diff options
Diffstat (limited to 'nixos/configurations/lipwig.nix')
| -rw-r--r-- | nixos/configurations/lipwig.nix | 147 |
1 files changed, 70 insertions, 77 deletions
diff --git a/nixos/configurations/lipwig.nix b/nixos/configurations/lipwig.nix index 5855b6d..f141fa9 100644 --- a/nixos/configurations/lipwig.nix +++ b/nixos/configurations/lipwig.nix @@ -73,66 +73,64 @@ ]; # Web ###################################################################### - services.nginx = { - enable = true; - virtualHosts = { - "cynerd.cz" = { - forceSSL = true; - enableACME = true; - locations = { - "/".root = ../../web; - "/radicale/" = { - proxyPass = "http://127.0.0.1:5232/"; - extraConfig = '' - proxy_set_header X-Script-Name /radicale; - proxy_pass_header Authorization; - ''; + services = { + nginx = { + enable = true; + virtualHosts = { + "cynerd.cz" = { + forceSSL = true; + enableACME = true; + locations = { + "/".root = ../../web; + "/radicale/" = { + proxyPass = "http://127.0.0.1:5232/"; + extraConfig = '' + proxy_set_header X-Script-Name /radicale; + proxy_pass_header Authorization; + ''; + }; }; }; - }; - "git.cynerd.cz" = { - forceSSL = true; - useACMEHost = "cynerd.cz"; - root = "${pkgs.cgit}/cgit"; - locations."/".tryFiles = "$uri @cgit"; - locations."@cgit".extraConfig = '' - fastcgi_pass unix:${config.services.fcgiwrap.instances.cgit.socket.address}; - fastcgi_param SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi; - fastcgi_param PATH_INFO $uri; - fastcgi_param QUERY_STRING $args; - fastcgi_param HTTP_HOST $server_name; - ''; - }; - "cloud.cynerd.cz" = { - forceSSL = true; - useACMEHost = "cynerd.cz"; - }; - "office.cynerd.cz" = { - forceSSL = true; - useACMEHost = "cynerd.cz"; - }; - "grafana.cynerd.cz" = { - forceSSL = true; - useACMEHost = "cynerd.cz"; - locations."/" = { - proxyPass = "http://localhost:${toString config.services.grafana.settings.server.http_port}"; - proxyWebsockets = true; - recommendedProxySettings = true; + "git.cynerd.cz" = { + forceSSL = true; + useACMEHost = "cynerd.cz"; + root = "${pkgs.cgit}/cgit"; + locations."/".tryFiles = "$uri @cgit"; + locations."@cgit".extraConfig = '' + fastcgi_pass unix:${config.services.fcgiwrap.instances.cgit.socket.address}; + fastcgi_param SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi; + fastcgi_param PATH_INFO $uri; + fastcgi_param QUERY_STRING $args; + fastcgi_param HTTP_HOST $server_name; + ''; + }; + "cloud.cynerd.cz" = { + forceSSL = true; + useACMEHost = "cynerd.cz"; + }; + "grafana.cynerd.cz" = { + forceSSL = true; + useACMEHost = "cynerd.cz"; + locations."/" = { + proxyPass = "http://localhost:${toString config.services.grafana.settings.server.http_port}"; + proxyWebsockets = true; + recommendedProxySettings = true; + }; + }; + "searx.cynerd.cz" = { + forceSSL = true; + useACMEHost = "cynerd.cz"; + locations."/".extraConfig = '' + uwsgi_pass "unix:///run/searx/searx.sock"; + include ${config.services.nginx.package}/conf/uwsgi_params; + ''; }; - }; - "searx.cynerd.cz" = { - forceSSL = true; - useACMEHost = "cynerd.cz"; - locations."/".extraConfig = '' - uwsgi_pass "unix:///run/searx/searx.sock"; - include ${config.services.nginx.package}/conf/uwsgi_params; - ''; }; }; - }; - services.fcgiwrap.instances.cgit = { - process.user = "git"; - socket = {inherit (config.services.nginx) user group;}; + fcgiwrap.instances.cgit = { + process.user = "git"; + socket = {inherit (config.services.nginx) user group;}; + }; }; security.acme = { acceptTerms = true; @@ -199,7 +197,7 @@ # Nextcloud ################################################################ services.nextcloud = { enable = true; - package = pkgs.nextcloud31; + package = pkgs.nextcloud32; https = true; hostName = "cloud.cynerd.cz"; datadir = "/nas/nextcloud"; @@ -245,9 +243,9 @@ forms groupfolders impersonate + #maps memories notes - onlyoffice phonetrack previewgenerator spreed @@ -255,39 +253,34 @@ twofactor_webauthn ; # Additional modules can be fetched with: - # NEXTCLOUD_VERSIONS=30 nix run nixpkgs#nc4nix -- -apps "passwords,money,integration_github,integration_gitlab" + # NEXTCLOUD_VERSIONS=32 nix run nixpkgs#nc4nix -- -apps "passwords,money,integration_github,integration_gitlab,fileslibreofficeedit" + fileslibreofficeedit = pkgs.fetchNextcloudApp { + url = "https://github.com/allotropia/nextcloud_files_libreoffice_edit/releases/download/v2.0.1/fileslibreofficeedit.tar.gz"; + hash = "sha256-Xqx5snQWintYJG3Q1Crw22TkNw18DdADXkurMQqt3X8="; + license = "agpl3Plus"; + }; integration_github = pkgs.fetchNextcloudApp { - url = "https://github.com/nextcloud-releases/integration_github/releases/download/v3.1.1/integration_github-v3.1.1.tar.gz"; - hash = "sha256-nm463H33WyXTJkb7+OSsunARNuSl5nc3uGClgwkVvhM="; + url = "https://github.com/nextcloud-releases/integration_github/releases/download/v3.2.2/integration_github-v3.2.2.tar.gz"; + hash = "sha256-n7U/es4EdwS0cvegeFLnqhooRhkaSIdiVLwSse8hS3I="; license = "agpl3Plus"; }; integration_gitlab = pkgs.fetchNextcloudApp { - url = "https://github.com/nextcloud-releases/integration_gitlab/releases/download/v3.1.2/integration_gitlab-v3.1.2.tar.gz"; - hash = "sha256-nCH0DqYmr4T856sOU5PhSK6WAHIF9mnYThgytxEbkNA="; + url = "https://github.com/nextcloud-releases/integration_gitlab/releases/download/v4.0.0/integration_gitlab-v4.0.0.tar.gz"; + hash = "sha256-0CKvAiwdG6Llomo9ROu0KLdUq1xfjAwlO1e1/LYzL4s="; license = "agpl3Plus"; }; money = pkgs.fetchNextcloudApp { - url = "https://github.com/powerpaul17/nc_money/releases/download/v0.30.0/money.tar.gz"; - hash = "sha256-4gHm6sF9S+1G1naRTr+eR8ZyjCpB3viXTzRCNQFUtF0="; + url = "https://github.com/powerpaul17/nc_money/releases/download/v0.31.0/money.tar.gz"; + hash = "sha256-6RlxWTCw6NP9RquHnfoLLBw/dmAXx21INCzYUcp3E/4="; license = "agpl3Plus"; }; passwords = pkgs.fetchNextcloudApp { - url = "https://git.mdns.eu/api/v4/projects/45/packages/generic/passwords/2025.5.1/passwords.tar.gz"; - hash = "sha256-v4IVpqbTN3TKORESFX+sJsiSrLkUc0b5Stj8CmznSIw="; - license = "agpl3Plus"; - }; - maps = pkgs.fetchNextcloudApp { - url = "https://github.com/nextcloud/maps/releases/download/v1.6.0-3-nightly/maps-1.6.0-3-nightly.tar.gz"; - hash = "sha256-E0S/CwXyye19lcuiONEQCyHJqlL0ZG1A9Q7oOTEZH1g="; + url = "https://git.mdns.eu/api/v4/projects/45/packages/generic/passwords/2025.12.0/passwords-lsr-81.tar.gz"; + hash = "sha256-XhPNM4VH0yuaOlgivrzKXoLX2wUODbEiuz/S2X4Ugxw="; license = "agpl3Plus"; }; }; }; - # OnlyOffice ############################################################### - services.onlyoffice = { - enable = true; - hostname = "office.cynerd.cz"; - }; # Postgresql ############################################################### services.postgresql = { @@ -370,7 +363,7 @@ } ]; }; - runInUwsgi = true; + configureUwsgi = true; uwsgiConfig = { socket = "/run/searx/searx.sock"; chmod-socket = "660"; |