upRootNutrition/dotfiles
1
0
Fork 0
mirror of https://gitlab.com/upRootNutrition/dotfiles.git synced 2025-06-16 18:15:13 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: wiki test

Browse source
This commit is contained in:
Nick 2024-10-19 15:04:13 -05:00
parent 825ed6fa5d
commit 608639fddb
9 changed files with 122 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

1
config/default.nix
View file

@ -28,6 +28,7 @@
"syncthing" "syncthing"
"synology" "synology"
"vaultwarden" "vaultwarden"
"wiki"
"writefreely" "writefreely"
]; ];
userNames = [ userNames = [

26
config/instance.nix
View file

@ -16,6 +16,7 @@ let
syncthingLabel = "Syncthing"; syncthingLabel = "Syncthing";
synologyLabel = "Synology"; synologyLabel = "Synology";
vaultwardenLabel = "Vaultwarden"; vaultwardenLabel = "Vaultwarden";
wikiLabel = "Wiki";
writefreelyLabel = "WriteFreely"; writefreelyLabel = "WriteFreely";
acmeName = "acme"; acmeName = "acme";
@ -35,6 +36,7 @@ let
syncthingName = "syncthing"; syncthingName = "syncthing";
synologyName = "synology"; synologyName = "synology";
vaultwardenName = "vaultwarden"; vaultwardenName = "vaultwarden";
wikiName = "wiki";
writefreelyName = "writefreely"; writefreelyName = "writefreely";
domain0 = "cloudbert.fun"; domain0 = "cloudbert.fun";
@ -336,6 +338,26 @@ in {
key = "${sslPath}/${vaultwardenName}.${domain0}/key.pem"; key = "${sslPath}/${vaultwardenName}.${domain0}/key.pem";
}; };
}; };
wiki = let
wikiSubdomain = "vault";
in {
label = wikiLabel;
name = wikiName;
sops = {
path0 = "${sops}/${wikiName}";
};
subdomain = wikiSubdomain;
paths = {
path0 = "${servicePath}/${wikiLabel}/BackupDir";
};
ports = {
port0 = 3033;
};
ssl = {
cert = "${sslPath}/${wikiSubdomain}.${domain1}/fullchain.pem";
key = "${sslPath}/${wikiSubdomain}.${domain1}/key.pem";
};
};
writefreely = let writefreely = let
writefreelyDomain = "blog"; writefreelyDomain = "blog";
in { in {
@ -352,8 +374,8 @@ in {
port0 = 8093; port0 = 8093;
}; };
ssl = { ssl = {
cert = "${sslPath}/${writefreelyDomain}.${domain0}/fullchain.pem"; cert = "${sslPath}/${writefreelyDomain}.${domain1}/fullchain.pem";
key = "${sslPath}/${writefreelyDomain}.${domain0}/key.pem"; key = "${sslPath}/${writefreelyDomain}.${domain1}/key.pem";
}; };
}; };
}; };

12
home-manager/modules/firefox/config/bookmarks.nix
View file

@ -495,6 +495,18 @@
tags = ["ollama" "chat" "ai"]; tags = ["ollama" "chat" "ai"];
keyword = "Ollama"; keyword = "Ollama";
} }
{
name = "Owncast (Admin)";
url = "http://192.168.50.140:9454";
tags = ["owncast" "own" "cast" "stream"];
keyword = "Owncast";
}
{
name = "Owncast (Server)";
url = "http://stream.the-nutrivore.social";
tags = ["owncast" "own" "cast" "stream"];
keyword = "Owncast";
}
{ {
name = "PeerTube"; name = "PeerTube";
url = "https://video.the-nutrivore.social"; url = "https://video.the-nutrivore.social";

1
home-manager/modules/obs-studio/default.nix
View file

@ -5,6 +5,7 @@
plugins = with pkgs.obs-studio-plugins; [ plugins = with pkgs.obs-studio-plugins; [
obs-tuna obs-tuna
obs-vkcapture obs-vkcapture
obs-multi-rtmp
]; ];
}; };
}; };

1
nixos/modules/services/acme.nix
View file

@ -25,6 +25,7 @@
]; ];
domain1SubdomainNames = [ domain1SubdomainNames = [
"wiki"
"nextcloud" "nextcloud"
"castopod" "castopod"
"forgejo" "forgejo"

1
nixos/modules/services/default.nix
View file

@ -14,6 +14,7 @@
./owncast.nix ./owncast.nix
./samba.nix ./samba.nix
./vaultwarden.nix ./vaultwarden.nix
./wiki.nix
# These are all broken. # These are all broken.

14
nixos/modules/services/owncast.nix
View file

@ -1,8 +1,8 @@
{flake, ...}: let {flake, ...}: let
inherit (flake.config.people) user0; inherit (flake.config.people) user0;
inherit (flake.config.people.user.${user0}) domain; inherit (flake.config.people.user.${user0}) domain;
inherit (flake.config.system.device) server wildcard; inherit (flake.config.system.device) wildcard;
inherit (flake.config.service.instance.owncast) paths ports subdomain ssl name; inherit (flake.config.service.instance.owncast) ports subdomain ssl;
localhost = wildcard.ip.address1; localhost = wildcard.ip.address1;
host = "${subdomain}.${domain.url1}"; host = "${subdomain}.${domain.url1}";
in { in {
@ -25,16 +25,6 @@ in {
}; };
}; };
}; };
# fileSystems."/var/lib/${name}" = {
# device = paths.path0;
# fsType = "none";
# options = ["bind"];
# depends = [server.storage0.mount];
# };
# systemd.tmpfiles.rules = [
# "Z ${paths.path0} 755 ${name} ${name} -"
# ];
networking = { networking = {
firewall = { firewall = {

77
nixos/modules/services/wiki.nix Normal file
View file

@ -0,0 +1,77 @@
{
flake,
config,
...
}: let
inherit (flake.config.people) user0;
inherit (flake.config.people.user.${user0}) domain;
inherit (flake.config.system.device) server wildcard;
inherit (flake.config.service.instance.wiki) paths ports subdomain ssl sops name;
localhost = wildcard.ip.address1;
host = "${subdomain}.${domain.url1}";
in {
services = {
wiki-js = {
enable = true;
environmentFile = config.sops.secrets."wiki-pass".path;
settings = {
port = ports.port0;
bindIP = localhost;
db = {
type = "postgres";
};
};
};
caddy = {
virtualHosts = {
"${host}" = {
extraConfig = ''
reverse_proxy ${localhost}:${toString ports.port0}
tls ${ssl.cert} ${ssl.key}
'';
};
};
};
};
sops = let
sopsSecrets = ["pass"];
sopsPath = secret: {
path = "${sops.path0}/${name}-${secret}";
owner = name;
mode = "600";
};
in {
secrets = builtins.listToAttrs (
map
(secret: {
name = "${name}-${secret}";
value = sopsPath secret;
})
sopsSecrets
);
};
fileSystems."/var/lib/${name}" = {
device = paths.path0;
fsType = "none";
options = ["bind"];
depends = [server.storage0.mount];
};
systemd.tmpfiles.rules = [
"Z ${paths.path0} 755 ${name} ${name} -"
"Z ${sops.path0} 755 ${name} ${name} -"
];
networking = {
firewall = {
allowedTCPPorts = [
ports.port0
ports.port1
];
};
};
}

5
secrets/secrets.yaml
View file

@ -30,6 +30,7 @@ nextcloud-user0: ENC[AES256_GCM,data:yUZruPJ4s2Svvh6Q0f4C4lgcKCcWJDMw8CpT8cXv3m4
nextcloud-user1: ENC[AES256_GCM,data:6EsbSeWWftPjZQM=,iv:LTcx6fx55d3+SepFIoy/6cBdbgaauDeo0gvq9ACCtHA=,tag:uzoATR3ZL2Uk5z6aMiD/yw==,type:str] nextcloud-user1: ENC[AES256_GCM,data:6EsbSeWWftPjZQM=,iv:LTcx6fx55d3+SepFIoy/6cBdbgaauDeo0gvq9ACCtHA=,tag:uzoATR3ZL2Uk5z6aMiD/yw==,type:str]
nextcloud-user2: ENC[AES256_GCM,data:axrWMmouq5gwqdGL,iv:BPHEn47z2g7gocKO4g5vV4ZSGb+AMA3vGYheAy1zR5Q=,tag:QOWg4fdKxMhGk2qRehH2EQ==,type:str] nextcloud-user2: ENC[AES256_GCM,data:axrWMmouq5gwqdGL,iv:BPHEn47z2g7gocKO4g5vV4ZSGb+AMA3vGYheAy1zR5Q=,tag:QOWg4fdKxMhGk2qRehH2EQ==,type:str]
nextcloud-user3: ENC[AES256_GCM,data:g6ldEdtBuEmPAQYAQfaO,iv:6fElE2vZh9l/KgJuNevklpIlZZdqGHgwhnOzq1n3ojE=,tag:T0Q1IkdVTeW2T1FmGnjz8A==,type:str] nextcloud-user3: ENC[AES256_GCM,data:g6ldEdtBuEmPAQYAQfaO,iv:6fElE2vZh9l/KgJuNevklpIlZZdqGHgwhnOzq1n3ojE=,tag:T0Q1IkdVTeW2T1FmGnjz8A==,type:str]
wiki-pass: ENC[AES256_GCM,data:/LjMYk+crjKvB7WQky9sEBnj3UyrJPxao/HCXp0CzGWzkLLJiTtxdw==,iv:OSVwkVPI9oHnfgiuVMof3QzHHakMEnvLYY+8mXZ5sm4=,tag:UgnfnhYjWqYKNwH/k60vrA==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -45,8 +46,8 @@ sops:
bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD
aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-10-06T19:27:03Z" lastmodified: "2024-10-19T20:03:47Z"
mac: ENC[AES256_GCM,data:alv7AQtp/8dBH+bMZ4oONvl/wgTxnft5GBunByXnjN8eJSOyJgjUTcQomHMEGY5n50/j9Oza7YjYnUJUXnZopgxrcGb1BTKlpuI4n9P07UikNuYCknZ1FUPqsiYxAOtnp4SK7X6lQjchWwWuM8wpC1Xf2gjHGdylq0Fk8xZ33hM=,iv:nPK99qlDX9jRWEmCmLoHNCccURt+/TD5lLtt01cT2f0=,tag:mW8UIHxG79OTmF51BWQEVg==,type:str] mac: ENC[AES256_GCM,data:Bcrv7Yf7eDxZxtM9wKK86qvEYv7EquIsi5oWdQk/LdLZ+FGkwj10+0OE+M9voHso2+ACH2AbqLvMiKVdigcHsalJbHiSL61CGuYtEUTMnmGgxJ5Bgk7hvmbFnUAEdW3WqiQ83igrtPcJ3WQEM2x8QGYVVHq921eI9+zEcFWgnn0=,iv:CfIT66FeuWUllniFrrUHjJuNPt7YbqTDcDefpJ9D93M=,tag:85oq6jeC9V2AS2DrGB+ONw==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.0 version: 3.9.0