcKA=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "d479c846531fd0e1d2357c9588b8310a2b859ef2",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"type": "github"
}
}
},
"root": "root",

View File

@ -2,14 +2,13 @@
description = "Frosted Flakes";
inputs = {
nixpkgs.url = "nixpkgs/nixos-22.05";
# temporary gitea workaround
#nixpkgs.url = "nixpkgs/nixos-22.05";
nixpkgs.url = "nixpkgs/nixos-unstable";
# WARNING: Where possible, prefer the stable branch of nixpkgs as nixpkgs-unstable may have incompatable or vulnerable software.
nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
# WARNING: The master branch of nixpkgs is unsafe to use and software may break or contain various security vulnerabilities. Use at your own discretion.
nixpkgs-master.url = "github:nixos/nixpkgs/master";
home-manager.url = "github:nix-community/home-manager/release-22.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
@ -53,7 +52,7 @@
};
};
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nix-minecraft, hyprland, hyprpaper, hyprpicker, ... }:
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, nix-minecraft, hyprland, hyprpaper, hyprpicker, ... }:
let
system = "x86_64-linux";
@ -72,10 +71,11 @@
overlay = final: prev: {
_ = self.packages."${system}";
unstable = mkPkgs nixpkgs-unstable [];
master = mkPkgs nixpkgs-master [];
};
overlays = mapModules ./overlays import;
nixosModules = mapModulesRec ./modules import;
nixosModules = (mapModulesRec ./modules import) ++ [
hyprland.nixosModules.default
];
nixosConfigurations = mapModules ./hosts (host: mkHost host { inherit system; });
devShell."${system}" = import ./shell.nix { inherit pkgs; };
};

View File

@ -26,4 +26,8 @@
hostname = "lilith@bms-cab";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFb9uVy1x4XaO1uFOQBuERy6xw8cf7Dh24UT0jJs7g3z lilith@bms-cab";
}
{
hostname = "swag@BMW-M550d-xDrive"; # mayflower 2
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC1fJn2ZY9fhBr4E1Gc91uRWS5r+EZ4OHy3RmuAjx7kr swag@BMW-M550d-xDrive";
}
]

View File

@ -30,7 +30,7 @@ in {
# aether??? is that... reference.../.??? aether https://www.curseforge.com/minecraft/mc-mods/aether mod Curseforge minecraft Forge Patreon Chat twitter code license Assets license All rights reserved categories Last Updated apr 17 2021 Game Version 1.12.2 aether
aether = {
conf = {
packages = with pkgs; [ bat duf broot nftables tmux bottom ];
packages = with pkgs; [ bat duf broot nftables tmux bottom writefreely ];
shell = pkgs.unstable.fish;
extraGroups = [ "wheel" "nix-users" "dotfiles" ];
initialHashedPassword = "!";
@ -77,6 +77,7 @@ in {
initialHashedPassword = "!";
openssh.authorizedKeys.keys = fetchSSHKeys [
"mayflower@BMW-M550d-xDrive"
"swag@BMW-M550d-xDrive"
];
};
@ -132,10 +133,17 @@ in {
postgres.enable = true;
nextcloud = {
enable = true;
domain = "nextcloud.dark-firepit.cloud";
};
#nextcloud = {
# enable = true;
# domain = "nextcloud.dark-firepit.cloud";
# settings.app.federation = true;
#};
#writefreely = {
# enable = true;
# name = "Corruption Biome";
# domain = "blog.dark-firepit.cloud";
#};
gitea = {
enable = true;
@ -288,6 +296,30 @@ in {
package = pkgs.minecraftServers.fabric-1_19_2;
jvmOpts = "-Xmx6G";
};
"n3ko-test" = {
enable = true;
autoStart = true;
openFirewall = true;
serverProperties = {
server-port = 25595;
gamemode = 1;
motd = "N3KO SMP Testing server";
white-list = true;
max-players = 8;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
#level-type = "terra:overworld/overworld";
snooper-enabled = false;
spawn-protection = 0;
};
whitelist = {
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
Cardboxneko = "3d406152-008c-4ec9-bf49-44c883baca6d";
};
package = pkgs.fabricServers.fabric-1_18_2;
jvmOpts = "-Xmx4G";
};
"gbj" = {
enable = true;
autoStart = true;
@ -321,6 +353,8 @@ in {
JDavisBro = "e8529c4b-701e-46c5-a8d7-0dfb0e0b642d";
Ironic_queen = "443fe20d-77e0-4a4a-8bb7-a4b9ad654550";
azurehaiku = "fd7aba33-4307-4eba-aa63-70bc3e38a2d7";
TryHardGamerTV = "8273b84d-a687-49fb-98de-a3e626e26c3b";
"_AtlasFox_" = "0ce1bbe0-ea57-463c-8df3-4c046dc6eff2";
};
package = pkgs.minecraftServers.fabric-1_19_2;
jvmOpts = "-Xmx4G";
@ -389,6 +423,7 @@ in {
"mayf.pink".php = true;
"mayf.pink".phpHandlePathing = true;
"wint0r.zone".dataDir = "/var/www/wint0r.zone";
"puzzle.wint0r.zone".dataDir = "/var/www/puzzle.wint0r.zone";
};
nitter = {
@ -439,8 +474,28 @@ in {
'';
};
services.nginx.virtualHosts."gdpstest.oat.zone" = {
enableACME = true;
forceSSL = false;
addSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:1982/";
};
extraConfig = ''
client_max_body_size 500M;
'';
};
services.nginx.virtualHosts."gdicon.oat.zone" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:3436/";
};
};
# https://www.edwinwenink.xyz/posts/47-tilde_server/
services.nginx.virtualHosts."dark-firepit.dev" = {
services.nginx.virtualHosts."dark-firepit.cloud" = {
locations."~ ^/~([^/\\s]+?)(/[^\\s]*)?$".extraConfig = ''
add_header X-debug-message "/home/$1/www$2" always;
alias /home/$1/www$2;
@ -457,6 +512,20 @@ in {
'';
};
# temporary
#services.nginx.virtualHosts."git.oat.zone" = {
# forceSSL = true;
# enableACME = true;
# root = "/var/www/temporarily-down";
# extraConfig = ''
# error_page 503 /index.html;
# '';
# locations."/".extraConfig = ''
# return 503;
# try_files /index.html =404;
# '';
#};
security.doas = {
extraRules = [
{ users = [ "aether" ]; noPass = false; persist = true; keepEnv = true; }

View File

@ -9,6 +9,7 @@ in {
modules.services.staticSites.${domain} = {
dataDir = root;
php = true;
forceSSL = false;
};
services = {
@ -19,6 +20,12 @@ in {
'';
};
locations."= /brackets2.html" = {
extraConfig = ''
return 451;
'';
};
locations."/modding-txts/" = {
extraConfig = ''
autoindex on;

View File

@ -17,6 +17,19 @@ in {
#};
# this was failing to build so i removed it. sorry!!!!!!
# -oat
# look outside your window!!!
# -aether
# ok done (i removed it again)
# -oat
user.packages = with pkgs; [
grim
slurp
wl-clipboard
brightnessctl
gammastep
wdisplays
];
home._.wayland.windowManager.hyprland = {
enable = true;

View File

@ -23,13 +23,11 @@ in {
services = {
gitea = {
enable = true;
package = pkgs.master.gitea;
disableRegistration = true;
package = pkgs.unstable.gitea;
domain = cfg.domain;
httpPort = cfg.port;
rootUrl = "https://${cfg.domain}/";
stateDir = "/var/lib/${cfg.domain}";
cookieSecure = true;
appName = "Gitea: dark-firepit hosted Git";
database = {
type = "postgres";

View File

@ -45,6 +45,12 @@ let
description = "Disables access to paths starting with a . (except well-known) to prevent leaking potentially sensitive data";
default = true;
};
forceSSL = mkOption {
type = types.bool;
description = "Redirects HTTP requests to HTTPS.";
default = true;
};
};
in {
options.modules.services.staticSites = mkOption {
@ -110,7 +116,8 @@ in {
}
)
];
forceSSL = true;
forceSSL = site.forceSSL;
addSSL = !site.forceSSL;
enableACME = true;
root = site.dataDir;
};
@ -134,6 +141,9 @@ in {
"pm.min_spare_servers" = 1;
"pm.max_spare_servers" = 25;
};
phpOptions = ''
display_errors = on;
'';
phpEnv."PATH" = lib.makeBinPath [ pkgs.unstable.php ];
phpPackage = pkgs.unstable.php;
};

View File

@ -61,6 +61,7 @@ in {
'';
}];
}) cfg.interfaces)
# }) {})
);
})

View File

@ -3,6 +3,9 @@
with lib;
let
cfg = config.modules.services.writefreely;
configFile = pkgs.writeText "config.ini" ''
${generators.toINI {} cfg.settings}
'';
in {
options.modules.services.writefreely = {
enable = mkOption {
@ -15,12 +18,172 @@ in {
default = pkgs.writefreely;
};
user = mkOption {
name = mkOption {
type = types.str;
default = "writefreely";
default = null;
};
description = mkOption {
type = types.str;
default = "";
};
domain = mkOption {
type = types.str;
default = null;
};
port = mkOption {
type = types.port;
default = 5824;
};
openRegistration = mkOption {
type = types.bool;
default = false;
};
settings = mkOption {
type = types.attrsOf types.attrs;
default = {};
};
};
config = mkIf cfg.enable {
assertions = [
{ assertion = cfg.name != null;
description = "Writefreely instance name unset";
}
{ assertion = cfg.domain != null;
description = "Writefreely domain unset";
}
];
environment.systemPackages = with pkgs; [ tmux ];
users.users.writefreely = {
home = cfg.dataDir;
createHome = true;
isSystemUser = true;
group = "writefreely";
};
users.groups.writefreely = {};
modules.services.writefreely.settings = {
server = {
port = cfg.port;
bind = "localhost";
autocert = mkDefault false;
gopher_port = mkDefault 0;
};
database = {
type = "postgresql";
username = "writefreely";
# password = "";
database = "writefreely";
host = "localhost";
port = 3306;
tls = mkDefault false;
};
app = {
site_name = cfg.name;
site_description = cfg.description;
host = "https://${cfg.domain}:${cfg.port}";
theme = mkDefault "write";
disable_js = mkDefault false;
webfonts = mkDefault true;
simple_nav = mkDefault false;
wf_modesty = mkDefault false;
chorus = mkDefault false;
forest = mkDefault false;
disable_drafts = mkDefault false;
single_user = mkDefault false;
open_registration = cfg.openRegistration;
open_deletion = mkDefault false;
min_username_len = mkDefault 3;
max_blogs = mkDefault 100;
federation = mkDefault false;
public_stats = mkDefault true;
monetization = mkDefault false;
notes_only = mkDefault false;
private = mkDefault false;
local_timeline = mkDefault false;
update_chekcs = mkDefault false;
disable_password_auth = mkDefault false;
};
"oath.generic".allow_disconnect = mkDefault false;
};
services.postgresql = {
enable = true;
ensureDatabases = [ "writefreely" ];
ensureUsers = [
{ name = "writefreely";
ensurePermissions."DATABASE writefreely" = "ALL PRIVELAGES";
}
];
};
services.nginx.virtualHosts.${cfg.domain} = {
forceSSL = true;
enableACME = true;
location."/".extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://127.0.0.1:${toString cfg.port};
proxy_redirect off;
'';
locations."~ ^/.well-known/(webfinger|nodeinfo|host-meta)".extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://127.0.0.1:${toString cfg.port};
proxy_redirect off;
'';
locations."~ ^/(css|img|js|fonts)/".extraConfig = ''
root /var/www/example.com/static;
'';
};
systemd.services.writefreely = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
path = [ cfg.package ];
preStart = ''
cp -f ${configFile} ${cfg.dataDir}
if [ ! -s ${cfg.dataDir}/keys ];
${cfg.package}/bin/writefreely keys generate
cp -f ./keys ${cfg.dataDir}
fi
'';
serviceConfig = {
User = "writefreely";
Type = "forking";
GuessMainPID = true;
ExecStart = "${getBin pkgs.tmux}/bin/tmux -S ${cfg.dataDir}/writefreely.sock new -d ${cfg.package}/bin/writefreely";
};
postStart = ''
${pkgs.coreutils}/bin/chmod 660 ${cfg.dataDir}/writefreely.sock
${pkgs.coreutils}/bin/chgrp writefreely ${cfg.dataDir}/writefreely.sock
'';
};
networking.firewall = {
allowedTCPPorts = [ cfg.port ];
allowedUDPPorts = [ cfg.port ];
};
};
}

View File

@ -1,17 +1,16 @@
{ lib, stdenv, nodejs-slim, mkYarnPackage, fetchFromGitHub, bundlerEnv, nixosTests, pkgs
, yarn, callPackage, imagemagick, ffmpeg, file, ruby_3_0, writeShellScript
, fetchYarnDeps, fixup_yarn_lock
, fetchYarnDeps, fixup_yarn_lock, fetchgit
# Allow building a fork or custom version of Mastodon:
, pname ? "glitch-soc"
, version ? import ./version.nix
, srcOverride ? #pkgs.fetchFromGitHub {
#owner = "glitch-soc";
#repo = "mastodon";
#rev = "3f15326a05a926e9f001800a48ac2addbd3aa833";
#sha256 = "1m1agij9i2byiml02yq0h9w6f64jvy2y2ayjm880pg5xm638nqmk";
#}
/home/oatmealine/mastodon
, srcOverride ? fetchgit {
url = "https://git.oat.zone/dark-firepit/mastodon";
rev = "7cb3b3f2df99e7df6b3a94bb90e4b4bee632a103";
sha256 = "sha256-6Y+nDS/Gh/v6ixOa4utqNy+ETw7AdYDTAEFjpQrkunU=";
}
#/home/oatmealine/mastodon
, dependenciesDir ? ./. # Should contain gemset.nix, yarn.nix and package.json.
}:
@ -60,7 +59,7 @@ stdenv.mkDerivation rec {
export HOME=$PWD
# This option is needed for openssl-3 compatibility
# Otherwise we encounter this upstream issue: https://github.com/mastodon/mastodon/issues/17924
#export NODE_OPTIONS=--openssl-legacy-provider
export NODE_OPTIONS=--openssl-legacy-provider
fixup_yarn_lock ~/yarn.lock
yarn config --offline set yarn-offline-mirror $yarnOfflineCache
yarn install --offline --frozen-lockfile --ignore-engines --ignore-scripts --no-progress

1
result
View File

@ -1 +0,0 @@
/nix/store/sslhrsnzddsq0j115ac87d61bivxhamm-nixos-system-dark-firepit-22.05.20221019.c5203ab