Henry-Hiles/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

working docs

Browse source
This commit is contained in:
Henry Hiles 2025-07-25 23:52:47 -04:00
commit ce8ff03be7
No known key found for this signature in database
8 changed files with 38 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

2
clients/quadraticserver/bridges.nix
View file

@ -51,7 +51,7 @@ in {
gmessages = { gmessages = {
host = "127.0.0.5"; host = "127.0.0.5";
serviceConfig.EnvironmentFile = config.age.secrets."gmessages.age".path; serviceConfig.EnvironmentFile = config.age.secrets."gmessages.age".path;
package = inputs.nixpkgs-goolm.legacyPackages.${pkgs.system}.mautrix-gmessages; package = pkgs.mautrix-gmessages;
}; };
}; };

11
clients/quadraticserver/docs.nix
View file

@ -19,11 +19,13 @@ in {
inherit s3Url domain; inherit s3Url domain;
settings = { settings = {
OIDC_CREATE_USER = true;
OIDC_OP_AUTHORIZATION_ENDPOINT = "https://federated.nexus/login"; OIDC_OP_AUTHORIZATION_ENDPOINT = "https://federated.nexus/login";
OIDC_OP_TOKEN_ENDPOINT = "http://${authDomain}/token"; OIDC_OP_TOKEN_ENDPOINT = "http://${authDomain}/token";
OIDC_OP_USER_ENDPOINT = "http://${authDomain}/userinfo"; OIDC_OP_USER_ENDPOINT = "http://${authDomain}/userinfo";
OIDC_RP_SIGN_ALGO = "HS256"; OIDC_RP_SIGN_ALGO = "HS256";
LOGIN_REDIRECT_URL = "http://${domain}";
OIDC_USERINFO_FULLNAME_FIELDS = ''["name"]''; OIDC_USERINFO_FULLNAME_FIELDS = ''["name"]'';
OIDC_USERINFO_SHORTNAME_FIELD = "name"; OIDC_USERINFO_SHORTNAME_FIELD = "name";
@ -68,12 +70,7 @@ in {
reverse_proxy /admin/* unix/${socket} reverse_proxy /admin/* unix/${socket}
reverse_proxy /collaboration/ws/* http://localhost:${toString cfg.collaborationServer.port} { reverse_proxy /collaboration/ws/* http://localhost:${toString cfg.collaborationServer.port}
transport http {
versions h2c 1.1
}
}
reverse_proxy /collaboration/api/* http://localhost:${toString cfg.collaborationServer.port} reverse_proxy /collaboration/api/* http://localhost:${toString cfg.collaborationServer.port}
rewrite /media-auth /api/v1.0/documents/media-auth/ rewrite /media-auth /api/v1.0/documents/media-auth/

2
clients/quadraticserver/searxng.nix
View file

@ -106,7 +106,7 @@
}; };
caddy = { caddy = {
environmentFile = config.age.secrets."oidcJwtSecretEnv.age".path; environmentFile = config.age.secrets."base64JwtSecret.age".path;
virtualHosts."${domain}".extraConfig = let virtualHosts."${domain}".extraConfig = let
auth = "https://auth.federated.nexus"; auth = "https://auth.federated.nexus";
in '' in ''

43
flake.lock generated
View file

@ -1195,11 +1195,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1753373145, "lastModified": 1753470191,
"narHash": "sha256-UhuUj46dobD/POOdVNxKvAvP3luI2T0MZPm2IXl266Y=", "narHash": "sha256-hOUWU5L62G9sm8NxdiLWlLIJZz9H52VuFiDllHdwmVA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "64796151f79e6f3834bfc55f07c5487708bb5b3f", "rev": "a1817d1c0e5eabe7dfdfe4caa46c94d9d8f3fdb6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1427,11 +1427,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1753208113, "lastModified": 1753487470,
"narHash": "sha256-HDCv8NV382o8Tiv+bCtLfIXRSaiVuSm4jl8bMNbQDTA=", "narHash": "sha256-cUmvWt+y31DtRY6Mi9UQybZhaP/ooh4jqdMLzcN35Hg=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "43f59851b80740a1dc5509eb0790ac665ba1d54a", "rev": "957a6c6c97df642866c039ef586d1c52293ad552",
"revCount": 38, "revCount": 41,
"type": "git", "type": "git",
"url": "https://git.federated.nexus/Henry-Hiles/matrixoidc" "url": "https://git.federated.nexus/Henry-Hiles/matrixoidc"
}, },
@ -2132,22 +2132,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-goolm": {
"locked": {
"lastModified": 1752617119,
"narHash": "sha256-MhkyyznD3+aSpttLMttWICMWKCtZPUN1eZD95yNOISE=",
"owner": "Henry-Hiles",
"repo": "nixpkgs",
"rev": "b99b5e51b67239b147b697bec0626d67cc98092a",
"type": "github"
},
"original": {
"owner": "Henry-Hiles",
"ref": "mautrix-gmessages-goolm",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-latest": { "nixpkgs-latest": {
"locked": { "locked": {
"lastModified": 1752336159, "lastModified": 1752336159,
@ -2521,11 +2505,11 @@
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1753373813, "lastModified": 1753433875,
"narHash": "sha256-HiPFNgtvBotd3qM0ihi12uxs3PLTiLaF3ArHY36eja8=", "narHash": "sha256-kwrggwH9zeiLVonO9aA2Wngl/ZAL/1VbJxbBKgyfbXo=",
"owner": "wamserma", "owner": "wamserma",
"repo": "flake-programs-sqlite", "repo": "flake-programs-sqlite",
"rev": "523515549c510943583a6610f5f8f7718348975f", "rev": "79677d017c844fec0511558ee4f96291c85a946e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -2564,7 +2548,6 @@
"matrixoidc": "matrixoidc", "matrixoidc": "matrixoidc",
"nix-matrix-appservices": "nix-matrix-appservices", "nix-matrix-appservices": "nix-matrix-appservices",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nixpkgs-goolm": "nixpkgs-goolm",
"ooye": "ooye", "ooye": "ooye",
"programsdb": "programsdb", "programsdb": "programsdb",
"run0-sudo-shim": "run0-sudo-shim", "run0-sudo-shim": "run0-sudo-shim",
@ -2798,11 +2781,11 @@
"tinted-zed": "tinted-zed" "tinted-zed": "tinted-zed"
}, },
"locked": { "locked": {
"lastModified": 1753372006, "lastModified": 1753490930,
"narHash": "sha256-eyIYqerHPYHl2Eq802wJSOwMwZ3tdvJ4D+vckDe2mD8=", "narHash": "sha256-noQ6sJ1twQvvGH34d13iM0uh95Syx+kb3nw45wTalIM=",
"owner": "danth", "owner": "danth",
"repo": "stylix", "repo": "stylix",
"rev": "ceda12a6da2181e424d8ed7e68ed291745f06f49", "rev": "744431e17676177c18c4c52e8781ba6e91db30d6",
"type": "github" "type": "github"
}, },
"original": { "original": {

1
flake.nix
View file

@ -2,7 +2,6 @@
inputs = { inputs = {
gnome-mobile.url = "github:chuangzhu/nixpkgs-gnome-mobile"; gnome-mobile.url = "github:chuangzhu/nixpkgs-gnome-mobile";
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
nixpkgs-goolm.url = "github:Henry-Hiles/nixpkgs?ref=mautrix-gmessages-goolm";
wrapper-manager.url = "github:viperML/wrapper-manager"; wrapper-manager.url = "github:viperML/wrapper-manager";
flake-parts.url = "github:hercules-ci/flake-parts"; flake-parts.url = "github:hercules-ci/flake-parts";
disko = { disko = {

10
secrets/base64JwtSecret.age Normal file
View file

@ -0,0 +1,10 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSBadWpV
SWZlT2xDQVZ0eWwwZTJQVFRCaTd1YS9tbU5GUG1DVTlaMFlVb2ljClA4V1NNZC9G
a0p3QzdYeTBQRjg3aGlWS3NsUlpXbm1QMklqSDQxd3RCSEUKLT4gSiZ7M1RSLWdy
ZWFzZSAvZQpXMGYvcGw0eTByd2oKLS0tIFY0MHNoSndUU2prS3hMNkh0TDM4a001
eGtKdkFLcDlDRU1nWmttdlRvMGcKSS3h9zCyio8qlR3l2wuqS/qUP5TKlbbgwDHI
8dA7W7yORAZoDgtAgxxzxctpVJVvOPfZhN49aFwueounRxw28OwYiyPrpGB1O3G9
bR7uhWs+9cOrvMfkAtCRdtVUq7r+ZidYiuXhwruvxXy+BTKiDZ7Vk5A9Xt4khacU
MM8VlVwWm87+/0Y=
-----END AGE ENCRYPTED FILE-----

18
secrets/lasuiteSecrets.age
View file

@ -1,11 +1,11 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSA1eHY4 YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSBxcWZ5
Q2UvTnllWTlzbVBaNjA0NDVYN0pLRURKM01vM1I5Nk04d0xVcjJzCk90UHR4Snpu d3R2emhwSFVNTHVFRnFvajNOTDFjb0hqSWpmWWVqVzY0SEFJNEdBClkrUng3NzZ1
TmVyQ3BQN205QkRIelRrZlVXUE01L1pDd3AvRVdpVzZrSTAKLT4gVHRRIS1ncmVh ajcrK2M1SWM5aUJ0ZThBLzhkdVFKN3QxMStkdE9HUVNLeFEKLT4gJj9qX0RzLS1n
c2Ugc3V1diJZSncgOX4KWUNlTldaRkVETitwclVtdmIwYVFkUnQ1VTdrek8rcVdF cmVhc2UgKHZvTApxTElBcWRZCi0tLSB5MkpXOFpvN0d5cmozOWVTaHo3SlN6NG5J
RHJWTmtXOW5XSTdNemt4RmtCSVYrTVhVNlhLWE1VUwpmMm9xUUs0OFF3ZlFVVS9Z NXZVZTRRSEV2amFHcDdZdC9VCivwG1lYRICTYcPQpXgAIgWx8xVRBDXvm51jrc2u
OEZNTmgxNVRoZG9pZlVFQgotLS0gZHlRRk1oL3VhTmJTOHY1aWdNVVBVL3YyUGZu ZKoAS/CgoVU48VfFqEEoI3BO4te4ycRh/5kzuia/qafAIJZf4Fyc8cRnr5eBygdw
UEU4RkJJUDVxWCtMYVlBdwpmVV67p+mRvSoWikGr53MDxYMCFQ0/LKzs/kHw7iZF tiE+X7adMCSAxKQC6Bc7M+Y8pPt3BF0mKqxSrW9vqo6eyDd9LbIPRf17iB2Sstd3
0huOB/IJwFyu1Pi+A+hz5y9W6aP/5uE1NtDqbAkKz4gOwMrWo8WmyxAsU9xrLGoH a662fQDukeq4t0j1qbqQsv7RmQsOh3IrBthRoBPoq077hx+Ijl69+U7ejoRFDi0Y
s+gVvu/VdslMzSxGzA== v8JXDZcOjyo=
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----

11
secrets/oidcJwtSecretEnv.age
View file

@ -1,11 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSBYdDJD
NWJNcVUvd0JmTDhVZEVzck12ek1iTlpCREVPYVZ6Y0lhM1VBZmxBCkFwZmU2R3BG
Y0VIcllFUlU1VjZVNDB1eFZ2eFBpMDBLWUVSODlrU0R2VnMKLT4gUlpkLWdyZWFz
ZSAvdF89IEo5LQpVNVcwc2JmZWdUalJrWVNEQXAzQkh1UFJGTzdDeU5HdDdrTnZu
VXFvQ2dnemN0eDFGNnpsU21jMlBrZFNyL0o0CmpYTHFuS2VpdHcKLS0tIE9FZHo5
dlZtOXNVaUIrUVlxM0lWcGFzc1k3MVhTam9vbzF1ZnExVzd4Qm8KGMrtis7WGy6p
IToPtJLsWzxnQKeD4MMLNfH6PTI0CbPqwBwdjEGjWe6CBENbxsgLL/Ggs3JIDjHI
aYXh7La2fwl1TkVGhOshspT0a7gdRhWJexdVHEUy/qNQyqrpl41r0UW4ZMXwF6bm
ztXlKgSjV8SuFKNzpyMPUEtO7CFkLLPlwxor6CI=
-----END AGE ENCRYPTED FILE-----