diff options
author | Emile <git@emile.space> | 2024-08-16 23:33:53 +0200 |
---|---|---|
committer | Emile <git@emile.space> | 2024-08-16 23:33:53 +0200 |
commit | cea6896788a42c0ea40f99deb4b5987d6741e360 (patch) | |
tree | 7b65658ce082cab4f552b0a42fa171745f003bd2 /nix/hosts/corrino/www | |
parent | dcfc18774fe2d4207c2996b2d16ea67499b70228 (diff) |
big dump, forgot to commit...
Diffstat (limited to 'nix/hosts/corrino/www')
-rw-r--r-- | nix/hosts/corrino/www/ctf.emile.space.nix | 2 | ||||
-rw-r--r-- | nix/hosts/corrino/www/emile.space.nix | 4 | ||||
-rw-r--r-- | nix/hosts/corrino/www/git/cgit.nix | 8 | ||||
-rw-r--r-- | nix/hosts/corrino/www/md.emile.space.nix | 8 | ||||
-rw-r--r-- | nix/hosts/corrino/www/photo/default.nix | 8 | ||||
-rw-r--r-- | nix/hosts/corrino/www/photo/photoprism.nix (renamed from nix/hosts/corrino/www/photo.emile.space.nix) | 2 | ||||
-rw-r--r-- | nix/hosts/corrino/www/r2wa.rs.nix | 29 | ||||
-rw-r--r-- | nix/hosts/corrino/www/social.emile.space.nix | 7 | ||||
-rw-r--r-- | nix/hosts/corrino/www/sso.emile.space.nix | 2 |
9 files changed, 54 insertions, 16 deletions
diff --git a/nix/hosts/corrino/www/ctf.emile.space.nix b/nix/hosts/corrino/www/ctf.emile.space.nix index 1d8b382..6eee75f 100644 --- a/nix/hosts/corrino/www/ctf.emile.space.nix +++ b/nix/hosts/corrino/www/ctf.emile.space.nix @@ -13,7 +13,7 @@ }; virtualisation.oci-containers = { - backend = "docker"; + # backend = "docker"; containers = { "ctfd" = { image = "ctfd/ctfd"; diff --git a/nix/hosts/corrino/www/emile.space.nix b/nix/hosts/corrino/www/emile.space.nix index 9cca880..c39ca31 100644 --- a/nix/hosts/corrino/www/emile.space.nix +++ b/nix/hosts/corrino/www/emile.space.nix @@ -13,6 +13,10 @@ ''; }; + "/@hanemile".extraConfig = '' + return 301 https://social.emile.space/@hanemile; + ''; + #"/.well-known" = { # root = "/var/www/emile.space"; # extraConfig = '' diff --git a/nix/hosts/corrino/www/git/cgit.nix b/nix/hosts/corrino/www/git/cgit.nix index e6983e5..1e63dfc 100644 --- a/nix/hosts/corrino/www/git/cgit.nix +++ b/nix/hosts/corrino/www/git/cgit.nix @@ -72,6 +72,12 @@ section = "Radare2"; owner = "emile"; }; + r2wars-web = { + desc = "The software behind https://r2wa.rs"; + path = "/var/lib/git/repositories/r2wars-web.git"; + section = "Radare2"; + owner = "emile"; + }; r2wars-rs = { desc = "A rust implementation of radare2"; path = "/var/lib/git/repositories/r2wars-rs.git"; @@ -538,7 +544,7 @@ # exposing stuff gitDaemon = { - enable = false; + enable = true; user = "git"; group = "git"; diff --git a/nix/hosts/corrino/www/md.emile.space.nix b/nix/hosts/corrino/www/md.emile.space.nix index 7ad7a94..52b4a53 100644 --- a/nix/hosts/corrino/www/md.emile.space.nix +++ b/nix/hosts/corrino/www/md.emile.space.nix @@ -4,17 +4,9 @@ services.nginx.virtualHosts."md.emile.space" = { forceSSL = true; enableACME = true; - - # TODO(emile): figure out why this doesn't work when enabled, has to do with authelia - # extraConfig = authelia-location; - locations = { "/" = { - # proxyPass = "http://127.0.0.1:3003"; proxyPass = "http://127.0.0.1:${toString config.services.hedgedoc.settings.port}"; - - # TODO(emile): figure out why this doesn't work when enabled, has to do with authelia - # extraConfig = authelia-authrequest; }; }; }; diff --git a/nix/hosts/corrino/www/photo/default.nix b/nix/hosts/corrino/www/photo/default.nix new file mode 100644 index 0000000..dd555e4 --- /dev/null +++ b/nix/hosts/corrino/www/photo/default.nix @@ -0,0 +1,8 @@ +{ ... }: + +{ + imports = [ + ./photoprism.nix + # ./immich.nix + ]; +} diff --git a/nix/hosts/corrino/www/photo.emile.space.nix b/nix/hosts/corrino/www/photo/photoprism.nix index 9c1e97a..c1cbbf8 100644 --- a/nix/hosts/corrino/www/photo.emile.space.nix +++ b/nix/hosts/corrino/www/photo/photoprism.nix @@ -17,7 +17,7 @@ enable = true; address = "127.0.0.1"; - port = config.emile.ports.photo; + port = config.emile.ports.photo.photoprism; passwordFile = config.age.secrets.photoprism_password.path; diff --git a/nix/hosts/corrino/www/r2wa.rs.nix b/nix/hosts/corrino/www/r2wa.rs.nix index f7a0a7e..7da11e1 100644 --- a/nix/hosts/corrino/www/r2wa.rs.nix +++ b/nix/hosts/corrino/www/r2wa.rs.nix @@ -1,16 +1,37 @@ -{ ... }: +{ config, pkgs, ... }: { services.nginx.virtualHosts."r2wa.rs" = { forceSSL = true; enableACME = true; - # kTLS = true; - locations = { "/" = { - return = "301 http://emile.space/blog/2020/r2wars/"; + proxyPass = "http://127.0.0.1:${toString config.emile.ports.r2wars-web}"; }; }; }; + + environment.systemPackages = with pkgs; [ radare2 ]; + + # deploy: + # - push code + # - build in order to get the new hash (nix build .#r2war-sweb) + # - update hash in the package (//nix/pkgs/r2wars-web/default.nix) + # - deploy + + services.emile.r2wars-web = { + enable = true; + + host = "127.0.0.1"; + port = config.emile.ports.r2wars-web; + + # TODO(emile): change these when going live + sessionKey = "insecuretmpkey"; + salt = "insecuresalt"; + + logfilePath = "/var/lib/r2wars/r2wars.log"; + databasePath = "/var/lib/r2wars/main.db"; + sessiondbPath = "/var/lib/r2wars/session.db"; + }; } diff --git a/nix/hosts/corrino/www/social.emile.space.nix b/nix/hosts/corrino/www/social.emile.space.nix index 62e1933..9f9a6f1 100644 --- a/nix/hosts/corrino/www/social.emile.space.nix +++ b/nix/hosts/corrino/www/social.emile.space.nix @@ -91,4 +91,11 @@ }; environmentFile = config.age.secrets.gotosocial_environment_file.path; }; + + systemd.services.gotosocial = { + after = [ "authelia-main.service" ]; + serviceConfig = { + Restart = "on-failure"; + }; + }; } diff --git a/nix/hosts/corrino/www/sso.emile.space.nix b/nix/hosts/corrino/www/sso.emile.space.nix index 0f77197..27988fa 100644 --- a/nix/hosts/corrino/www/sso.emile.space.nix +++ b/nix/hosts/corrino/www/sso.emile.space.nix @@ -192,7 +192,7 @@ in { }; totp = { - disable = false; + disable = true; issuer = "sso.emile.space"; algorithm = "sha1"; digits = 6; |