Henry-Hiles/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: Henry-Hiles:587ea99786e439575e660817c81f6a8aa142859a
Branches Tags
Henry-Hiles:main
..
compare: Henry-Hiles:d6113271dacdcaad304211b15013d026640dbeb0
Branches Tags
Henry-Hiles:main

No commits in common. "587ea99786e439575e660817c81f6a8aa142859a" and "d6113271dacdcaad304211b15013d026640dbeb0" have entirely different histories.
587ea99786 ... d6113271da

8 changed files with 20 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

2
clients/quadraticserver/caddy.nix
View file

@ -3,5 +3,5 @@
enable = true; enable = true;
email = "henry@henryhiles.com"; email = "henry@henryhiles.com";
}; };
networking.firewall.allowedTCPPorts = [2200 443]; networking.firewall.allowedTCPPorts = [80 443];
} }

42
clients/quadraticserver/forgejo.nix
View file

@ -1,42 +0,0 @@
{
pkgs,
config,
...
}: {
services = let
domain = "git.henryhiles.com";
socket = "/run/forgejo/socket";
in {
forgejo = {
enable = true;
package = pkgs.forgejo; # Not LTS
settings = {
service.DISABLE_REGISTRATION = true;
repository.GO_GET_CLONE_URL_PROTOCOL = "ssh";
server = {
DOMAIN = domain;
ROOT_URL = "https://${domain}";
HTTP_ADDR = socket;
PROTOCOL = "http+unix";
SSH_LISTEN_PORT = 2200;
};
};
};
gitea-actions-runner = {
package = pkgs.forgejo-actions-runner;
instances.default = {
enable = true;
name = "monolith";
url = "https://git.henryhiles.com";
tokenFile = config.age.secrets."runnerToken.age".path;
labels = [
"native:host"
];
};
};
caddy.virtualHosts."${domain}".extraConfig = "reverse_proxy unix/${socket}";
};
}

30
flake.lock generated
View file

@ -131,11 +131,11 @@
"firefox-gnome-theme": { "firefox-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1742826799, "lastModified": 1742173552,
"narHash": "sha256-v1uYWuOPpXgUxx8WPLtXyLLCBL2/lgMjqyg7K9RPirw=", "narHash": "sha256-8EQS6zY47hVa3jWG9d2MuHK+1JmG/6vdp8gEd2eKFow=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "firefox-gnome-theme", "repo": "firefox-gnome-theme",
"rev": "26b99e51e7f15a62eb3f90aea536d9ba55f782df", "rev": "072ee5d3e8b6f575a31cc294054537dc841d5049",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -343,11 +343,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1742871411, "lastModified": 1742508854,
"narHash": "sha256-F3xBdOs5m0SE6Gq3jz+JxDOPvsLs22vbGfD05uF6xEc=", "narHash": "sha256-vQQTIl4+slrcu7ftVKNBql9ngBdY0dcYGujdT7zIVp0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "869f2ec2add75ce2a70a6dbbf585b8399abec625", "rev": "da0181819479ddc034a3db9a77ed21ea3bcc0668",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -379,11 +379,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1742669843, "lastModified": 1742288794,
"narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", "narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1e5b653dff12029333a6546c11e108ede13052eb", "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -470,11 +470,11 @@
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1742888184, "lastModified": 1742493140,
"narHash": "sha256-RQcDOflYvsl2BV3q2lFmjY1qnBIv2P1n8FVviVnL9Lo=", "narHash": "sha256-deeSwFTs5mAR0lHIccRrND/+YIhgJwdXwJE9iHIP8ec=",
"owner": "wamserma", "owner": "wamserma",
"repo": "flake-programs-sqlite", "repo": "flake-programs-sqlite",
"rev": "4ba0fb3ef21aa09b1e951476f785cf746bad019a", "rev": "84d4a332c0f98637d504f9d5ad5610a263d271fe",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -538,11 +538,11 @@
"tinted-zed": "tinted-zed" "tinted-zed": "tinted-zed"
}, },
"locked": { "locked": {
"lastModified": 1742856759, "lastModified": 1742496983,
"narHash": "sha256-IiHFsSC2xXD/RT4CW5ThaBybFQ+xha7HOTGbdD+TiXQ=", "narHash": "sha256-UpJrU0DEhNLVZwL/RPVOEUHCG6iDOVDoYelkmgS4V38=",
"owner": "danth", "owner": "danth",
"repo": "stylix", "repo": "stylix",
"rev": "b4feb69fd2c1b6ef02a6a81761a62af62ac7bf1b", "rev": "7e9906679d384472849272e5a5eef7adbdb1d87f",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
modules/common/auto-cpufreq.nix
View file

@ -1,4 +1,4 @@
{ {
services.power-profiles-daemon.enable = false; services.power-profiles-daemon.enable = false;
# services.auto-cpufreq.enable = true; TODO: Turn back on once https://github.com/NixOS/nixpkgs/pull/392666 is merged services.auto-cpufreq.enable = true;
} }

2
modules/server/ssh.nix
View file

@ -3,7 +3,7 @@
services.openssh = { services.openssh = {
enable = true; enable = true;
settings = { settings = {
PasswordAuthentication = false; PasswordAuthentication = true; # TODO: False
AllowUsers = ["quadradical"]; AllowUsers = ["quadradical"];
PermitRootLogin = "no"; PermitRootLogin = "no";
}; };

2
secrets/keys.nix
View file

@ -1,5 +1,5 @@
with builtins; with builtins;
filter isString (split "\n" (readFile (fetchurl { filter isString (split "\n" (readFile (fetchurl {
url = "https://git.henryhiles.com/Henry-Hiles.keys"; url = "https://github.com/Henry-Hiles.keys";
sha256 = "1k73c228rgzq7ymf5vaj6wfqzkqm6yzq5lq0syb7mzbrvngvr2jc"; sha256 = "1k73c228rgzq7ymf5vaj6wfqzkqm6yzq5lq0syb7mzbrvngvr2jc";
}))) })))

BIN
secrets/runnerToken.age
View file

Binary file not shown.

1
secrets/secrets.nix Normal file
View file

@ -0,0 +1 @@
with builtins; filter isString (split "\n" (readFile (fetchurl "https://github.com/Henry-Hiles.keys")))