Compare commits
No commits in common. "master" and "koyomi" have entirely different histories.
54
flake.lock
54
flake.lock
|
@ -44,11 +44,11 @@
|
||||||
"systems": "systems"
|
"systems": "systems"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1726560853,
|
"lastModified": 1710146030,
|
||||||
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
|
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
|
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -85,11 +85,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1726989464,
|
"lastModified": 1720042825,
|
||||||
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
|
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
|
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -106,11 +106,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728337164,
|
"lastModified": 1724435763,
|
||||||
"narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=",
|
"narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "038630363e7de57c36c417fd2f5d7c14773403e4",
|
"rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -212,11 +212,11 @@
|
||||||
"nixpkgs-stable": "nixpkgs-stable"
|
"nixpkgs-stable": "nixpkgs-stable"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728092656,
|
"lastModified": 1724763886,
|
||||||
"narHash": "sha256-eMeCTJZ5xBeQ0f9Os7K8DThNVSo9gy4umZLDfF5q6OM=",
|
"narHash": "sha256-SzBtZs5z+YGM50oyt67R78qLhxG/wG5/SlVRsCF5kRc=",
|
||||||
"owner": "cachix",
|
"owner": "cachix",
|
||||||
"repo": "pre-commit-hooks.nix",
|
"repo": "pre-commit-hooks.nix",
|
||||||
"rev": "1211305a5b237771e13fcca0c51e60ad47326a9a",
|
"rev": "1cd12de659fab215624c630c37d1c62aa2b7824e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -228,11 +228,11 @@
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728269138,
|
"lastModified": 1724575805,
|
||||||
"narHash": "sha256-oKxDImsOvgUZMY4NwXVyUc/c1HiU2qInX+b5BU0yXls=",
|
"narHash": "sha256-OB/kEL3GAhUZmUfkbPfsPhKs0pRqJKs0EEBiLfyKZw8=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "ecfcd787f373f43307d764762e139a7cdeb9c22b",
|
"rev": "9fc19be21f0807d6be092d70bf0b1de0c00ac895",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -244,11 +244,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728328465,
|
"lastModified": 1724531977,
|
||||||
"narHash": "sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo=",
|
"narHash": "sha256-XROVLf9ti4rrNCFLr+DmXRZtPjCQTW4cYy59owTEmxk=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "1bfbbbe5bbf888d675397c66bfdb275d0b99361c",
|
"rev": "2527da1ef492c495d5391f3bcf9c1dd9f4514e32",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -303,11 +303,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-stable_2": {
|
"nixpkgs-stable_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728156290,
|
"lastModified": 1721524707,
|
||||||
"narHash": "sha256-uogSvuAp+1BYtdu6UWuObjHqSbBohpyARXDWqgI12Ss=",
|
"narHash": "sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "17ae88b569bb15590549ff478bab6494dde4a907",
|
"rev": "556533a23879fc7e5f98dd2e0b31a6911a213171",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -319,11 +319,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728241625,
|
"lastModified": 1724479785,
|
||||||
"narHash": "sha256-yumd4fBc/hi8a9QgA9IT8vlQuLZ2oqhkJXHPKxH/tRw=",
|
"narHash": "sha256-pP3Azj5d6M5nmG68Fu4JqZmdGt4S4vqI5f8te+E/FTw=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "c31898adf5a8ed202ce5bea9f347b1c6871f32d1",
|
"rev": "d0e1602ddde669d5beb01aec49d71a51937ed7be",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -450,11 +450,11 @@
|
||||||
"nixpkgs-stable": "nixpkgs-stable_2"
|
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728345710,
|
"lastModified": 1723501126,
|
||||||
"narHash": "sha256-lpunY1+bf90ts+sA2/FgxVNIegPDKCpEoWwOPu4ITTQ=",
|
"narHash": "sha256-N9IcHgj/p1+2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE=",
|
||||||
"owner": "Mic92",
|
"owner": "Mic92",
|
||||||
"repo": "sops-nix",
|
"repo": "sops-nix",
|
||||||
"rev": "06535d0e3d0201e6a8080dd32dbfde339b94f01b",
|
"rev": "be0eec2d27563590194a9206f551a6f73d52fa34",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -24,9 +24,6 @@
|
||||||
PAPERLESS_TIME_ZONE = "Europe/Berlin";
|
PAPERLESS_TIME_ZONE = "Europe/Berlin";
|
||||||
PAPERLESS_FILENAME_FORMAT = "{correspondent}/{document_type}/{created}_{title}_{doc_pk}";
|
PAPERLESS_FILENAME_FORMAT = "{correspondent}/{document_type}/{created}_{title}_{doc_pk}";
|
||||||
PAPERLESS_CONSUMER_RECURSIVE = true;
|
PAPERLESS_CONSUMER_RECURSIVE = true;
|
||||||
PAPERLESS_CONSUMER_ENABLE_BARCODES = true;
|
|
||||||
PAPERLESS_CONSUMER_ENABLE_ASN_BARCODE = true;
|
|
||||||
PAPERLESS_CONSUMER_ENABLE_COLLATE_DOUBLE_SIDED = true;
|
|
||||||
PAPERLESS_OCR_USER_ARGS = builtins.toJSON {
|
PAPERLESS_OCR_USER_ARGS = builtins.toJSON {
|
||||||
invalidate_digital_signatures = true;
|
invalidate_digital_signatures = true;
|
||||||
};
|
};
|
||||||
|
@ -53,17 +50,6 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
"/static".root = "${config.services.paperless.package}/lib/paperless-ngx";
|
"/static".root = "${config.services.paperless.package}/lib/paperless-ngx";
|
||||||
"/manual-scan/" = {
|
|
||||||
alias = "/var/lib/scans/manual/";
|
|
||||||
|
|
||||||
extraConfig = ''
|
|
||||||
autoindex on;
|
|
||||||
|
|
||||||
allow 10.80.1.0/24;
|
|
||||||
allow 2001:470:73b9:1::/64;
|
|
||||||
deny all;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -83,9 +69,7 @@
|
||||||
|
|
||||||
systemd.tmpfiles.rules = [
|
systemd.tmpfiles.rules = [
|
||||||
"d /var/lib/scans 0555 scan root -"
|
"d /var/lib/scans 0555 scan root -"
|
||||||
"d /var/lib/scans/paperless 0770 scan paperless -"
|
"d /var/lib/scans/paperless 0775 scan paperless -"
|
||||||
"d /var/lib/scans/paperless/double-sided 0770 scan paperless -"
|
|
||||||
"d /var/lib/scans/manual 0750 scan nginx 7d"
|
|
||||||
"L /var/lib/paperless/consume/ftp - - - - /var/lib/scans/paperless"
|
"L /var/lib/paperless/consume/ftp - - - - /var/lib/scans/paperless"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,6 @@
|
||||||
./services/bang-evaluator.nix
|
./services/bang-evaluator.nix
|
||||||
./services/languagetool.nix
|
./services/languagetool.nix
|
||||||
./services/li7y.nix
|
./services/li7y.nix
|
||||||
./services/password-hash-self-service.nix
|
|
||||||
];
|
];
|
||||||
|
|
||||||
sbruder = {
|
sbruder = {
|
||||||
|
|
|
@ -8,9 +8,7 @@ let
|
||||||
backends = {
|
backends = {
|
||||||
hiroshi = [
|
hiroshi = [
|
||||||
"bangs.sbruder.de"
|
"bangs.sbruder.de"
|
||||||
"i7y.eu"
|
|
||||||
"languagetool.sbruder.de"
|
"languagetool.sbruder.de"
|
||||||
"phss.sbruder.de"
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -16,9 +16,12 @@
|
||||||
./services/grafana.nix
|
./services/grafana.nix
|
||||||
./services/hedgedoc.nix
|
./services/hedgedoc.nix
|
||||||
./services/invidious
|
./services/invidious
|
||||||
|
./services/mastodon.nix
|
||||||
./services/matrix
|
./services/matrix
|
||||||
|
./services/password-hash-self-service.nix
|
||||||
./services/prometheus.nix
|
./services/prometheus.nix
|
||||||
./services/sbruder.xyz
|
./services/sbruder.xyz
|
||||||
|
./services/schabernack.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
sbruder = {
|
sbruder = {
|
||||||
|
|
|
@ -2,6 +2,7 @@ forgejo-mail: ENC[AES256_GCM,data:3AlFHzVBA5TE4qv5ubG39K0varV8/HabO0q/RJZSD5o=,i
|
||||||
go-neb-overrides: ENC[AES256_GCM,data:1xy+SdsSTuerRox4skitg1mKLr1MoANFoCzz76TKSA31ORo/oUWVGrYxfusZxrFQWjYGRFpSYzmkzPn1RoWmbXyfwPEcisvjenXLNvwcyoontBd7TiiLdukEtya6RfGLRGKc8tfCzbDUWgiYz5IDMFBvKGnewFjB+au0/Ge2+2DTw6M4negjCz343TO/vbyTr5xT/5smmKz7Ouk9SbEo7yEuHkQPQfedGw2PYT82zdXd/Eje3Zq2EB4xcUU7beGrF1zkOdXQ4OVqB8XnkCnuLtNlnJtsffm0rbPDPD3/nhHKpJ8jXrN54V14dSnHW7yOifGMIus0VFMRZcIT7A+BroM9qzJhW3F4gsF1Bwp0CF+6zLLRjgpA0EOyvOwpLIftBZfMIpveAH62MVY0IBfwDdkI1itEOjj9EhTrOGxBx45Cj6Qk3Mk6ncyr15+E+KAmQRxZJrEW8Grk4PyzuxtxYd0n8LSaRUe1eNVUhHkQNpo/zvAPgrzcRnM91EwIoMvlNmwyC63j1h+OBKlXQgChAaB1O6HFXQY=,iv:pnw0jIcMqA771woDYNHxWMWE6wHGaNsXi5aBXOFAHJU=,tag:Wbcqb0FsctZWOS6u5s82mQ==,type:str]
|
go-neb-overrides: ENC[AES256_GCM,data:1xy+SdsSTuerRox4skitg1mKLr1MoANFoCzz76TKSA31ORo/oUWVGrYxfusZxrFQWjYGRFpSYzmkzPn1RoWmbXyfwPEcisvjenXLNvwcyoontBd7TiiLdukEtya6RfGLRGKc8tfCzbDUWgiYz5IDMFBvKGnewFjB+au0/Ge2+2DTw6M4negjCz343TO/vbyTr5xT/5smmKz7Ouk9SbEo7yEuHkQPQfedGw2PYT82zdXd/Eje3Zq2EB4xcUU7beGrF1zkOdXQ4OVqB8XnkCnuLtNlnJtsffm0rbPDPD3/nhHKpJ8jXrN54V14dSnHW7yOifGMIus0VFMRZcIT7A+BroM9qzJhW3F4gsF1Bwp0CF+6zLLRjgpA0EOyvOwpLIftBZfMIpveAH62MVY0IBfwDdkI1itEOjj9EhTrOGxBx45Cj6Qk3Mk6ncyr15+E+KAmQRxZJrEW8Grk4PyzuxtxYd0n8LSaRUe1eNVUhHkQNpo/zvAPgrzcRnM91EwIoMvlNmwyC63j1h+OBKlXQgChAaB1O6HFXQY=,iv:pnw0jIcMqA771woDYNHxWMWE6wHGaNsXi5aBXOFAHJU=,tag:Wbcqb0FsctZWOS6u5s82mQ==,type:str]
|
||||||
hcloud_exporter-environment: ENC[AES256_GCM,data:5gDTeg4C08BgNxBFtzZ7ma6JiafwF4ly5URAG4WxUTlRaUmF32fmbPdAZmveKiKBA8cc6ewcEIfIVJ7d5tbbqCEX+vbf9nr1fuhN05Z6lfsJNLoATclX,iv:GzEnudGDc6+6BJgDtaNnOnT7IK8Z0fsYfs/oJzKO2UA=,tag:LYCvRxNeKdMmNve0aWswrw==,type:str]
|
hcloud_exporter-environment: ENC[AES256_GCM,data:5gDTeg4C08BgNxBFtzZ7ma6JiafwF4ly5URAG4WxUTlRaUmF32fmbPdAZmveKiKBA8cc6ewcEIfIVJ7d5tbbqCEX+vbf9nr1fuhN05Z6lfsJNLoATclX,iv:GzEnudGDc6+6BJgDtaNnOnT7IK8Z0fsYfs/oJzKO2UA=,tag:LYCvRxNeKdMmNve0aWswrw==,type:str]
|
||||||
invidious-extra-settings: ENC[AES256_GCM,data:bThgfyu5ESIyTLD7Q09Qici9ZZw/QYfCyBSjtbNb1EglCy0KHZrvDDAN4uDpdKrHxv8ctoN5Db7tRf5LUl6iyW7A5z9uYg481EXq3Sx6tZztepX0vg==,iv:FZ33tQWRsNEPjwuy/mH/N4e4PyjLx7sbv2G+9S5uigY=,tag:0GQn3AgoM2BPC5iCt5py8w==,type:str]
|
invidious-extra-settings: ENC[AES256_GCM,data:bThgfyu5ESIyTLD7Q09Qici9ZZw/QYfCyBSjtbNb1EglCy0KHZrvDDAN4uDpdKrHxv8ctoN5Db7tRf5LUl6iyW7A5z9uYg481EXq3Sx6tZztepX0vg==,iv:FZ33tQWRsNEPjwuy/mH/N4e4PyjLx7sbv2G+9S5uigY=,tag:0GQn3AgoM2BPC5iCt5py8w==,type:str]
|
||||||
|
mastodon-mail: ENC[AES256_GCM,data:RT/fS7cqbcePd2qe7CR5jRh2jtKaS81ICbMUOlPUQsY=,iv:C7GYMB0U2KIfXuEnYaoIEfV89/EnJS6V9iG97X8zkPk=,tag:L4SVe6aYGcarvX1hmMqQOw==,type:str]
|
||||||
netbox-secret-key: ENC[AES256_GCM,data:lOE95j6CGkbfJQTLeG41g3BPKNhm0arqxIGAzwvXQyeZLBauAdqufQGKD7D4kPNzdZs=,iv:6HWXEr6Ju4IywP+2jpuTfER/bYI2oUgMSZEJCkq4XX8=,tag:TPD5TTr4Sew8lxPS5WIu5Q==,type:str]
|
netbox-secret-key: ENC[AES256_GCM,data:lOE95j6CGkbfJQTLeG41g3BPKNhm0arqxIGAzwvXQyeZLBauAdqufQGKD7D4kPNzdZs=,iv:6HWXEr6Ju4IywP+2jpuTfER/bYI2oUgMSZEJCkq4XX8=,tag:TPD5TTr4Sew8lxPS5WIu5Q==,type:str]
|
||||||
prometheus-htpasswd: ENC[AES256_GCM,data:tiewfUfpvrmbrgk6AsBdiP4ng4TqG5UYf1mFcWOzuk8oO55rfZu+Naummz5RRYhJZil43nHFvn5LfIWkJv+CyPMZjpj7xRp4vb4/OCCAFjEzHhrzYVBYNkHM+ZLUTewEXuPVtZ6CZ5uviTExLN2V1moG3ExJdIoyUD16qh4=,iv:SkH609VxIVKJLmHUUNzICEjxHSyjLdwXfw0b7iU6png=,tag:BfNGcUZmk9ZXUvhoQZn6iQ==,type:str]
|
prometheus-htpasswd: ENC[AES256_GCM,data:tiewfUfpvrmbrgk6AsBdiP4ng4TqG5UYf1mFcWOzuk8oO55rfZu+Naummz5RRYhJZil43nHFvn5LfIWkJv+CyPMZjpj7xRp4vb4/OCCAFjEzHhrzYVBYNkHM+ZLUTewEXuPVtZ6CZ5uviTExLN2V1moG3ExJdIoyUD16qh4=,iv:SkH609VxIVKJLmHUUNzICEjxHSyjLdwXfw0b7iU6png=,tag:BfNGcUZmk9ZXUvhoQZn6iQ==,type:str]
|
||||||
synapse-registration-shared-secret: ENC[AES256_GCM,data:qwUjGPINIuBC3KYqMPmnU3l9uJ85DJsJFixvTFQTSuR+fcq6DEjx03Xk41ff7NJftAi+Gt0QLdqKp+viJfW7eU6iHKyfcgPE/nj46UECCWLM8HISxPFQ9IrP+DIo02k=,iv:C9jhBPexth+gnAs6+DBtEmP2qsWZoKmgw6ILbtXUScA=,tag:M3U+03I0Bj8Nhuu4GB98xw==,type:str]
|
synapse-registration-shared-secret: ENC[AES256_GCM,data:qwUjGPINIuBC3KYqMPmnU3l9uJ85DJsJFixvTFQTSuR+fcq6DEjx03Xk41ff7NJftAi+Gt0QLdqKp+viJfW7eU6iHKyfcgPE/nj46UECCWLM8HISxPFQ9IrP+DIo02k=,iv:C9jhBPexth+gnAs6+DBtEmP2qsWZoKmgw6ILbtXUScA=,tag:M3U+03I0Bj8Nhuu4GB98xw==,type:str]
|
||||||
|
@ -14,8 +15,8 @@ sops:
|
||||||
azure_kv: []
|
azure_kv: []
|
||||||
hc_vault: []
|
hc_vault: []
|
||||||
age: []
|
age: []
|
||||||
lastmodified: "2024-10-08T20:39:38Z"
|
lastmodified: "2024-08-22T16:40:55Z"
|
||||||
mac: ENC[AES256_GCM,data:tgrvHkBsuxvkOe65YUkA/7iOcuwE3Vd6l46wLRSXK2DVED2FAdvO/cXvwsUKzIRKjrs/QXUl4T+lWGQC024Wiy6gXQB3edjxDT6aiGSzXWQAOmTI8/oLzxNTeuysTKNtIAxbz5x6d88JFx5PswtuYUb8x60xMPp3LTJbKnao/LI=,iv:l48P6gmEyeqSOHotLRCmYb7aZgnANceUvveVvGgpAyE=,tag:X5fFIxDxW9sIO4yF4B0C5Q==,type:str]
|
mac: ENC[AES256_GCM,data:yAeinIiWZEc2jXEopgYwDbA4YrRvrNTGWoQOSp7HuPGX2qCQDryzk6bwRRvzHn22T+79L+0l/5bTa0rdCR5zIm9XZ3nR0ozvC9qXu+KbMsnsNqQ7kUZyrFenekh8GiM+de2k5rXhn8T/RHphD+B3GK9tphqLZOzIby3ICtWD38g=,iv:gMi9D5nBCJ2UQrdO1+DU3dBbOCtRvfD12TmUG8+6oaM=,tag:H+TkwH2rqtyZkII6FBPLcA==,type:str]
|
||||||
pgp:
|
pgp:
|
||||||
- created_at: "2024-01-22T00:20:10Z"
|
- created_at: "2024-01-22T00:20:10Z"
|
||||||
enc: |-
|
enc: |-
|
||||||
|
|
32
machines/renge/services/mastodon.nix
Normal file
32
machines/renge/services/mastodon.nix
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
# SPDX-FileCopyrightText: 2024 Simon Bruder <simon@sbruder.de>
|
||||||
|
#
|
||||||
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||||
|
|
||||||
|
{ config, lib, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
sops.secrets.mastodon-mail = {
|
||||||
|
owner = config.services.mastodon.user;
|
||||||
|
sopsFile = ../secrets.yaml;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.mastodon = {
|
||||||
|
enable = true;
|
||||||
|
configureNginx = true;
|
||||||
|
localDomain = "procrastination.space";
|
||||||
|
smtp = {
|
||||||
|
createLocally = false;
|
||||||
|
host = "vueko.sbruder.de";
|
||||||
|
port = 465;
|
||||||
|
user = "mastodon@sbruder.de";
|
||||||
|
passwordFile = config.sops.secrets.mastodon-mail.path;
|
||||||
|
fromAddress = config.services.mastodon.smtp.user;
|
||||||
|
authenticate = true;
|
||||||
|
};
|
||||||
|
streamingProcesses = 5;
|
||||||
|
extraConfig = {
|
||||||
|
SMTP_TLS = "true";
|
||||||
|
RAILS_LOG_LEVEL = "warn";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -8,9 +8,4 @@
|
||||||
./mautrix-whatsapp.nix
|
./mautrix-whatsapp.nix
|
||||||
./go-neb.nix
|
./go-neb.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# required by mautrix-whatsapp and go-neb
|
|
||||||
nixpkgs.config.permittedInsecurePackages = [
|
|
||||||
"olm-3.2.16"
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -41,6 +41,13 @@
|
||||||
|
|
||||||
locations = {
|
locations = {
|
||||||
"/imprint/".alias = "${pkgs.sbruder.imprint}/";
|
"/imprint/".alias = "${pkgs.sbruder.imprint}/";
|
||||||
|
"/transparency/" = {
|
||||||
|
alias = "/var/www/transparency/";
|
||||||
|
extraConfig = ''
|
||||||
|
autoindex on;
|
||||||
|
charset utf-8;
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
48
machines/renge/services/schabernack.nix
Normal file
48
machines/renge/services/schabernack.nix
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
# SPDX-FileCopyrightText: 2021-2022 Simon Bruder <simon@sbruder.de>
|
||||||
|
#
|
||||||
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||||
|
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
domain = "schulischer-schabernack.de";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
services.nginx = {
|
||||||
|
commonHttpConfig = ''
|
||||||
|
# privacy-aware log format
|
||||||
|
log_format schabernack '$remote_addr_schabernack - - [$time_local] "$request" $status $body_bytes_sent "-" "$http_user_agent"';
|
||||||
|
|
||||||
|
# anonymise ip address
|
||||||
|
map $remote_addr $remote_addr_schabernack {
|
||||||
|
~(?P<ip>\d+\.\d+)\. $ip.0.0;
|
||||||
|
~(?P<ip>[^:]+:[^:]+): $ip::;
|
||||||
|
default 0.0.0.0;
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
|
||||||
|
virtualHosts = {
|
||||||
|
${domain} = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
|
||||||
|
root = "/var/www/schabernack";
|
||||||
|
|
||||||
|
# only log page views, rss feed access, media file download and embed views
|
||||||
|
extraConfig = ''
|
||||||
|
location ~ index\.html|rss\.xml|\.(opus|m4a|ogg|mp3|\.podlove.json)$ {
|
||||||
|
access_log /var/log/nginx/schabernack.log schabernack;
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
"www.${domain}" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
globalRedirect = domain;
|
||||||
|
|
||||||
|
extraConfig = ''
|
||||||
|
access_log off;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Binary file not shown.
|
@ -49,18 +49,12 @@
|
||||||
"www.salespointframe.work"
|
"www.salespointframe.work"
|
||||||
"verkaufspunktrahmenwerk.de"
|
"verkaufspunktrahmenwerk.de"
|
||||||
"www.verkaufspunktrahmenwerk.de"
|
"www.verkaufspunktrahmenwerk.de"
|
||||||
|
"verkaufspuntrahmenwerk.de"
|
||||||
|
"www.verkaufspuntrahmenwerk.de"
|
||||||
];
|
];
|
||||||
user.name = "salespoint";
|
user.name = "salespoint";
|
||||||
};
|
};
|
||||||
|
|
||||||
"schulischer-schabernack.de" = {
|
|
||||||
redirects = [
|
|
||||||
"www.schulischer-schabernack.de"
|
|
||||||
"staging.schulischer-schabernack.de"
|
|
||||||
];
|
|
||||||
user.name = "schabernack";
|
|
||||||
};
|
|
||||||
|
|
||||||
"share.sbruder.de" = {
|
"share.sbruder.de" = {
|
||||||
redirects = [ ];
|
redirects = [ ];
|
||||||
user.name = "share";
|
user.name = "share";
|
||||||
|
|
|
@ -52,12 +52,6 @@ in
|
||||||
deviceUri = "ipps://fuuko.lan.shinonome-lab.de:631/printers/etikettierviech";
|
deviceUri = "ipps://fuuko.lan.shinonome-lab.de:631/printers/etikettierviech";
|
||||||
description = "SII SLP 650";
|
description = "SII SLP 650";
|
||||||
}
|
}
|
||||||
{
|
|
||||||
name = "bro";
|
|
||||||
model = "everywhere";
|
|
||||||
deviceUri = "ipps://bro.printer.shinonome-lab.de";
|
|
||||||
description = "brother DCP-L2660DW";
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
|
|
@ -35,12 +35,9 @@ in
|
||||||
'';
|
'';
|
||||||
})
|
})
|
||||||
(lib.mkIf cfg.privacy.enable {
|
(lib.mkIf cfg.privacy.enable {
|
||||||
services.nginx = {
|
services.nginx.commonHttpConfig = ''
|
||||||
logError = "stderr crit"; # error (the default severity) logs potential PII (IP addresses) on 404 errors
|
access_log off;
|
||||||
commonHttpConfig = ''
|
'';
|
||||||
access_log off;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
})
|
})
|
||||||
(lib.mkIf cfg.recommended.enable {
|
(lib.mkIf cfg.recommended.enable {
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
|
|
|
@ -24,6 +24,10 @@ SPDX-License-Identifier: CC-BY-SA-4.0
|
||||||
<td>Matrix</td>
|
<td>Matrix</td>
|
||||||
<td><a id="matrix" href="#">(requires javascript)</a></td>
|
<td><a id="matrix" href="#">(requires javascript)</a></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Fediverse</td>
|
||||||
|
<td><a rel="me" href="https://procrastination.space/@simon">@simon@procrastination.space</a></td>
|
||||||
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>Codeberg</td>
|
<td>Codeberg</td>
|
||||||
<td><a href="https://codeberg.org/sbruder">sbruder</a></td>
|
<td><a href="https://codeberg.org/sbruder">sbruder</a></td>
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
#
|
#
|
||||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||||
|
|
||||||
{ config, lib, nixosConfig, pkgs, ... }:
|
{ config, lib, nixosConfig, ... }:
|
||||||
let
|
let
|
||||||
mkOverridesFile = prefs: ''
|
mkOverridesFile = prefs: ''
|
||||||
// Generated by Home Manager.
|
// Generated by Home Manager.
|
||||||
|
@ -17,7 +17,6 @@ in
|
||||||
lib.mkIf nixosConfig.sbruder.gui.enable {
|
lib.mkIf nixosConfig.sbruder.gui.enable {
|
||||||
programs.librewolf = {
|
programs.librewolf = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.librewolf.override { nativeMessagingHosts = with pkgs; [ browserpass ]; };
|
|
||||||
settings = {
|
settings = {
|
||||||
"accessibility.force_disabled" = 1;
|
"accessibility.force_disabled" = 1;
|
||||||
"browser.uidensity" = 1; # more compact layout
|
"browser.uidensity" = 1; # more compact layout
|
||||||
|
|
|
@ -119,7 +119,6 @@ in
|
||||||
# communication
|
# communication
|
||||||
linphone # sip softphone
|
linphone # sip softphone
|
||||||
mumble # VoIP group chat
|
mumble # VoIP group chat
|
||||||
signal-desktop # Signal desktop client
|
|
||||||
|
|
||||||
# creative/design
|
# creative/design
|
||||||
openscad # parametric/procedural 3d modelling
|
openscad # parametric/procedural 3d modelling
|
||||||
|
|
Loading…
Reference in a new issue