Henry-Hiles/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WIP grapevine

Browse source
This commit is contained in:
Henry Hiles 2025-03-31 19:29:43 -04:00
parent d566d9ef27
commit f85442e1ab
Signed by: Henry-Hiles
SSH key fingerprint: SHA256:VKQUdS31Q90KvX7EkKMHMBpUspcmItAh86a+v7PGiIs
4 changed files with 384 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

57
clients/quadraticserver/matrix.nix
View file

@ -1,22 +1,63 @@
{config, ...}: {
{inputs, ...}: {
imports = [inputs.grapevine.nixosModules.default];
networking.firewall.allowedTCPPorts = [8448];
systemd.tmpfiles.rules = [
"d /var/lib/private/matrix-conduit 0770 conduit conduit"
"d /var/lib/private/matrix-conduit/database 0770 conduit conduit"
"d /var/lib/private/matrix-conduit/media 0770 conduit conduit"
"L /var/lib/matrix-conduit /var/lib/private/matrix-conduit"
];
users = {
groups.conduit = {};
users.conduit = {
isSystemUser = true;
group = "conduit";
};
};
systemd.services.grapevine.serviceConfig = {
User = "conduit";
Group = "conduit";
};
services = let
domain = "matrix.henryhiles.com";
socket = "/run/conduwuit/socket";
# socket = "/run/grapvine/socket";
in {
conduwuit = {
grapevine = {
enable = true;
group = config.services.caddy.group;
settings.global = {
server_name = "henryhiles.com";
unix_socket_path = socket;
settings = {
server_name = domain;
conduit_compat = true;
database.backend = "rocksdb";
allow_registration = true;
registration_token = "test";
federation = {
max_concurrent_requests = 10000;
self_test = false;
};
server_discovery = {
server.authority = "${domain}:443";
client.base_url = "https://${domain}";
};
listen = [
{
type = "tcp";
address = "127.0.0.3";
}
];
};
};
caddy.virtualHosts."${domain}" = {
serverAliases = ["${domain}:8448"];
extraConfig = "reverse_proxy unix/${socket}";
extraConfig = "reverse_proxy 127.0.0.3";
};
};
}

4
clients/quadraticserver/vaultwarden.nix
View file

@ -8,10 +8,10 @@
domain = "https://${domain}";
signupsAllowed = false;
passwordHintsAllowed = false;
rocketAddress = "127.0.0.1";
rocketAddress = "127.0.0.2";
};
};
caddy.virtualHosts."${domain}".extraConfig = "reverse_proxy localhost:8000";
caddy.virtualHosts."${domain}".extraConfig = "reverse_proxy 127.0.0.2:8000";
};
}

342
flake.lock generated
View file

@ -43,6 +43,30 @@
"type": "github"
}
},
"attic": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts",
"nix-github-actions": "nix-github-actions",
"nixpkgs": "nixpkgs_2",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1738524606,
"narHash": "sha256-hPYEJ4juK3ph7kbjbvv7PlU1D9pAkkhl+pwx8fZY53U=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "ff8a897d1f4408ebbf4d45fa9049c06b3e1e3f4e",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"ref": "main",
"repo": "attic",
"type": "github"
}
},
"base16": {
"inputs": {
"fromYaml": "fromYaml"
@ -126,6 +150,44 @@
"type": "gitlab"
}
},
"crane": {
"inputs": {
"nixpkgs": [
"grapevine",
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722960479,
"narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=",
"owner": "ipetkov",
"repo": "crane",
"rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"crane_2": {
"locked": {
"lastModified": 1742394900,
"narHash": "sha256-vVOAp9ahvnU+fQoKd4SEXB2JG2wbENkpqcwlkIXgUC0=",
"owner": "ipetkov",
"repo": "crane",
"rev": "70947c1908108c0c551ddfd73d4f750ff2ea67cd",
"type": "github"
},
"original": {
"owner": "ipetkov",
"ref": "master",
"repo": "crane",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@ -148,6 +210,29 @@
"type": "github"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
"grapevine",
"nixpkgs"
],
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1742452566,
"narHash": "sha256-sVuLDQ2UIWfXUBbctzrZrXM2X05YjX08K7XHMztt36E=",
"owner": "nix-community",
"repo": "fenix",
"rev": "7d9ba794daf5e8cc7ee728859bc688d8e26d5f06",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "main",
"repo": "fenix",
"type": "github"
}
},
"firefox-gnome-theme": {
"flake": false,
"locked": {
@ -212,6 +297,39 @@
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"ref": "master",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_4": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_5": {
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
@ -227,6 +345,28 @@
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"grapevine",
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722555600,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"stylix",
@ -267,6 +407,25 @@
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"ref": "main",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": [
"stylix",
@ -368,6 +527,33 @@
"type": "github"
}
},
"grapevine": {
"inputs": {
"attic": "attic",
"crane": "crane_2",
"fenix": "fenix",
"flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_2",
"nix-filter": "nix-filter",
"nixpkgs": "nixpkgs_3",
"rocksdb": "rocksdb"
},
"locked": {
"host": "gitlab.computer.surgery",
"lastModified": 1743378486,
"narHash": "sha256-OX4sPrEDoTO/qZklcBMhqwjMpUWjPmSFW5LWoYSJezE=",
"owner": "matrix",
"repo": "grapevine",
"rev": "6bcc4e310e26f742dd2e8508271b93bb9b61edce",
"type": "gitlab"
},
"original": {
"host": "gitlab.computer.surgery",
"owner": "matrix",
"repo": "grapevine",
"type": "gitlab"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -430,6 +616,44 @@
"type": "github"
}
},
"nix-filter": {
"locked": {
"lastModified": 1731533336,
"narHash": "sha256-oRam5PS1vcrr5UPgALW0eo1m/5/pls27Z/pabHNy2Ms=",
"owner": "numtide",
"repo": "nix-filter",
"rev": "f7653272fd234696ae94229839a99b73c9ab7de0",
"type": "github"
},
"original": {
"owner": "numtide",
"ref": "main",
"repo": "nix-filter",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"grapevine",
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1729742964,
"narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1734435836,
@ -461,7 +685,55 @@
"type": "indirect"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1724316499,
"narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1726042813,
"narHash": "sha256-LnNKCCxnwgF+575y0pxUdlGZBO/ru1CtGHIqQVfvjlA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "159be5db480d1df880a0135ca0bfed84c2f88353",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1742889210,
"narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "698214a32beb4f4c8e3942372c694f40848b360d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1743095683,
"narHash": "sha256-gWd4urRoLRe8GLVC/3rYRae1h+xfQzt09xOfb0PaHSk=",
@ -477,7 +749,7 @@
"type": "github"
}
},
"nixpkgs_3": {
"nixpkgs_5": {
"locked": {
"lastModified": 1732014248,
"narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
@ -492,7 +764,7 @@
"type": "indirect"
}
},
"nixpkgs_4": {
"nixpkgs_6": {
"locked": {
"lastModified": 1741513245,
"narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=",
@ -510,7 +782,7 @@
},
"nur": {
"inputs": {
"flake-parts": "flake-parts",
"flake-parts": "flake-parts_2",
"nixpkgs": [
"stylix",
"nixpkgs"
@ -552,24 +824,59 @@
"type": "github"
}
},
"rocksdb": {
"flake": false,
"locked": {
"lastModified": 1734381914,
"narHash": "sha256-G+DlQwEUyd7JOCjS1Hg1cKWmA/qAiK8UpUIKcP+riGQ=",
"owner": "facebook",
"repo": "rocksdb",
"rev": "ae8fb3e5000e46d8d4c9dbf3a36019c0aaceebff",
"type": "github"
},
"original": {
"owner": "facebook",
"ref": "v9.10.0",
"repo": "rocksdb",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"agenix-cli": "agenix-cli",
"firefox-gnome-theme": "firefox-gnome-theme",
"grapevine": "grapevine",
"home-manager": "home-manager_2",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs_4",
"programsdb": "programsdb",
"simple-nixos-mailserver": "simple-nixos-mailserver",
"stylix": "stylix",
"wrapper-manager": "wrapper-manager"
}
},
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1742296961,
"narHash": "sha256-gCpvEQOrugHWLimD1wTFOJHagnSEP6VYBDspq96Idu0=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "15d87419f1a123d8f888d608129c3ce3ff8f13d4",
"type": "github"
},
"original": {
"owner": "rust-lang",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"simple-nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat_2",
"nixpkgs": "nixpkgs_3",
"flake-compat": "flake-compat_4",
"nixpkgs": "nixpkgs_5",
"nixpkgs-24_11": "nixpkgs-24_11"
},
"locked": {
@ -593,14 +900,14 @@
"base16-helix": "base16-helix",
"base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme_2",
"flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_2",
"flake-compat": "flake-compat_5",
"flake-utils": "flake-utils_3",
"git-hooks": "git-hooks",
"gnome-shell": "gnome-shell",
"home-manager": "home-manager_3",
"nixpkgs": "nixpkgs_4",
"nixpkgs": "nixpkgs_6",
"nur": "nur",
"systems": "systems_3",
"systems": "systems_4",
"tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes",
@ -666,6 +973,21 @@
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tinted-foot": {
"flake": false,
"locked": {

1
flake.nix
View file

@ -2,6 +2,7 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
agenix-cli.url = "github:cole-h/agenix-cli";
grapevine.url = "gitlab:matrix/grapevine?host=gitlab.computer.surgery";
simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
agenix = {
url = "github:ryantm/agenix";