diff options
| -rw-r--r-- | nixos/machine/lipwig.nix | 110 | ||||
| -rw-r--r-- | nixos/modules/syncthing.nix | 4 | ||||
| -rw-r--r-- | web/index.html | 1 | ||||
| -rw-r--r-- | web/wolf.png | bin | 0 -> 5860 bytes | |||
| -rw-r--r-- | web/wolf.svg | 159 |
5 files changed, 263 insertions, 11 deletions
diff --git a/nixos/machine/lipwig.nix b/nixos/machine/lipwig.nix index 0ebf894..b109065 100644 --- a/nixos/machine/lipwig.nix +++ b/nixos/machine/lipwig.nix @@ -8,10 +8,10 @@ with lib; { config = { cynerd = { syncthing = { - #enable = true; + enable = false; baseDir = "/nas"; }; - openvpn.personal = true; + openvpn.oldpersonal = true; }; fileSystems."/nas" = { @@ -19,9 +19,51 @@ with lib; { fsType = "nfs"; }; + # Web ###################################################################### + services.nginx = { + enable = true; + virtualHosts = { + "cynerd.cz" = { + forceSSL = true; + enableACME = true; + serverAliases = [ + "grafana.cynerd.cz" + ]; + locations."/" = { + root = ../../web; + }; + }; + "git.cynerd.cz" = { + forceSSL = true; + useACMEHost = "cynerd.cz"; + locations."/".extraConfig = '' + fastcgi_param DOCUMENT_ROOT ${pkgs.cgit}/cgit/; + fastcgi_param SCRIPT_NAME cgit; + fastcgi_pass unix:${config.services.fcgiwrap.socketAddress}; + ''; + }; + "grafana.cynerd.cz" = { + forceSSL = true; + useACMEHost = "cynerd.cz"; + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}/"; + proxyWebsockets = true; + }; + }; + }; + }; + services.fcgiwrap = { + enable = true; + group = config.services.nginx.group; + }; + security.acme = { + acceptTerms = true; + defaults.email = "cynerd+acme@email.cz"; + }; + # Git ###################################################################### services.gitolite = { - enable = false; + enable = true; user = "git"; group = "git"; dataDir = "/var/lib/git"; @@ -33,16 +75,56 @@ with lib; { group = "gitdaemon"; basePath = "/var/lib/git/repositories"; }; + environment.etc."cgitrc".text = '' + root-title=Cynerd's git repository + root-desc=All my projects (at least those released to public) + logo=${../../web/wolf.svg} + virtual-root=/ + + # Allow download of tar.gz, tar.bz2 and zip-files + snapshots=tar.gz tar.bz2 zip + ## List of common mimetypes + mimetype.gif=image/gif + mimetype.html=text/html + mimetype.jpg=image/jpeg + mimetype.jpeg=image/jpeg + mimetype.pdf=application/pdf + mimetype.png=image/png + mimetype.svg=image/svg+xml + + source-filter=${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py + about-filter=${pkgs.cgit}/lib/cgit/filters/about-formatting.sh + + readme=:README.md + readme=:README.adoc + + enable-index-owner=0 + enable-index-links=1 + enable-http-clone=1 + clone-url=https://git.cynerd.cz/$CGIT_REPO_URL git://cynerd.cz/$CGIT_REPO_URL.git git@cynerd.cz:$CGIT_REPO_URL + enable-commit-graph=1 + branch-sort=age + + remove-suffix=1 + enable-git-config=1 + project-list=/var/lib/git/projects.list + scan-path=/var/lib/git/repositories/ + ''; # CalDAV and CardDAV ####################################################### services.radicale = { enable = true; + rights.cynerd = { + user = "cynerd"; + collection = ".*"; + permission = "rw"; + }; settings = { server = { hosts = ["0.0.0.0:5232" "[::]:5232"]; ssl = true; - certificate = "/run/secrets/radicale/radicale.crt"; - key = "/run/secrets/radicale/radicale.key"; + certificate = "/run/secrets/radicale.crt"; + key = "/run/secrets/radicale.key"; }; encoding = { request = "utf-8"; @@ -50,17 +132,27 @@ with lib; { }; auth = { type = "htpasswd"; - htpasswd_filename = "/run/secrets/radicale/users"; + htpasswd_filename = "${config.personal-secrets}/unencrypted/radicale.users"; htpasswd_encryption = "bcrypt"; delay = 1; }; storage = { filesystem_folder = "/var/lib/radicale/"; }; - web = { - type = "none"; - }; + web.type = "none"; }; }; + + # Old Syncthing ############################################################ + services.syncthing = { + enable = true; + openDefaultPorts = true; + + overrideDevices = false; + overrideFolders = false; + + dataDir = "/nas"; + configDir = "/nas/.syncthing"; + }; }; } diff --git a/nixos/modules/syncthing.nix b/nixos/modules/syncthing.nix index db8b6a8..716e5a3 100644 --- a/nixos/modules/syncthing.nix +++ b/nixos/modules/syncthing.nix @@ -51,8 +51,8 @@ in { services.syncthing = { enable = any (n: n == hostName) allDevices; user = mkDefault "cynerd"; - key = "/run/secrets/syncthing/key.pem"; - cert = "/run/secrets/syncthing/cert.pem"; + key = "/run/secrets/syncthing.key.pem"; + cert = "/run/secrets/syncthing.cert.pem"; openDefaultPorts = true; diff --git a/web/index.html b/web/index.html new file mode 100644 index 0000000..64355e7 --- /dev/null +++ b/web/index.html @@ -0,0 +1 @@ +Nothing here diff --git a/web/wolf.png b/web/wolf.png Binary files differnew file mode 100644 index 0000000..d383c91 --- /dev/null +++ b/web/wolf.png diff --git a/web/wolf.svg b/web/wolf.svg new file mode 100644 index 0000000..66623cc --- /dev/null +++ b/web/wolf.svg @@ -0,0 +1,159 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!-- Created with Inkscape (http://www.inkscape.org/) --> + +<svg + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:cc="http://creativecommons.org/ns#" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:svg="http://www.w3.org/2000/svg" + xmlns="http://www.w3.org/2000/svg" + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" + width="128" + height="128" + viewBox="0 0 128 128" + id="svg2" + version="1.1" + inkscape:version="0.91 r13725" + sodipodi:docname="wolf.svg" + inkscape:export-filename="/home/cynerd/Documents/wolf.png" + inkscape:export-xdpi="90" + inkscape:export-ydpi="90"> + <defs + id="defs4" /> + <sodipodi:namedview + id="base" + pagecolor="#ffffff" + bordercolor="#666666" + borderopacity="1.0" + inkscape:pageopacity="0" + inkscape:pageshadow="2" + inkscape:zoom="5.6568543" + inkscape:cx="64.326404" + inkscape:cy="87.580738" + inkscape:document-units="px" + inkscape:current-layer="layer1" + showgrid="true" + units="px" + inkscape:snap-grids="true" + inkscape:snap-object-midpoints="true" + inkscape:snap-center="true" + inkscape:snap-bbox="true" + inkscape:bbox-paths="true" + inkscape:bbox-nodes="true" + inkscape:snap-bbox-edge-midpoints="true" + inkscape:snap-bbox-midpoints="true" + inkscape:snap-intersection-paths="true" + inkscape:object-paths="true" + inkscape:object-nodes="true" + inkscape:snap-smooth-nodes="true" + inkscape:snap-midpoints="true" + inkscape:window-width="2556" + inkscape:window-height="1401" + inkscape:window-x="1920" + inkscape:window-y="37" + inkscape:window-maximized="0" + inkscape:snap-page="true"> + <inkscape:grid + type="xygrid" + id="grid4136" + spacingx="5" + spacingy="5" + visible="false" + snapvisiblegridlinesonly="true" + enabled="true" /> + </sodipodi:namedview> + <metadata + id="metadata7"> + <rdf:RDF> + <cc:Work + rdf:about=""> + <dc:format>image/svg+xml</dc:format> + <dc:type + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> + <dc:title></dc:title> + </cc:Work> + </rdf:RDF> + </metadata> + <g + inkscape:label="Layer 1" + inkscape:groupmode="layer" + id="layer1" + transform="translate(0,-924.36216)"> + <path + style="fill:#3c3c3c;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;stroke-opacity:1" + d="M 20 3 L 5 48 L 5 98 L 65 123 L 125 98 L 125 48 L 110 3 L 90 38 L 65 33 L 40 38 L 20 3 z " + transform="translate(0,924.36216)" + id="path4467-7-0" /> + <g + id="g4785" + transform="matrix(-1,0,0,1,135,-2e-5)" + style="fill:#797979;fill-opacity:1"> + <path + inkscape:connector-curvature="0" + id="path4762-7" + d="m 80,1017.3622 50,-20.00004 0,25.00004 -60,25 z" + style="fill:#797979;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" /> + </g> + <path + style="fill:#443d32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" + d="m 55,1017.3622 5,-45.00004 10,0 5,45.00004 z" + id="path4764" + inkscape:connector-curvature="0" + sodipodi:nodetypes="ccccc" /> + <path + style="fill:#797979;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;fill-opacity:1" + d="m 75,1017.3622 50,-20.00004 0,25.00004 -60,25 z" + id="path4762" + inkscape:connector-curvature="0" /> + <path + style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" + d="m 125,972.36216 -15,-45" + id="path4488" + inkscape:connector-curvature="0" /> + <path + style="fill:#000000;fill-rule:evenodd;stroke:#373737;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;stroke-opacity:1;fill-opacity:1" + d="M 60 88 L 55 93 L 55 108 L 60 113 L 55 113 L 29.835938 108.34766 L 65 123 L 100.16406 108.34766 L 75 113 L 70 113 L 75 108 L 75 93 L 70 88 L 65 88 L 60 88 z " + transform="translate(0,924.36216)" + id="path4648" /> + <path + style="fill:none;fill-rule:evenodd;stroke:#ffffff;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;stroke-opacity:1" + d="m 65,1047.3622 60,-25 0,-50.00004 -15,-45 -20,35 -25,-5 -25,5 -20,-35 -15,45 0,50.00004 60,25" + id="path4496" + inkscape:connector-curvature="0" /> + <path + style="fill:#959595;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;fill-opacity:1" + d="m 20,937.36216 -10,35 25,-10 -15,-25" + id="path4582" + inkscape:connector-curvature="0" /> + <path + style="fill:#585858;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" + d="m 55,977.3621 -5,25.0001 -25,-10.00006 0,-10.00004" + id="path4768-4" + inkscape:connector-curvature="0" + sodipodi:nodetypes="cccc" /> + <path + style="fill:#582b1c;fill-opacity:1;fill-rule:evenodd;stroke:#191919;stroke-width:1.32389319px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" + d="m 42.783248,995.45655 7.943359,-3.97168 -7.943359,-7.94336 -15.886718,3.97168 z" + id="path4646" + inkscape:connector-curvature="0" + sodipodi:nodetypes="ccccc" /> + <path + style="fill:#585858;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" + d="m 75,977.36216 5,25.00004 25,-10.00004 0,-10" + id="path4768" + inkscape:connector-curvature="0" + sodipodi:nodetypes="cccc" /> + <path + style="fill:#582b1c;fill-opacity:1;fill-rule:evenodd;stroke:#191919;stroke-width:1.32389319px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" + d="m 87.216752,995.45655 -7.943359,-3.97168 7.943359,-7.94336 15.886718,3.97168 z" + id="path4646-4" + inkscape:connector-curvature="0" + sodipodi:nodetypes="ccccc" /> + <path + style="fill:#959595;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" + d="m 110,937.36216 10,35 -25,-10 15,-25" + id="path4582-9" + inkscape:connector-curvature="0" /> + </g> +</svg> |
