aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKarel Kočí <cynerd@email.cz>2023-01-18 14:33:05 +0100
committerKarel Kočí <cynerd@email.cz>2023-01-18 14:33:05 +0100
commit961a5c06c2a07870e846238be5365ad1c44dcaba (patch)
tree6e3294fda7b8d190c5237797f1f150eeeb770015
parent33bcefc45b4a8881310f77a2bbda466a8b0f466a (diff)
downloadnixos-personal-961a5c06c2a07870e846238be5365ad1c44dcaba.tar.gz
nixos-personal-961a5c06c2a07870e846238be5365ad1c44dcaba.tar.bz2
nixos-personal-961a5c06c2a07870e846238be5365ad1c44dcaba.zip
nixos/lipwig: extend functionality
-rw-r--r--nixos/machine/lipwig.nix110
-rw-r--r--nixos/modules/syncthing.nix4
-rw-r--r--web/index.html1
-rw-r--r--web/wolf.pngbin0 -> 5860 bytes
-rw-r--r--web/wolf.svg159
5 files changed, 263 insertions, 11 deletions
diff --git a/nixos/machine/lipwig.nix b/nixos/machine/lipwig.nix
index 0ebf894..b109065 100644
--- a/nixos/machine/lipwig.nix
+++ b/nixos/machine/lipwig.nix
@@ -8,10 +8,10 @@ with lib; {
config = {
cynerd = {
syncthing = {
- #enable = true;
+ enable = false;
baseDir = "/nas";
};
- openvpn.personal = true;
+ openvpn.oldpersonal = true;
};
fileSystems."/nas" = {
@@ -19,9 +19,51 @@ with lib; {
fsType = "nfs";
};
+ # Web ######################################################################
+ services.nginx = {
+ enable = true;
+ virtualHosts = {
+ "cynerd.cz" = {
+ forceSSL = true;
+ enableACME = true;
+ serverAliases = [
+ "grafana.cynerd.cz"
+ ];
+ locations."/" = {
+ root = ../../web;
+ };
+ };
+ "git.cynerd.cz" = {
+ forceSSL = true;
+ useACMEHost = "cynerd.cz";
+ locations."/".extraConfig = ''
+ fastcgi_param DOCUMENT_ROOT ${pkgs.cgit}/cgit/;
+ fastcgi_param SCRIPT_NAME cgit;
+ fastcgi_pass unix:${config.services.fcgiwrap.socketAddress};
+ '';
+ };
+ "grafana.cynerd.cz" = {
+ forceSSL = true;
+ useACMEHost = "cynerd.cz";
+ locations."/" = {
+ proxyPass = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}/";
+ proxyWebsockets = true;
+ };
+ };
+ };
+ };
+ services.fcgiwrap = {
+ enable = true;
+ group = config.services.nginx.group;
+ };
+ security.acme = {
+ acceptTerms = true;
+ defaults.email = "cynerd+acme@email.cz";
+ };
+
# Git ######################################################################
services.gitolite = {
- enable = false;
+ enable = true;
user = "git";
group = "git";
dataDir = "/var/lib/git";
@@ -33,16 +75,56 @@ with lib; {
group = "gitdaemon";
basePath = "/var/lib/git/repositories";
};
+ environment.etc."cgitrc".text = ''
+ root-title=Cynerd's git repository
+ root-desc=All my projects (at least those released to public)
+ logo=${../../web/wolf.svg}
+ virtual-root=/
+
+ # Allow download of tar.gz, tar.bz2 and zip-files
+ snapshots=tar.gz tar.bz2 zip
+ ## List of common mimetypes
+ mimetype.gif=image/gif
+ mimetype.html=text/html
+ mimetype.jpg=image/jpeg
+ mimetype.jpeg=image/jpeg
+ mimetype.pdf=application/pdf
+ mimetype.png=image/png
+ mimetype.svg=image/svg+xml
+
+ source-filter=${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py
+ about-filter=${pkgs.cgit}/lib/cgit/filters/about-formatting.sh
+
+ readme=:README.md
+ readme=:README.adoc
+
+ enable-index-owner=0
+ enable-index-links=1
+ enable-http-clone=1
+ clone-url=https://git.cynerd.cz/$CGIT_REPO_URL git://cynerd.cz/$CGIT_REPO_URL.git git@cynerd.cz:$CGIT_REPO_URL
+ enable-commit-graph=1
+ branch-sort=age
+
+ remove-suffix=1
+ enable-git-config=1
+ project-list=/var/lib/git/projects.list
+ scan-path=/var/lib/git/repositories/
+ '';
# CalDAV and CardDAV #######################################################
services.radicale = {
enable = true;
+ rights.cynerd = {
+ user = "cynerd";
+ collection = ".*";
+ permission = "rw";
+ };
settings = {
server = {
hosts = ["0.0.0.0:5232" "[::]:5232"];
ssl = true;
- certificate = "/run/secrets/radicale/radicale.crt";
- key = "/run/secrets/radicale/radicale.key";
+ certificate = "/run/secrets/radicale.crt";
+ key = "/run/secrets/radicale.key";
};
encoding = {
request = "utf-8";
@@ -50,17 +132,27 @@ with lib; {
};
auth = {
type = "htpasswd";
- htpasswd_filename = "/run/secrets/radicale/users";
+ htpasswd_filename = "${config.personal-secrets}/unencrypted/radicale.users";
htpasswd_encryption = "bcrypt";
delay = 1;
};
storage = {
filesystem_folder = "/var/lib/radicale/";
};
- web = {
- type = "none";
- };
+ web.type = "none";
};
};
+
+ # Old Syncthing ############################################################
+ services.syncthing = {
+ enable = true;
+ openDefaultPorts = true;
+
+ overrideDevices = false;
+ overrideFolders = false;
+
+ dataDir = "/nas";
+ configDir = "/nas/.syncthing";
+ };
};
}
diff --git a/nixos/modules/syncthing.nix b/nixos/modules/syncthing.nix
index db8b6a8..716e5a3 100644
--- a/nixos/modules/syncthing.nix
+++ b/nixos/modules/syncthing.nix
@@ -51,8 +51,8 @@ in {
services.syncthing = {
enable = any (n: n == hostName) allDevices;
user = mkDefault "cynerd";
- key = "/run/secrets/syncthing/key.pem";
- cert = "/run/secrets/syncthing/cert.pem";
+ key = "/run/secrets/syncthing.key.pem";
+ cert = "/run/secrets/syncthing.cert.pem";
openDefaultPorts = true;
diff --git a/web/index.html b/web/index.html
new file mode 100644
index 0000000..64355e7
--- /dev/null
+++ b/web/index.html
@@ -0,0 +1 @@
+Nothing here
diff --git a/web/wolf.png b/web/wolf.png
new file mode 100644
index 0000000..d383c91
--- /dev/null
+++ b/web/wolf.png
Binary files differ
diff --git a/web/wolf.svg b/web/wolf.svg
new file mode 100644
index 0000000..66623cc
--- /dev/null
+++ b/web/wolf.svg
@@ -0,0 +1,159 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://creativecommons.org/ns#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ width="128"
+ height="128"
+ viewBox="0 0 128 128"
+ id="svg2"
+ version="1.1"
+ inkscape:version="0.91 r13725"
+ sodipodi:docname="wolf.svg"
+ inkscape:export-filename="/home/cynerd/Documents/wolf.png"
+ inkscape:export-xdpi="90"
+ inkscape:export-ydpi="90">
+ <defs
+ id="defs4" />
+ <sodipodi:namedview
+ id="base"
+ pagecolor="#ffffff"
+ bordercolor="#666666"
+ borderopacity="1.0"
+ inkscape:pageopacity="0"
+ inkscape:pageshadow="2"
+ inkscape:zoom="5.6568543"
+ inkscape:cx="64.326404"
+ inkscape:cy="87.580738"
+ inkscape:document-units="px"
+ inkscape:current-layer="layer1"
+ showgrid="true"
+ units="px"
+ inkscape:snap-grids="true"
+ inkscape:snap-object-midpoints="true"
+ inkscape:snap-center="true"
+ inkscape:snap-bbox="true"
+ inkscape:bbox-paths="true"
+ inkscape:bbox-nodes="true"
+ inkscape:snap-bbox-edge-midpoints="true"
+ inkscape:snap-bbox-midpoints="true"
+ inkscape:snap-intersection-paths="true"
+ inkscape:object-paths="true"
+ inkscape:object-nodes="true"
+ inkscape:snap-smooth-nodes="true"
+ inkscape:snap-midpoints="true"
+ inkscape:window-width="2556"
+ inkscape:window-height="1401"
+ inkscape:window-x="1920"
+ inkscape:window-y="37"
+ inkscape:window-maximized="0"
+ inkscape:snap-page="true">
+ <inkscape:grid
+ type="xygrid"
+ id="grid4136"
+ spacingx="5"
+ spacingy="5"
+ visible="false"
+ snapvisiblegridlinesonly="true"
+ enabled="true" />
+ </sodipodi:namedview>
+ <metadata
+ id="metadata7">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ <dc:title></dc:title>
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <g
+ inkscape:label="Layer 1"
+ inkscape:groupmode="layer"
+ id="layer1"
+ transform="translate(0,-924.36216)">
+ <path
+ style="fill:#3c3c3c;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;stroke-opacity:1"
+ d="M 20 3 L 5 48 L 5 98 L 65 123 L 125 98 L 125 48 L 110 3 L 90 38 L 65 33 L 40 38 L 20 3 z "
+ transform="translate(0,924.36216)"
+ id="path4467-7-0" />
+ <g
+ id="g4785"
+ transform="matrix(-1,0,0,1,135,-2e-5)"
+ style="fill:#797979;fill-opacity:1">
+ <path
+ inkscape:connector-curvature="0"
+ id="path4762-7"
+ d="m 80,1017.3622 50,-20.00004 0,25.00004 -60,25 z"
+ style="fill:#797979;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" />
+ </g>
+ <path
+ style="fill:#443d32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 55,1017.3622 5,-45.00004 10,0 5,45.00004 z"
+ id="path4764"
+ inkscape:connector-curvature="0"
+ sodipodi:nodetypes="ccccc" />
+ <path
+ style="fill:#797979;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;fill-opacity:1"
+ d="m 75,1017.3622 50,-20.00004 0,25.00004 -60,25 z"
+ id="path4762"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 125,972.36216 -15,-45"
+ id="path4488"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#000000;fill-rule:evenodd;stroke:#373737;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;stroke-opacity:1;fill-opacity:1"
+ d="M 60 88 L 55 93 L 55 108 L 60 113 L 55 113 L 29.835938 108.34766 L 65 123 L 100.16406 108.34766 L 75 113 L 70 113 L 75 108 L 75 93 L 70 88 L 65 88 L 60 88 z "
+ transform="translate(0,924.36216)"
+ id="path4648" />
+ <path
+ style="fill:none;fill-rule:evenodd;stroke:#ffffff;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;stroke-opacity:1"
+ d="m 65,1047.3622 60,-25 0,-50.00004 -15,-45 -20,35 -25,-5 -25,5 -20,-35 -15,45 0,50.00004 60,25"
+ id="path4496"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#959595;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;fill-opacity:1"
+ d="m 20,937.36216 -10,35 25,-10 -15,-25"
+ id="path4582"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#585858;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 55,977.3621 -5,25.0001 -25,-10.00006 0,-10.00004"
+ id="path4768-4"
+ inkscape:connector-curvature="0"
+ sodipodi:nodetypes="cccc" />
+ <path
+ style="fill:#582b1c;fill-opacity:1;fill-rule:evenodd;stroke:#191919;stroke-width:1.32389319px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 42.783248,995.45655 7.943359,-3.97168 -7.943359,-7.94336 -15.886718,3.97168 z"
+ id="path4646"
+ inkscape:connector-curvature="0"
+ sodipodi:nodetypes="ccccc" />
+ <path
+ style="fill:#585858;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 75,977.36216 5,25.00004 25,-10.00004 0,-10"
+ id="path4768"
+ inkscape:connector-curvature="0"
+ sodipodi:nodetypes="cccc" />
+ <path
+ style="fill:#582b1c;fill-opacity:1;fill-rule:evenodd;stroke:#191919;stroke-width:1.32389319px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 87.216752,995.45655 -7.943359,-3.97168 7.943359,-7.94336 15.886718,3.97168 z"
+ id="path4646-4"
+ inkscape:connector-curvature="0"
+ sodipodi:nodetypes="ccccc" />
+ <path
+ style="fill:#959595;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 110,937.36216 10,35 -25,-10 15,-25"
+ id="path4582-9"
+ inkscape:connector-curvature="0" />
+ </g>
+</svg>