helvetica/puter
1
0
Fork 0
Code Activity

snapshot

Browse source
This commit is contained in:
Lukas Wurzinger 2024-08-18 02:55:37 +02:00
parent f15455ca12
commit 7b2a024010
19 changed files with 235 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

20
hosts/abacus/backup.nix Normal file
View file

@ -0,0 +1,20 @@
{
attrName,
config,
...
}: {
age.secrets."restic-${attrName}".file = ../../secrets/restic-${attrName}.age;
services.restic.backups.${attrName} = {
repository = "sftp:u385962@u385962.your-storagebox.de:/restic/${attrName}";
initialize = true;
paths = [config.services.syncthing.dataDir];
passwordFile = config.age.secrets."restic-${attrName}".path;
pruneOpts = ["--keep-daily 7" "--keep-weekly 5" "--keep-monthly 12"];
timerConfig = {
OnCalendar = "*-*-* 03:00:00";
Persistent = true;
};
extraOptions = ["sftp.args='-i /etc/ssh/ssh_host_ed25519_key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'"];
};
}

3
hosts/abacus/conduit.nix
View file

@ -60,11 +60,10 @@ in {
"/".return = "404";
"/_matrix/" = {
proxyPass = "http://${config.services.matrix-conduit.settings.global.address}:${toString config.services.matrix-conduit.settings.global.port}$request_uri";
proxyPass = "http://${config.services.matrix-conduit.settings.global.address}:${toString config.services.matrix-conduit.settings.global.port}";
proxyWebsockets = true;
extraConfig = ''
proxy_set_header Host $host;
proxy_buffering off;
'';
};

2
hosts/abacus/default.nix
View file

@ -2,6 +2,8 @@
imports = [
"${modulesPath}/profiles/qemu-guest.nix"
./microbin.nix
./miniflux.nix
./nginx.nix
./vaultwarden.nix
];

37
hosts/abacus/microbin.nix Normal file
View file

@ -0,0 +1,37 @@
{config, ...}: let
inherit (config.networking) domain;
virtualHostName = "bin.${domain}";
in {
age.secrets.microbin.file = ../../secrets/microbin.age;
services.microbin = {
enable = true;
passwordFile = config.age.secrets.microbin.path;
settings = {
MICROBIN_BIND = "localhost";
MICROBIN_PORT = 8020;
MICROBIN_ADMIN_USERNAME = "lukas";
MICROBIN_PUBLIC_PATH = "https://${virtualHostName}/";
MICROBIN_QR = true;
MICROBIN_ETERNAL_PASTA = false;
MICROBIN_MAX_FILE_SIZE_ENCRYPTED_MB = 1024;
MICROBIN_MAX_FILE_SIZE_UNENCRYPTED_MB = 4096;
MICROBIN_DISABLE_UPDATE_CHECKING = false;
MICROBIN_DISABLE_TELEMETRY = true;
MICROBIN_LIST_SERVER = false;
};
};
services.nginx.virtualHosts.${virtualHostName} = {
enableACME = true;
forceSSL = true;
quic = true;
locations."/".proxyPass = "http://${config.services.microbin.settings.MICROBIN_BIND}:${builtins.toString config.services.microbin.settings.MICROBIN_PORT}";
};
}

23
hosts/abacus/miniflux.nix Normal file
View file

@ -0,0 +1,23 @@
{config, ...}: let
inherit (config.networking) domain;
virtualHostName = "bin.${domain}";
in {
services.miniflux = {
enable = true;
createDatabaseLocally = true;
adminCredentialsFile = "";
config = {
LISTEN_ADDR = "localhost:8040";
BASE_URL = "https://${virtualHostName}";
WEBAUTHN = true;
};
};
services.nginx.virtualHosts.${virtualHostName} = {
enableACME = true;
forceSSL = true;
quic = true;
locations."/".proxyPass = "http://${config.services.miniflux.config.LISTEN_ADDR}";
};
}