diff --git a/clients/quadraticserver/caddy.nix b/clients/quadraticserver/caddy.nix index 4d11bd3..1c53fc6 100644 --- a/clients/quadraticserver/caddy.nix +++ b/clients/quadraticserver/caddy.nix @@ -3,5 +3,5 @@ enable = true; email = "henry@henryhiles.com"; }; - networking.firewall.allowedTCPPorts = [2200 443]; + networking.firewall.allowedTCPPorts = [80 443]; } diff --git a/clients/quadraticserver/forgejo.nix b/clients/quadraticserver/forgejo.nix deleted file mode 100644 index 0dbc134..0000000 --- a/clients/quadraticserver/forgejo.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ - pkgs, - config, - ... -}: { - services = let - domain = "git.henryhiles.com"; - socket = "/run/forgejo/socket"; - in { - forgejo = { - enable = true; - package = pkgs.forgejo; # Not LTS - settings = { - service.DISABLE_REGISTRATION = true; - repository.GO_GET_CLONE_URL_PROTOCOL = "ssh"; - - server = { - DOMAIN = domain; - ROOT_URL = "https://${domain}"; - HTTP_ADDR = socket; - PROTOCOL = "http+unix"; - SSH_LISTEN_PORT = 2200; - }; - }; - }; - - gitea-actions-runner = { - package = pkgs.forgejo-actions-runner; - instances.default = { - enable = true; - name = "monolith"; - url = "https://git.henryhiles.com"; - tokenFile = config.age.secrets."runnerToken.age".path; - labels = [ - "native:host" - ]; - }; - }; - - caddy.virtualHosts."${domain}".extraConfig = "reverse_proxy unix/${socket}"; - }; -} diff --git a/flake.lock b/flake.lock index b0650b5..0c59384 100644 --- a/flake.lock +++ b/flake.lock @@ -131,11 +131,11 @@ "firefox-gnome-theme": { "flake": false, "locked": { - "lastModified": 1742826799, - "narHash": "sha256-v1uYWuOPpXgUxx8WPLtXyLLCBL2/lgMjqyg7K9RPirw=", + "lastModified": 1742173552, + "narHash": "sha256-8EQS6zY47hVa3jWG9d2MuHK+1JmG/6vdp8gEd2eKFow=", "owner": "rafaelmardojai", "repo": "firefox-gnome-theme", - "rev": "26b99e51e7f15a62eb3f90aea536d9ba55f782df", + "rev": "072ee5d3e8b6f575a31cc294054537dc841d5049", "type": "github" }, "original": { @@ -343,11 +343,11 @@ ] }, "locked": { - "lastModified": 1742871411, - "narHash": "sha256-F3xBdOs5m0SE6Gq3jz+JxDOPvsLs22vbGfD05uF6xEc=", + "lastModified": 1742508854, + "narHash": "sha256-vQQTIl4+slrcu7ftVKNBql9ngBdY0dcYGujdT7zIVp0=", "owner": "nix-community", "repo": "home-manager", - "rev": "869f2ec2add75ce2a70a6dbbf585b8399abec625", + "rev": "da0181819479ddc034a3db9a77ed21ea3bcc0668", "type": "github" }, "original": { @@ -379,11 +379,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742669843, - "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", + "lastModified": 1742288794, + "narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1e5b653dff12029333a6546c11e108ede13052eb", + "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42", "type": "github" }, "original": { @@ -470,11 +470,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1742888184, - "narHash": "sha256-RQcDOflYvsl2BV3q2lFmjY1qnBIv2P1n8FVviVnL9Lo=", + "lastModified": 1742493140, + "narHash": "sha256-deeSwFTs5mAR0lHIccRrND/+YIhgJwdXwJE9iHIP8ec=", "owner": "wamserma", "repo": "flake-programs-sqlite", - "rev": "4ba0fb3ef21aa09b1e951476f785cf746bad019a", + "rev": "84d4a332c0f98637d504f9d5ad5610a263d271fe", "type": "github" }, "original": { @@ -538,11 +538,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1742856759, - "narHash": "sha256-IiHFsSC2xXD/RT4CW5ThaBybFQ+xha7HOTGbdD+TiXQ=", + "lastModified": 1742496983, + "narHash": "sha256-UpJrU0DEhNLVZwL/RPVOEUHCG6iDOVDoYelkmgS4V38=", "owner": "danth", "repo": "stylix", - "rev": "b4feb69fd2c1b6ef02a6a81761a62af62ac7bf1b", + "rev": "7e9906679d384472849272e5a5eef7adbdb1d87f", "type": "github" }, "original": { diff --git a/modules/common/auto-cpufreq.nix b/modules/common/auto-cpufreq.nix index f4098e1..a03af2d 100644 --- a/modules/common/auto-cpufreq.nix +++ b/modules/common/auto-cpufreq.nix @@ -1,4 +1,4 @@ { services.power-profiles-daemon.enable = false; - # services.auto-cpufreq.enable = true; TODO: Turn back on once https://github.com/NixOS/nixpkgs/pull/392666 is merged + services.auto-cpufreq.enable = true; } diff --git a/modules/server/ssh.nix b/modules/server/ssh.nix index 577e782..1c3c971 100644 --- a/modules/server/ssh.nix +++ b/modules/server/ssh.nix @@ -3,7 +3,7 @@ services.openssh = { enable = true; settings = { - PasswordAuthentication = false; + PasswordAuthentication = true; # TODO: False AllowUsers = ["quadradical"]; PermitRootLogin = "no"; }; diff --git a/secrets/keys.nix b/secrets/keys.nix index b74aa4c..44c14dc 100644 --- a/secrets/keys.nix +++ b/secrets/keys.nix @@ -1,5 +1,5 @@ with builtins; filter isString (split "\n" (readFile (fetchurl { - url = "https://git.henryhiles.com/Henry-Hiles.keys"; + url = "https://github.com/Henry-Hiles.keys"; sha256 = "1k73c228rgzq7ymf5vaj6wfqzkqm6yzq5lq0syb7mzbrvngvr2jc"; }))) diff --git a/secrets/runnerToken.age b/secrets/runnerToken.age deleted file mode 100644 index 146d569..0000000 Binary files a/secrets/runnerToken.age and /dev/null differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix new file mode 100644 index 0000000..103e3bf --- /dev/null +++ b/secrets/secrets.nix @@ -0,0 +1 @@ +with builtins; filter isString (split "\n" (readFile (fetchurl "https://github.com/Henry-Hiles.keys")))