~sumner/nixos-configuration

d3bc2cbfc39b55438b5d33e62249784d0c191fff — Sumner Evans 6 months ago b1afaa8 bespin-integration
bespin: fix some bugs preventing build
M host-configurations/bespin.nix => host-configurations/bespin.nix +2 -2
@@ 28,7 28,7 @@
  ];

  # Websites
  websites = [
  nginx.websites = [
    { hostname = "the-evans.family"; }
    { hostname = "qs.${config.networking.domain}"; }
    {


@@ 60,7 60,7 @@
  # Services
  services.airsonic.enable = true;
  services.bitwarden_rs.enable = true;
  services.heartbeat.checkId = "43c45999-cc22-430f-a767-31a1a17c6d1b";
  services.healthcheck.checkId = "43c45999-cc22-430f-a767-31a1a17c6d1b";
  services.isso.enable = true;
  services.logrotate.enable = true;
  services.longview.enable = true;

M modules/hardware/firewall.nix => modules/hardware/firewall.nix +1 -1
@@ 1,4 1,4 @@
{ config, lib, pkgs, ... }: with lib;
mkIf config.firewall.enable {
mkIf config.networking.firewall.enable {
  networking.firewall.allowPing = true;
}

M modules/hardware/tmpfs.nix => modules/hardware/tmpfs.nix +1 -1
@@ 9,7 9,7 @@ in
    };
  };

  config.fileSystems = {
  config.fileSystems = mkIf cfg.isPC {
    # Temporary in-RAM Filesystems.
    "/home/sumner/tmp" = {
      fsType = "tmpfs";

M modules/services/goaccess.nix => modules/services/goaccess.nix +1 -1
@@ 28,7 28,7 @@

  pipeIf = condition: cmd: if condition then "| ${cmd}" else "";

  goaccessWebsiteMetricsScript = { hostname, excludeTerms ? [ ], ... }:
  goaccessWebsiteMetricsScript = { hostname, excludeTerms, ... }:
    pkgs.writeShellScript "goaccess-${hostname}" ''
      set -xef
      cd /var/log/nginx

M modules/services/isso.nix => modules/services/isso.nix +2 -2
@@ 18,7 18,7 @@ let

    [smtp]
    username = comments@sumnerevans.com
    password = ${lib.removeSuffix "\n" (builtins.readFile ../secrets/isso-comments-smtp-password)}
    password = ${lib.removeSuffix "\n" (builtins.readFile ../../secrets/isso-comments-smtp-password)}
    host = smtp.migadu.com
    port = 465
    security = starttls


@@ 38,7 38,7 @@ let

    [admin]
    enabled = true
    password = ${lib.removeSuffix "\n" (builtins.readFile ../secrets/isso-admin-password)}
    password = ${lib.removeSuffix "\n" (builtins.readFile ../../secrets/isso-admin-password)}
  '';
  issoConfigFile = pkgs.writeTextFile {
    name = "isso.cfg";

M modules/services/longview.nix => modules/services/longview.nix +1 -1
@@ 5,7 5,7 @@ let
in
lib.mkIf longviewCfg.enable {
  services.longview = {
    apiKeyFile = ../secrets/longview-api-key;
    apiKeyFile = ../../secrets/longview-api-key;
    nginxStatusUrl = "https://${hostnameDomain}/status";
  };
}

M modules/services/matrix/synapse.nix => modules/services/matrix/synapse.nix +1 -1
@@ 26,7 26,7 @@ lib.mkIf synapseCfg.enable {
  services.matrix-synapse = {
    enable_registration = false;
    registration_shared_secret = lib.removeSuffix "\n"
      (builtins.readFile ../../secrets/matrix-registration-shared-secret);
      (builtins.readFile ../../../secrets/matrix-registration-shared-secret);
    server_name = config.networking.domain;
    max_upload_size = "250M";
    listeners = [

M modules/services/nginx.nix => modules/services/nginx.nix +5 -3
@@ 37,9 37,11 @@ in
          };
          extraLocations = mkOption {
            type = with types; attrsOf anything;
            default = { };
          };
          excludeTerms = mkOption {
            type = with types; listOf str;
            default = [ ];
          };
        };
      };


@@ 47,11 49,11 @@ in
    {
      nginx.websites = mkOption {
        type = with types; listOf (submodule websiteSubmodule);
        default = [];
        default = [ ];
      };
    };

  config = mkIf (websites != []) {
  config = mkIf (websites != [ ]) {
    # Enable nginx and add the static websites.
    services.nginx = {
      enable = true;


@@ 64,7 66,7 @@ in

      virtualHosts =
        let
          websiteConfig = { hostname, extraLocations ? { }, ... }: {
          websiteConfig = { hostname, extraLocations, ... }: {
            name = hostname;
            value = {
              forceSSL = true;

M modules/services/xandikos.nix => modules/services/xandikos.nix +1 -1
@@ 21,7 21,7 @@ lib.mkIf xandikosCfg.enable {
      enableACME = true;
      forceSSL = true;
      basicAuth = {
        sumner = lib.removeSuffix "\n" (builtins.readFile ../secrets/xandikos);
        sumner = lib.removeSuffix "\n" (builtins.readFile ../../secrets/xandikos);
      };
    };
  };