working docs

2025-07-25 23:52:47 -04:00 · 2025-07-25 23:52:47 -04:00 · ce8ff03be7
commit ce8ff03be7
parent 5aef169d60
8 changed files with 38 additions and 60 deletions
--- a/clients/quadraticserver/bridges.nix
+++ b/clients/quadraticserver/bridges.nix
@ -51,7 +51,7 @@ in {
      gmessages = {
        host = "127.0.0.5";
        serviceConfig.EnvironmentFile = config.age.secrets."gmessages.age".path;
-        package = inputs.nixpkgs-goolm.legacyPackages.${pkgs.system}.mautrix-gmessages;
+        package = pkgs.mautrix-gmessages;
      };
    };

--- a/clients/quadraticserver/docs.nix
+++ b/clients/quadraticserver/docs.nix
@ -19,11 +19,13 @@ in {
      inherit s3Url domain;

      settings = {
-        OIDC_CREATE_USER = true;
        OIDC_OP_AUTHORIZATION_ENDPOINT = "https://federated.nexus/login";
        OIDC_OP_TOKEN_ENDPOINT = "http://${authDomain}/token";
        OIDC_OP_USER_ENDPOINT = "http://${authDomain}/userinfo";
        OIDC_RP_SIGN_ALGO = "HS256";
+
+        LOGIN_REDIRECT_URL = "http://${domain}";
+
        OIDC_USERINFO_FULLNAME_FIELDS = ''["name"]'';
        OIDC_USERINFO_SHORTNAME_FIELD = "name";

@ -68,12 +70,7 @@ in {

      reverse_proxy /admin/* unix/${socket}

-      reverse_proxy /collaboration/ws/* http://localhost:${toString cfg.collaborationServer.port} {
-        transport http {
-          versions h2c 1.1
-        }
-      }
-
+      reverse_proxy /collaboration/ws/* http://localhost:${toString cfg.collaborationServer.port}
      reverse_proxy /collaboration/api/* http://localhost:${toString cfg.collaborationServer.port}

      rewrite /media-auth /api/v1.0/documents/media-auth/
--- a/clients/quadraticserver/searxng.nix
+++ b/clients/quadraticserver/searxng.nix
@ -106,7 +106,7 @@
    };

    caddy = {
-      environmentFile = config.age.secrets."oidcJwtSecretEnv.age".path;
+      environmentFile = config.age.secrets."base64JwtSecret.age".path;
      virtualHosts."${domain}".extraConfig = let
        auth = "https://auth.federated.nexus";
      in ''
--- a/flake.lock
+++ b/flake.lock
@ -1195,11 +1195,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1753373145,
-        "narHash": "sha256-UhuUj46dobD/POOdVNxKvAvP3luI2T0MZPm2IXl266Y=",
+        "lastModified": 1753470191,
+        "narHash": "sha256-hOUWU5L62G9sm8NxdiLWlLIJZz9H52VuFiDllHdwmVA=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "64796151f79e6f3834bfc55f07c5487708bb5b3f",
+        "rev": "a1817d1c0e5eabe7dfdfe4caa46c94d9d8f3fdb6",
        "type": "github"
      },
      "original": {
@ -1427,11 +1427,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1753208113,
-        "narHash": "sha256-HDCv8NV382o8Tiv+bCtLfIXRSaiVuSm4jl8bMNbQDTA=",
+        "lastModified": 1753487470,
+        "narHash": "sha256-cUmvWt+y31DtRY6Mi9UQybZhaP/ooh4jqdMLzcN35Hg=",
        "ref": "refs/heads/main",
-        "rev": "43f59851b80740a1dc5509eb0790ac665ba1d54a",
-        "revCount": 38,
+        "rev": "957a6c6c97df642866c039ef586d1c52293ad552",
+        "revCount": 41,
        "type": "git",
        "url": "https://git.federated.nexus/Henry-Hiles/matrixoidc"
      },
@ -2132,22 +2132,6 @@
        "type": "github"
      }
    },
-    "nixpkgs-goolm": {
-      "locked": {
-        "lastModified": 1752617119,
-        "narHash": "sha256-MhkyyznD3+aSpttLMttWICMWKCtZPUN1eZD95yNOISE=",
-        "owner": "Henry-Hiles",
-        "repo": "nixpkgs",
-        "rev": "b99b5e51b67239b147b697bec0626d67cc98092a",
-        "type": "github"
-      },
-      "original": {
-        "owner": "Henry-Hiles",
-        "ref": "mautrix-gmessages-goolm",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
    "nixpkgs-latest": {
      "locked": {
        "lastModified": 1752336159,
@ -2521,11 +2505,11 @@
        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1753373813,
-        "narHash": "sha256-HiPFNgtvBotd3qM0ihi12uxs3PLTiLaF3ArHY36eja8=",
+        "lastModified": 1753433875,
+        "narHash": "sha256-kwrggwH9zeiLVonO9aA2Wngl/ZAL/1VbJxbBKgyfbXo=",
        "owner": "wamserma",
        "repo": "flake-programs-sqlite",
-        "rev": "523515549c510943583a6610f5f8f7718348975f",
+        "rev": "79677d017c844fec0511558ee4f96291c85a946e",
        "type": "github"
      },
      "original": {
@ -2564,7 +2548,6 @@
        "matrixoidc": "matrixoidc",
        "nix-matrix-appservices": "nix-matrix-appservices",
        "nixpkgs": "nixpkgs_2",
-        "nixpkgs-goolm": "nixpkgs-goolm",
        "ooye": "ooye",
        "programsdb": "programsdb",
        "run0-sudo-shim": "run0-sudo-shim",
@ -2798,11 +2781,11 @@
        "tinted-zed": "tinted-zed"
      },
      "locked": {
-        "lastModified": 1753372006,
-        "narHash": "sha256-eyIYqerHPYHl2Eq802wJSOwMwZ3tdvJ4D+vckDe2mD8=",
+        "lastModified": 1753490930,
+        "narHash": "sha256-noQ6sJ1twQvvGH34d13iM0uh95Syx+kb3nw45wTalIM=",
        "owner": "danth",
        "repo": "stylix",
-        "rev": "ceda12a6da2181e424d8ed7e68ed291745f06f49",
+        "rev": "744431e17676177c18c4c52e8781ba6e91db30d6",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -2,7 +2,6 @@
  inputs = {
    gnome-mobile.url = "github:chuangzhu/nixpkgs-gnome-mobile";
    nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
-    nixpkgs-goolm.url = "github:Henry-Hiles/nixpkgs?ref=mautrix-gmessages-goolm";
    wrapper-manager.url = "github:viperML/wrapper-manager";
    flake-parts.url = "github:hercules-ci/flake-parts";
    disko = {
--- a/secrets/base64JwtSecret.age
+++ b/secrets/base64JwtSecret.age
@ -0,0 +1,10 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSBadWpV
+SWZlT2xDQVZ0eWwwZTJQVFRCaTd1YS9tbU5GUG1DVTlaMFlVb2ljClA4V1NNZC9G
+a0p3QzdYeTBQRjg3aGlWS3NsUlpXbm1QMklqSDQxd3RCSEUKLT4gSiZ7M1RSLWdy
+ZWFzZSAvZQpXMGYvcGw0eTByd2oKLS0tIFY0MHNoSndUU2prS3hMNkh0TDM4a001
+eGtKdkFLcDlDRU1nWmttdlRvMGcKSS3h9zCyio8qlR3l2wuqS/qUP5TKlbbgwDHI
+8dA7W7yORAZoDgtAgxxzxctpVJVvOPfZhN49aFwueounRxw28OwYiyPrpGB1O3G9
+bR7uhWs+9cOrvMfkAtCRdtVUq7r+ZidYiuXhwruvxXy+BTKiDZ7Vk5A9Xt4khacU
+MM8VlVwWm87+/0Y=
+-----END AGE ENCRYPTED FILE-----
--- a/secrets/lasuiteSecrets.age
+++ b/secrets/lasuiteSecrets.age
@ -1,11 +1,11 @@
 -----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSA1eHY4
-Q2UvTnllWTlzbVBaNjA0NDVYN0pLRURKM01vM1I5Nk04d0xVcjJzCk90UHR4Snpu
-TmVyQ3BQN205QkRIelRrZlVXUE01L1pDd3AvRVdpVzZrSTAKLT4gVHRRIS1ncmVh
-c2Ugc3V1diJZSncgOX4KWUNlTldaRkVETitwclVtdmIwYVFkUnQ1VTdrek8rcVdF
-RHJWTmtXOW5XSTdNemt4RmtCSVYrTVhVNlhLWE1VUwpmMm9xUUs0OFF3ZlFVVS9Z
-OEZNTmgxNVRoZG9pZlVFQgotLS0gZHlRRk1oL3VhTmJTOHY1aWdNVVBVL3YyUGZu
-UEU4RkJJUDVxWCtMYVlBdwpmVV67p+mRvSoWikGr53MDxYMCFQ0/LKzs/kHw7iZF
-0huOB/IJwFyu1Pi+A+hz5y9W6aP/5uE1NtDqbAkKz4gOwMrWo8WmyxAsU9xrLGoH
-s+gVvu/VdslMzSxGzA==
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSBxcWZ5
+d3R2emhwSFVNTHVFRnFvajNOTDFjb0hqSWpmWWVqVzY0SEFJNEdBClkrUng3NzZ1
+ajcrK2M1SWM5aUJ0ZThBLzhkdVFKN3QxMStkdE9HUVNLeFEKLT4gJj9qX0RzLS1n
+cmVhc2UgKHZvTApxTElBcWRZCi0tLSB5MkpXOFpvN0d5cmozOWVTaHo3SlN6NG5J
+NXZVZTRRSEV2amFHcDdZdC9VCivwG1lYRICTYcPQpXgAIgWx8xVRBDXvm51jrc2u
+ZKoAS/CgoVU48VfFqEEoI3BO4te4ycRh/5kzuia/qafAIJZf4Fyc8cRnr5eBygdw
+tiE+X7adMCSAxKQC6Bc7M+Y8pPt3BF0mKqxSrW9vqo6eyDd9LbIPRf17iB2Sstd3
+a662fQDukeq4t0j1qbqQsv7RmQsOh3IrBthRoBPoq077hx+Ijl69+U7ejoRFDi0Y
+v8JXDZcOjyo=
 -----END AGE ENCRYPTED FILE-----
--- a/secrets/oidcJwtSecretEnv.age
+++ b/secrets/oidcJwtSecretEnv.age
@ -1,11 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSBYdDJD
-NWJNcVUvd0JmTDhVZEVzck12ek1iTlpCREVPYVZ6Y0lhM1VBZmxBCkFwZmU2R3BG
-Y0VIcllFUlU1VjZVNDB1eFZ2eFBpMDBLWUVSODlrU0R2VnMKLT4gUlpkLWdyZWFz
-ZSAvdF89IEo5LQpVNVcwc2JmZWdUalJrWVNEQXAzQkh1UFJGTzdDeU5HdDdrTnZu
-VXFvQ2dnemN0eDFGNnpsU21jMlBrZFNyL0o0CmpYTHFuS2VpdHcKLS0tIE9FZHo5
-dlZtOXNVaUIrUVlxM0lWcGFzc1k3MVhTam9vbzF1ZnExVzd4Qm8KGMrtis7WGy6p
-IToPtJLsWzxnQKeD4MMLNfH6PTI0CbPqwBwdjEGjWe6CBENbxsgLL/Ggs3JIDjHI
-aYXh7La2fwl1TkVGhOshspT0a7gdRhWJexdVHEUy/qNQyqrpl41r0UW4ZMXwF6bm
-ztXlKgSjV8SuFKNzpyMPUEtO7CFkLLPlwxor6CI=
-----END AGE ENCRYPTED FILE-----