From 18290aa55a589287e01b7377ae0bff731929ce7c Mon Sep 17 00:00:00 2001 From: blaknull Date: Sun, 17 Nov 2024 11:11:55 -0600 Subject: [PATCH] trying gitlab again --- flake.lock | 641 ++++++------------ flake.nix | 6 +- .../configuration/homebox/default.nix | 11 +- .../homebox/secrets/secrets.yaml | 13 +- .../services/containers/gitlab/default.nix | 53 +- .../services/containers/nextcloud/default.nix | 77 ++- .../services/containers/traefik/default.nix | 26 +- 7 files changed, 336 insertions(+), 491 deletions(-) diff --git a/flake.lock b/flake.lock index 353918f..fd68a2d 100644 --- a/flake.lock +++ b/flake.lock @@ -17,8 +17,8 @@ }, "ags_2": { "inputs": { - "nixpkgs": "nixpkgs_5", - "systems": "systems_2" + "nixpkgs": "nixpkgs_3", + "systems": "systems" }, "locked": { "lastModified": 1728326430, @@ -124,67 +124,20 @@ "type": "github" } }, - "arion": { - "inputs": { - "flake-parts": "flake-parts", - "haskell-flake": "haskell-flake", - "hercules-ci-effects": "hercules-ci-effects", - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1730775052, - "narHash": "sha256-YXbgfHYJaAXCxrAQzjd03GkSMGd3iGeTmhkMwpFhTPk=", - "owner": "hercules-ci", - "repo": "arion", - "rev": "38ea1d87421f1695743d5eca90b0c37ef3123fbb", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "arion", - "type": "github" - } - }, - "authentik-nix": { - "inputs": { - "authentik-src": "authentik-src", - "flake-compat": "flake-compat", - "flake-parts": "flake-parts_3", - "flake-utils": "flake-utils", - "napalm": "napalm", - "nixpkgs": "nixpkgs_2", - "poetry2nix": "poetry2nix", - "systems": "systems" - }, - "locked": { - "lastModified": 1730387901, - "narHash": "sha256-XnO0bx330mgfiLGIEnUEH4fBhKx5DcZTXl47VjLCeok=", - "owner": "nix-community", - "repo": "authentik-nix", - "rev": "74b5a8c5ffbca16f7af1def137e06a97a958a098", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "authentik-nix", - "type": "github" - } - }, - "authentik-src": { + "blobs": { "flake": false, "locked": { - "lastModified": 1730315123, - "narHash": "sha256-UYOdBlkGeIGCG/pCGLANWv1bKTdBEUp6jTiLG7BpY7E=", - "owner": "goauthentik", - "repo": "authentik", - "rev": "e8b5e4c1272151f4a3666e53754f7deefb8e2fb3", - "type": "github" + "lastModified": 1604995301, + "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", + "type": "gitlab" }, "original": { - "owner": "goauthentik", - "ref": "version/2024.8.4", - "repo": "authentik", - "type": "github" + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "type": "gitlab" } }, "devshell": { @@ -269,7 +222,7 @@ "external": { "inputs": { "digital": "digital", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1, @@ -284,7 +237,7 @@ }, "firefox-addons": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs" ] @@ -322,36 +275,20 @@ } }, "flake-compat_2": { - "flake": false, "locked": { "lastModified": 1696426674, "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" + "revCount": 57, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz" }, "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" + "type": "tarball", + "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" } }, "flake-compat_3": { - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "revCount": 57, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" - } - }, - "flake-compat_4": { "flake": false, "locked": { "lastModified": 1696426674, @@ -367,7 +304,7 @@ "type": "github" } }, - "flake-compat_5": { + "flake-compat_4": { "locked": { "lastModified": 1696426674, "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", @@ -381,6 +318,22 @@ "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" } }, + "flake-compat_5": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-compat_6": { "flake": false, "locked": { @@ -398,69 +351,9 @@ } }, "flake-parts": { - "inputs": { - "nixpkgs-lib": [ - "arion", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1730504689, - "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "506278e768c2a08bec68eb62932193e341f55c90", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "arion", - "hercules-ci-effects", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1712014858, - "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", - "type": "github" - }, - "original": { - "id": "flake-parts", - "type": "indirect" - } - }, - "flake-parts_3": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, - "locked": { - "lastModified": 1726153070, - "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_4": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib_2" - }, "locked": { "lastModified": 1727826117, "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", @@ -475,7 +368,7 @@ "type": "github" } }, - "flake-parts_5": { + "flake-parts_2": { "inputs": { "nixpkgs-lib": [ "nathan", @@ -499,9 +392,9 @@ "type": "github" } }, - "flake-parts_6": { + "flake-parts_3": { "inputs": { - "nixpkgs-lib": "nixpkgs-lib_3" + "nixpkgs-lib": "nixpkgs-lib_2" }, "locked": { "lastModified": 1727826117, @@ -517,7 +410,7 @@ "type": "github" } }, - "flake-parts_7": { + "flake-parts_4": { "inputs": { "nixpkgs-lib": [ "nixvim", @@ -540,27 +433,6 @@ } }, "flake-utils": { - "inputs": { - "systems": [ - "authentik-nix", - "systems" - ] - }, - "locked": { - "lastModified": 1726560853, - "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { "locked": { "lastModified": 1629284811, "narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", @@ -575,9 +447,9 @@ "type": "github" } }, - "flake-utils_3": { + "flake-utils_2": { "inputs": { - "systems": "systems_4" + "systems": "systems_3" }, "locked": { "lastModified": 1726560853, @@ -593,9 +465,9 @@ "type": "github" } }, - "flake-utils_4": { + "flake-utils_3": { "inputs": { - "systems": "systems_5" + "systems": "systems_4" }, "locked": { "lastModified": 1726560853, @@ -781,44 +653,6 @@ "type": "github" } }, - "haskell-flake": { - "locked": { - "lastModified": 1675296942, - "narHash": "sha256-u1X1sblozi5qYEcLp1hxcyo8FfDHnRUVX3dJ/tW19jY=", - "owner": "srid", - "repo": "haskell-flake", - "rev": "c2cafce9d57bfca41794dc3b99c593155006c71e", - "type": "github" - }, - "original": { - "owner": "srid", - "ref": "0.1.0", - "repo": "haskell-flake", - "type": "github" - } - }, - "hercules-ci-effects": { - "inputs": { - "flake-parts": "flake-parts_2", - "nixpkgs": [ - "arion", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1730229744, - "narHash": "sha256-2W//PmgocN9lplDJ7WoiP9EcrfUxqvtxplCAqlwvquY=", - "owner": "hercules-ci", - "repo": "hercules-ci-effects", - "rev": "d70658494391994c7b32e8fe5610dae76737e4df", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "hercules-ci-effects", - "type": "github" - } - }, "home-manager": { "inputs": { "nixpkgs": [ @@ -1069,9 +903,9 @@ "hyprlang": "hyprlang", "hyprutils": "hyprutils", "hyprwayland-scanner": "hyprwayland-scanner", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_4", "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems_3", + "systems": "systems_2", "xdph": "xdph" }, "locked": { @@ -1113,7 +947,7 @@ "hyprlang": "hyprlang_2", "hyprutils": "hyprutils_2", "hyprwayland-scanner": "hyprwayland-scanner_2", - "nixpkgs": "nixpkgs_14", + "nixpkgs": "nixpkgs_13", "pre-commit-hooks": "pre-commit-hooks_2", "systems": "systems_6", "xdph": "xdph_2" @@ -1349,47 +1183,21 @@ "type": "github" } }, - "napalm": { - "inputs": { - "flake-utils": [ - "authentik-nix", - "flake-utils" - ], - "nixpkgs": [ - "authentik-nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1725806412, - "narHash": "sha256-lGZjkjds0p924QEhm/r0BhAxbHBJE1xMOldB/HmQH04=", - "owner": "willibutz", - "repo": "napalm", - "rev": "b492440d9e64ae20736d3bec5c7715ffcbde83f5", - "type": "github" - }, - "original": { - "owner": "willibutz", - "ref": "avoid-foldl-stack-overflow", - "repo": "napalm", - "type": "github" - } - }, "nathan": { "inputs": { "home-manager": "home-manager_2", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs", "packages": "packages", "prgms": "prgms" }, "locked": { "lastModified": 1, "narHash": "sha256-mrfMvef+tOYMK35horTWF43tQpES1zI7hb5RbzN3oIk=", - "path": "/nix/store/gpfmpajhyryyy4kghfir583qpzw6278f-source/home-manager", + "path": "/nix/store/mvs0ic19pnn66mxdq0paphssqvxg0k1j-source/home-manager", "type": "path" }, "original": { - "path": "/nix/store/gpfmpajhyryyy4kghfir583qpzw6278f-source/home-manager", + "path": "/nix/store/mvs0ic19pnn66mxdq0paphssqvxg0k1j-source/home-manager", "type": "path" } }, @@ -1439,57 +1247,38 @@ "type": "github" } }, - "nix-github-actions": { - "inputs": { - "nixpkgs": [ - "authentik-nix", - "poetry2nix", - "nixpkgs" - ] - }, + "nixpkgs": { "locked": { - "lastModified": 1703863825, - "narHash": "sha256-rXwqjtwiGKJheXB43ybM8NwWB8rO2dSRrEqes0S7F5Y=", - "owner": "nix-community", - "repo": "nix-github-actions", - "rev": "5163432afc817cf8bd1f031418d1869e4c9d5547", + "lastModified": 1729449015, + "narHash": "sha256-Gf04dXB0n4q0A9G5nTGH3zuMGr6jtJppqdeljxua1fo=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "89172919243df199fe237ba0f776c3e3e3d72367", "type": "github" }, "original": { - "owner": "nix-community", - "repo": "nix-github-actions", + "owner": "nixos", + "ref": "nixos-24.05", + "repo": "nixpkgs", "type": "github" } }, - "nixpkgs": { + "nixpkgs-24_05": { "locked": { - "lastModified": 1730531603, - "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", + "lastModified": 1717144377, + "narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", + "rev": "805a384895c696f802a9bf5bf4720f37385df547", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" + "id": "nixpkgs", + "ref": "nixos-24.05", + "type": "indirect" } }, "nixpkgs-lib": { - "locked": { - "lastModified": 1725233747, - "narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" - } - }, - "nixpkgs-lib_2": { "locked": { "lastModified": 1727825735, "narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=", @@ -1501,7 +1290,7 @@ "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" } }, - "nixpkgs-lib_3": { + "nixpkgs-lib_2": { "locked": { "lastModified": 1727825735, "narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=", @@ -1594,38 +1383,6 @@ } }, "nixpkgs_10": { - "locked": { - "lastModified": 1729691686, - "narHash": "sha256-BAuPWW+9fa1moZTU+jFh+1cUtmsuF8asgzFwejM4wac=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "32e940c7c420600ef0d1ef396dc63b04ee9cad37", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_11": { - "locked": { - "lastModified": 1729307008, - "narHash": "sha256-QUvb6epgKi9pCu9CttRQW4y5NqJ+snKr1FZpG/x3Wtc=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "a9b86fc2290b69375c5542b622088eb6eca2a7c3", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_12": { "locked": { "lastModified": 1727802920, "narHash": "sha256-HP89HZOT0ReIbI7IJZJQoJgxvB2Tn28V6XS3MNKnfLs=", @@ -1641,7 +1398,7 @@ "type": "github" } }, - "nixpkgs_13": { + "nixpkgs_11": { "locked": { "lastModified": 1727634051, "narHash": "sha256-S5kVU7U82LfpEukbn/ihcyNt2+EvG7Z5unsKW9H/yFA=", @@ -1657,7 +1414,22 @@ "type": "github" } }, - "nixpkgs_14": { + "nixpkgs_12": { + "locked": { + "lastModified": 1717602782, + "narHash": "sha256-pL9jeus5QpX5R+9rsp3hhZ+uplVHscNJh8n8VpqscM0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e8057b67ebf307f01bdcc8fba94d94f75039d1f6", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "nixpkgs_13": { "locked": { "lastModified": 1728888510, "narHash": "sha256-nsNdSldaAyu6PE3YUA+YQLqUDJh+gRbBooMMekZJwvI=", @@ -1675,53 +1447,21 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1726937504, - "narHash": "sha256-bvGoiQBvponpZh8ClUcmJ6QnsNKw0EMrCQJARK3bI1c=", - "owner": "NixOS", + "lastModified": 1729449015, + "narHash": "sha256-Gf04dXB0n4q0A9G5nTGH3zuMGr6jtJppqdeljxua1fo=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "9357f4f23713673f310988025d9dc261c20e70c6", + "rev": "89172919243df199fe237ba0f776c3e3e3d72367", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable", + "owner": "nixos", + "ref": "nixos-24.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_3": { - "locked": { - "lastModified": 1729449015, - "narHash": "sha256-Gf04dXB0n4q0A9G5nTGH3zuMGr6jtJppqdeljxua1fo=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "89172919243df199fe237ba0f776c3e3e3d72367", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1729449015, - "narHash": "sha256-Gf04dXB0n4q0A9G5nTGH3zuMGr6jtJppqdeljxua1fo=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "89172919243df199fe237ba0f776c3e3e3d72367", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { "locked": { "lastModified": 1725634671, "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=", @@ -1737,7 +1477,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_4": { "locked": { "lastModified": 1728888510, "narHash": "sha256-nsNdSldaAyu6PE3YUA+YQLqUDJh+gRbBooMMekZJwvI=", @@ -1753,7 +1493,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_5": { "locked": { "lastModified": 1727802920, "narHash": "sha256-HP89HZOT0ReIbI7IJZJQoJgxvB2Tn28V6XS3MNKnfLs=", @@ -1769,7 +1509,7 @@ "type": "github" } }, - "nixpkgs_8": { + "nixpkgs_6": { "locked": { "lastModified": 1727634051, "narHash": "sha256-S5kVU7U82LfpEukbn/ihcyNt2+EvG7Z5unsKW9H/yFA=", @@ -1785,7 +1525,7 @@ "type": "github" } }, - "nixpkgs_9": { + "nixpkgs_7": { "locked": { "lastModified": 1729691686, "narHash": "sha256-BAuPWW+9fa1moZTU+jFh+1cUtmsuF8asgzFwejM4wac=", @@ -1801,10 +1541,42 @@ "type": "github" } }, + "nixpkgs_8": { + "locked": { + "lastModified": 1729691686, + "narHash": "sha256-BAuPWW+9fa1moZTU+jFh+1cUtmsuF8asgzFwejM4wac=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "32e940c7c420600ef0d1ef396dc63b04ee9cad37", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_9": { + "locked": { + "lastModified": 1729307008, + "narHash": "sha256-QUvb6epgKi9pCu9CttRQW4y5NqJ+snKr1FZpG/x3Wtc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "a9b86fc2290b69375c5542b622088eb6eca2a7c3", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, "nixvim": { "inputs": { - "flake-parts": "flake-parts_4", - "nixpkgs": "nixpkgs_7", + "flake-parts": "flake-parts", + "nixpkgs": "nixpkgs_5", "nixvim": "nixvim_2" }, "locked": { @@ -1823,14 +1595,14 @@ "nixvim_2": { "inputs": { "devshell": "devshell", - "flake-compat": "flake-compat_3", - "flake-parts": "flake-parts_5", + "flake-compat": "flake-compat_2", + "flake-parts": "flake-parts_2", "git-hooks": "git-hooks", "home-manager": "home-manager_3", "nix-darwin": "nix-darwin", - "nixpkgs": "nixpkgs_8", + "nixpkgs": "nixpkgs_6", "nuschtosSearch": "nuschtosSearch", - "treefmt-nix": "treefmt-nix_2" + "treefmt-nix": "treefmt-nix" }, "locked": { "lastModified": 1727871072, @@ -1848,8 +1620,8 @@ }, "nixvim_3": { "inputs": { - "flake-parts": "flake-parts_6", - "nixpkgs": "nixpkgs_12", + "flake-parts": "flake-parts_3", + "nixpkgs": "nixpkgs_10", "nixvim": "nixvim_4" }, "locked": { @@ -1868,14 +1640,14 @@ "nixvim_4": { "inputs": { "devshell": "devshell_2", - "flake-compat": "flake-compat_5", - "flake-parts": "flake-parts_7", + "flake-compat": "flake-compat_4", + "flake-parts": "flake-parts_4", "git-hooks": "git-hooks_2", "home-manager": "home-manager_4", "nix-darwin": "nix-darwin_2", - "nixpkgs": "nixpkgs_13", + "nixpkgs": "nixpkgs_11", "nuschtosSearch": "nuschtosSearch_2", - "treefmt-nix": "treefmt-nix_3" + "treefmt-nix": "treefmt-nix_2" }, "locked": { "lastModified": 1727871072, @@ -1893,7 +1665,7 @@ }, "nuschtosSearch": { "inputs": { - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_2", "nixpkgs": [ "nathan", "prgms", @@ -1918,7 +1690,7 @@ }, "nuschtosSearch_2": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_3", "nixpkgs": [ "nixvim", "nixvim", @@ -1955,40 +1727,9 @@ "type": "path" } }, - "poetry2nix": { - "inputs": { - "flake-utils": [ - "authentik-nix", - "flake-utils" - ], - "nix-github-actions": "nix-github-actions", - "nixpkgs": [ - "authentik-nix", - "nixpkgs" - ], - "systems": [ - "authentik-nix", - "systems" - ], - "treefmt-nix": "treefmt-nix" - }, - "locked": { - "lastModified": 1727169160, - "narHash": "sha256-m/3tT0Wvk2V4H15riZC/yT7i7t+8V58HTDpthKV5yhk=", - "owner": "nix-community", - "repo": "poetry2nix", - "rev": "7624b3e0275d9b52dbdda46ef7ffee66b36ff823", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "poetry2nix", - "type": "github" - } - }, "pre-commit-hooks": { "inputs": { - "flake-compat": "flake-compat_2", + "flake-compat": "flake-compat", "gitignore": "gitignore", "nixpkgs": [ "nathan", @@ -2066,11 +1807,11 @@ "locked": { "lastModified": 1, "narHash": "sha256-HAuZ9X84fuwUcit6NWUoJCjHj+29nST/YN6Rs8JQugY=", - "path": "/nix/store/gn9md1z9j2h9xg9ccx5p89zbjhij2gmk-source/programs", + "path": "/nix/store/wh5bq8lgwdnnqvydzp5zvdl20bvr28jh-source/programs", "type": "path" }, "original": { - "path": "/nix/store/gn9md1z9j2h9xg9ccx5p89zbjhij2gmk-source/programs", + "path": "/nix/store/wh5bq8lgwdnnqvydzp5zvdl20bvr28jh-source/programs", "type": "path" } }, @@ -2122,15 +1863,14 @@ }, "root": { "inputs": { - "arion": "arion", - "authentik-nix": "authentik-nix", "disko": "disko", "firefox-addons": "firefox-addons", "home-manager": "home-manager", "impermanence": "impermanence", "nathan": "nathan", - "nixpkgs": "nixpkgs_11", + "nixpkgs": "nixpkgs_9", "nixvim": "nixvim_3", + "simple-nixos-mailserver": "simple-nixos-mailserver", "sops-nix": "sops-nix", "system": "system" } @@ -2142,14 +1882,37 @@ "locked": { "lastModified": 1, "narHash": "sha256-0Ztx5DVQ2I7hvCK/qjGa4XTdRgbzM8rhf19m0al8lVM=", - "path": "/nix/store/gn9md1z9j2h9xg9ccx5p89zbjhij2gmk-source/services/sddm", + "path": "/nix/store/wh5bq8lgwdnnqvydzp5zvdl20bvr28jh-source/services/sddm", "type": "path" }, "original": { - "path": "/nix/store/gn9md1z9j2h9xg9ccx5p89zbjhij2gmk-source/services/sddm", + "path": "/nix/store/wh5bq8lgwdnnqvydzp5zvdl20bvr28jh-source/services/sddm", "type": "path" } }, + "simple-nixos-mailserver": { + "inputs": { + "blobs": "blobs", + "flake-compat": "flake-compat_5", + "nixpkgs": "nixpkgs_12", + "nixpkgs-24_05": "nixpkgs-24_05", + "utils": "utils" + }, + "locked": { + "lastModified": 1718084203, + "narHash": "sha256-Cx1xoVfSMv1XDLgKg08CUd1EoTYWB45VmB9XIQzhmzI=", + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "rev": "29916981e7b3b5782dc5085ad18490113f8ff63b", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "ref": "nixos-24.05", + "repo": "nixos-mailserver", + "type": "gitlab" + } + }, "sops-nix": { "inputs": { "nixpkgs": [ @@ -2189,8 +1952,8 @@ }, "spicetify-nix": { "inputs": { - "flake-compat": "flake-compat_4", - "nixpkgs": "nixpkgs_9" + "flake-compat": "flake-compat_3", + "nixpkgs": "nixpkgs_7" }, "locked": { "lastModified": 1729570661, @@ -2213,12 +1976,12 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-jBQRhGozH54R4irazSAFo70saC+P2hdlgXoYI1FmYjs=", - "path": "/nix/store/gpfmpajhyryyy4kghfir583qpzw6278f-source/system-config", + "narHash": "sha256-AV5R8VDvEf+5THLpYas8gXfGdlCKv4M9W+5ejkXlGFg=", + "path": "/nix/store/mvs0ic19pnn66mxdq0paphssqvxg0k1j-source/system-config", "type": "path" }, "original": { - "path": "/nix/store/gpfmpajhyryyy4kghfir583qpzw6278f-source/system-config", + "path": "/nix/store/mvs0ic19pnn66mxdq0paphssqvxg0k1j-source/system-config", "type": "path" } }, @@ -2254,16 +2017,16 @@ }, "systems_3": { "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default-linux", + "repo": "default", "type": "github" } }, @@ -2329,7 +2092,7 @@ }, "themecord": { "inputs": { - "nixpkgs": "nixpkgs_10" + "nixpkgs": "nixpkgs_8" }, "locked": { "lastModified": 1729423029, @@ -2346,28 +2109,6 @@ } }, "treefmt-nix": { - "inputs": { - "nixpkgs": [ - "authentik-nix", - "poetry2nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1719749022, - "narHash": "sha256-ddPKHcqaKCIFSFc/cvxS14goUhCOAwsM1PbMr0ZtHMg=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "8df5ff62195d4e67e2264df0b7f5e8c9995fd0bd", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, - "treefmt-nix_2": { "inputs": { "nixpkgs": [ "nathan", @@ -2391,7 +2132,7 @@ "type": "github" } }, - "treefmt-nix_3": { + "treefmt-nix_2": { "inputs": { "nixpkgs": [ "nixvim", @@ -2413,6 +2154,24 @@ "type": "github" } }, + "utils": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1709126324, + "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "d465f4819400de7c8d874d50b982301f28a84605", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "xdph": { "inputs": { "hyprland-protocols": [ diff --git a/flake.nix b/flake.nix index 52326d5..c5f9def 100644 --- a/flake.nix +++ b/flake.nix @@ -16,9 +16,9 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - arion.url = "github:hercules-ci/arion"; + #arion.url = "github:hercules-ci/arion"; - authentik-nix.url = "github:nix-community/authentik-nix"; + #authentik-nix.url = "github:nix-community/authentik-nix"; home-manager = { url = "github:nix-community/home-manager/release-24.05"; @@ -30,6 +30,8 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05"; + system.url = "./system-config"; nixvim.url = "/ssd1/Projects/Nixvim"; diff --git a/system-config/configuration/homebox/default.nix b/system-config/configuration/homebox/default.nix index f6c7885..d9c6749 100644 --- a/system-config/configuration/homebox/default.nix +++ b/system-config/configuration/homebox/default.nix @@ -88,9 +88,9 @@ networking = { hostName = "homebox"; - nameservers = [ "127.0.0.1" ]; + nameservers = [ "1.1.1.1" "1.0.0.1" ]; networkmanager.enable = true; - firewall.allowedTCPPorts = [ 22 80 443 9000 8080 ]; + firewall.allowedTCPPorts = [ 22 80 443 9000 8080 8081 ]; hosts = { "192.168.100.11" = [ "blunkall.us" "*.blunkall.us" "*.local.blunkall.us" ]; }; @@ -194,10 +194,9 @@ "pihole/pass" = {}; - "gitlab/db_pass" = {}; - "gitlab/root_pass" = {}; - - "nextcloud/pass" = {}; + "nextcloud/pass" = { + owner = "nextcloud"; + }; }; }; diff --git a/system-config/configuration/homebox/secrets/secrets.yaml b/system-config/configuration/homebox/secrets/secrets.yaml index 9b393ca..0d2f979 100644 --- a/system-config/configuration/homebox/secrets/secrets.yaml +++ b/system-config/configuration/homebox/secrets/secrets.yaml @@ -6,8 +6,13 @@ authentik: pihole: pass: ENC[AES256_GCM,data:hintZA==,iv:HA5K8mHYlLtf5s8iaLI/QRolYgcKwG8DWCH+LXnWI4k=,tag:DlnXxG0n9dBVpk2kILlPKg==,type:str] gitlab: - db_pass: "" - root_pass: "" + db_pass: ENC[AES256_GCM,data:N3KvXkXql/PDjxZSpGo/Apr/,iv:OOzhR4BEmV3T01PA50vqdJMg7D2OGKHn/8hiqKEaOd4=,tag:jzdonXH/D/5kZ5Cld2W//w==,type:str] + root_pass: ENC[AES256_GCM,data:bALaUkoJw3N0ugZP/4MCnEsD,iv:LJdJpXlyzA6o00UVlK+l5WCCFIL/sT/fQNjI8wA5LAg=,tag:BYk1o/rjubyEpeHbgYA1Sg==,type:str] + secrets: + secret: ENC[AES256_GCM,data:3/26giCD58RErtEDxQ90KxRl3aa8oH4co2Urw21r7hHCKaoSti1VpYoBtlvHdr5j,iv:SwliwLWSFfTZoc31JSm9YKBDGKiPQE7ujkiGaZmCQUc=,tag:2KT5BpJukixvhb6tnZb6lw==,type:str] + otp: ENC[AES256_GCM,data:RWOkQVPRsrJgPVtx49hiWRMAxVOszKxaDl40XQDL+QoDuoZi03wSxHiu4Ix9X2BR,iv:uO+CTR5S4r1q7n1ycQw0hYdu8JflSrvkgLiBbCmT8mk=,tag:gqCwNOqD78lFtgxUPyUw3A==,type:str] + db: ENC[AES256_GCM,data:rF4IIp1uFSGa67LVm8fy4/qFOmZLInRcG2IAfnuZG3+xtS9Z2RXpNcTZNFBDdOaD,iv:/KYwf3ZH6w48L49rY/FmaGQOt3jGdOUTZ9vFhmLZG60=,tag:f38iYIgpgdjWF34qD1fz2w==,type:str] + jws: ENC[AES256_GCM,data:C+GVDeO319QGjq2+fBMr1LaY6/6Tuz6jWomkvFVul6ydJjmMFO3A9dYI66WWY6g2iZgYEWDKUikW1qDK5sGgU5ZAZzaqS01LUsSsPHUcMqIg/AjtcRfaEvHYODYPPSEwdISzhceDaim8yqhrNTIOHUHvOxcILvtUmsI61hNfVSnOQbqifIJDgGP7bKaf96t8+qcBvp/UBwP1qHj/m4jD83yc8Pdih+ZuPmyNdo3Ew0nbLTykYVX3XsrO1RlJ/Gp+KPfRSJzVGAnqUKr8mI+32LUpXSJ96bEGA67/blSh1dbBxSVo3K83aZYuY6vvXb+Et6qd4piZYKGCxA+waSrTkYHvSgS5vJRbCGWauXKCYFASxxqmdJ3cu+rbphbshBVA3SIPHhZxun6BWaP0qTYZyfB/YsSU4J+kYiE3UEYX9GYEAY9bsO89IYZSsTsmYke2EI4KMcjyUFstZ2WTYqCpwJ6CMAuerDEMHP6N3xCO5MVDZfE4sKKHpfSCVQg8ak7IxV+3jZvZi2tUbvZZf/tYORzPeTUSEpcC4cGwwAJd3XKUetaiuDwQVkLa13xotfL0d+Lwc6eZil0e/sureLqvQM6kpWhK7yscu2hKGOzxx/OZClry2Uyc1fL5iWWxvM8Djg+ShoAS5m3Nt0R+mcLdgaylkZvMl9gNWFO1uzlnhGnJQtekVaXCJ9f9QZt5RizJYwM9pMKhSDTZ0vd4y69iZpz3YXhKtkvYX02RIFtTiqsbyU0pXVjK0SpKsb5T+yphacGeZRwQS9QadW9dE6xQsxwwYC//swm5l6ke+DyZrcsc/J+MBHFuN71D2st+jtfywZYg/YT9EcCFOMjqEgfDq7YICgyqfqRGAdVWQy660T5Mi+gYKcHqbYXaaB3VNL2RGIu/uybih/7ynGRM2+0ro9oKJ+fEbdi1alSFFJ0IvA5lU6XHd2CSyizEC9ak+HBLkYeSqOPfItfLH82jRiUtrY5u4fIlioLQTA1aKHax6q8cIf30FCGenhjM6jMj2WpXKI16+1xK9Om9mg94YmFjM+erQh3o/fbPuMbkNaNJQwabupshBK2h3caaE0cDUnDukUFUANHz9q5LVxSkw39GTjGpovxQJiZHbSdeIC/AzFXRVA1ojhzkeuefygdP27Aa+fLjEBn2x8AcdhyP1n8lQyjy0Wnxq9hJDbVXJF93FIdcCmF/JGejgHcr3YZUMY4OFG9gzISDEdgR99fYvKM+A9Pj2JNtCQ5iKCctg5opIEKA1z4RIpRQs0KmXq3JgjWhU1LeOWaX2YzS5rCJWyhxnTJXGk4a/cMvhbLRjFOKcDNNMp8yJrXk1pth7nFOJ4Put6o67jtjbgpgnPuEdelnXEEaReCfJEo2z8zka63kYqbIvcG4W2pKwsA4tT0QctVwltRdYU8YyKuOpQJtKvVdlZL0oxOwxPioTT8fOebRBaecKhQKF4fp9UGlE/GStud6oFSbN685U2TKihvYNmfLRSWQk1Y/APyCRlhOmhFLaIzJxogdlKzpg4AEg/2SRoEZPsqyZThI8uhCIT1qG0UBiZBTjey322fsEEZtNxO5nX/JeBDOVty3sIGs1OKBTjMXSZ+nzU9AIH6dek9Bz+Fix7a90IkQUB5xtgrIYgCH34L4a0o1jWy5bzT9fl53VnbzrICcT/wdRU/GznYYjxlF2uRBKIu7s0glDmsPXCZuorqvJlr2hySgN/hJKOlrCghraUD14pRk4OfRVKULkPQ7betgaCVbsihXplodrAgJ0BdIbf3tKRC8Ghx8+mYAWNXj+PtWBydEjEirCH70SJu53gjF5mNgl2EIaHNK7jqBgXhDr2/7uH97Tl+S9ue+TDlpr067T5JAqU3fOqq+ZS4wqEvqMYRfXd/V2FjNbBpoH8UW6pMuFaM06DBI+6p9O9xBl1eP3Sy3vrBwK2pCwLbi0LdJ2apQTl/51ZXp2xaaUAAh1Fu/bM21V7ENa5sGxpSTYwdSLyPnd8usqECw9W1XDNUI2EmJnp9AelD/joNwuL6U7pydrNUCguCjxHfbd+m0vc/te53GerJlSXbjEWz53f3RjSB90AaA6sOGhi1BFiHYSAjzMdqVSj4M68r+UF3YIuEuoaOzrVrkb5st3tYD0dz+ORhxo44aKEzgohseha5fg0wcTz9orqkeP/FyoOeItG2UwNVAWWGh/lBtXh8c4ILUMolZ1m2DWiYj/pyDvODVnP96u6TvyMC0H8aolgGHn7nDMTi+mCIvNFQYeXdVrRCpWS9aQik=,iv:cxdargXx2a7pET7BjCSZ/yXL7AnxNqncyDQ7CR3E3AA=,tag:2xKXfhBjynDqlvH377lpSA==,type:str] nextcloud: pass: ENC[AES256_GCM,data:U/VI/uHDT1a5O4iAHUVwsz/h,iv:W0hAXBddFKhXmDWHpCB2JhjPPTEGer7721WtIRxg4Zo=,tag:OE4wzibNaaXsbfFuk0dwTA==,type:str] sops: @@ -25,8 +30,8 @@ sops: S0NMRGJSeks0Q0UrVnZmUVdyU2NqVm8KLu2kQpD1fJdU0fTdR9A2cTQzRp+waJ6M 8vA+E8xYb2U4d7m0YnwKkGzw0CBPb0BvdEgvWvqpFViftoDwRv5KGA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-12T14:28:49Z" - mac: ENC[AES256_GCM,data:fXVSjqESPAREM5Iz3ZXS9stkYrXTeO4PR0lZuf8baR8OA9P07sQcPtq2parKL8RlALLcrdi3uqDJhv0Zw7mVwvnvzlgKsLssiz4U/N4zzIhwNXGvXccwKF4IEJD48/wRz31S87haIu0N8LHrV3LS++eZLnbWaqtVzuT39WxGUww=,iv:0QqLBKm3T+wCFgjFedViaCYBgBRKUkabqW6sv1OBSQE=,tag:ovUkgubwRfZnc94Ss4G2tA==,type:str] + lastmodified: "2024-11-17T16:33:08Z" + mac: ENC[AES256_GCM,data:q+aHvOUysVDFKcXJZ0/v0BEGhmwo/1wvVwyF4oWh09AWPzf3FlwZhaHmyz8hE2nlSIAiU7RDCnJ6haweHKC532+ckoI0z10iFGSu9UWZr1k/5asqZfXR7IrZw83fhnWQkofrPYLuEcJV/RXlT8n4HK6pt+ztB2JtiVt7wtyWOg4=,iv:IAviaFZUKDCFuaklBZxY+nck9g5Vri+QGR/rLsIxA1M=,tag:KbKRqueb921ugdyRhFguWw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/system-config/services/containers/gitlab/default.nix b/system-config/services/containers/gitlab/default.nix index 6179f64..7a83a33 100644 --- a/system-config/services/containers/gitlab/default.nix +++ b/system-config/services/containers/gitlab/default.nix @@ -7,6 +7,31 @@ config = lib.mkIf config.sysconfig.opts.virtualization.gitlab.enable { + sops.secrets."gitlab/dbpass" = { + + path = "/ssd1/Gitlab/dbpass"; + }; + sops.secrets."gitlab/root_pass" = { + + path = "/ssd1/Gitlab/rootpass"; + }; + sops.secrets."gitlab/secrets/secret" = { + + path = "/ssd1/Gitlab/secret"; + }; + sops.secrets."gitlab/secrets/otp" = { + + path = "/ssd1/Gitlab/otp"; + }; + sops.secrets."gitlab/secrets/db" = { + + path = "/ssd1/Gitlab/db"; + }; + sops.secrets."gitlab/secrets/jws" = { + + path = "/ssd1/Gitlab/jws"; + }; + containers.gitlab = { autoStart = true; @@ -14,23 +39,35 @@ hostAddress = "192.168.100.10"; localAddress = "192.168.100.16"; bindMounts = { - "/etc/gitlab/data" = { - hostPath = "/ssd1/Gitlab/data"; + "/etc/gitlab" = { + hostPath = "/ssd1/Gitlab"; isReadOnly = false; }; }; config = { + + systemd.tmpfiles.rules = [ + "z /etc/gitlab/dbpass - gitlab gitlab" + "z /etc/gitlab/rootpass - gitlab gitlab" + "z /etc/gitlab/db - gitlab gitlab" + "z /etc/gitlab/secret - gitlab gitlab" + "z /etc/gitlab/jws - gitlab gitlab" + "z /etc/gitlab/otp - gitlab gitlab" + ]; services.gitlab = { enable = true; - #https = true; - #port = 443; - #host = "localhost"; - databasePasswordFile = pkgs.writeText "dbPassword" "hellothere!"; - initialRootPasswordFile = pkgs.writeText "rootPassword" "generalkenobi"; + https = true; + port = 443; + host = "localhost"; + databasePasswordFile = "/etc/gitlab/dbpass"; + initialRootPasswordFile = "/etc/gitlab/rootpass"; secrets = { - + secretFile = "/etc/gitlab/secret"; + otpFile = "/etc/gitlab/otp"; + dbFile = "/etc/gitlab/db"; + jwsFile = "/etc/gitlab/jws"; }; }; diff --git a/system-config/services/containers/nextcloud/default.nix b/system-config/services/containers/nextcloud/default.nix index e153f35..45541c8 100644 --- a/system-config/services/containers/nextcloud/default.nix +++ b/system-config/services/containers/nextcloud/default.nix @@ -1,21 +1,57 @@ -{ config, lib, pkgs, ... }: { +{ config, lib, pkgs, inputs, ... }: { options.sysconfig.opts.virtualization.nextcloud.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; + imports = [ + inputs.simple-nixos-mailserver.nixosModule + ]; + config = lib.mkIf config.sysconfig.opts.virtualization.nextcloud.enable { - sops.templates."nextcloud_pass.txt" = { - content = '' - ${config.sops.placeholder."nextcloud/pass"} - ''; + /*mailserver = { + enable = true; + fqdn = "mail.blunkall.com"; + domains = [ "blunkall.us" ]; - path = "/ssd1/Nextcloud/nextcloud_pass.txt"; + loginAccounts = { + "user1@blunkall.us" = { + hashedPasswordFile = ""; + + }; + }; + };*/ + + services.nginx.virtualHosts."localhost".listen = [ { addr = "0.0.0.0"; port = 8081; } ]; + services.nextcloud = { + enable = true; + package = pkgs.nextcloud30; + hostName = "localhost"; + config = { + adminpassFile = config.sops.secrets."nextcloud/pass".path; + adminuser = "root"; + dbtype = "mysql"; + }; + https = true; + datadir = "/ssd1/Nextcloud/data"; + home = "/ssd1/Nextcloud/nextcloud_home"; + appstoreEnable = true; + extraApps = with config.services.nextcloud.package.packages.apps; { + inherit mail contacts calendar tasks user_oidc; + }; + extraAppsEnable = true; + settings = { + overwriteprotocol = "https"; + trusted_domains = [ "nextcloud.blunkall.us" ]; + trusted_proxies = [ "192.168.100.11" ]; + default_phone_region = "US"; + }; + database.createLocally = true; }; - containers.nextcloud = { + /*containers.nextcloud = { autoStart = true; privateNetwork = true; @@ -24,33 +60,26 @@ bindMounts = { - "/var/lib/nextcloud" = { + "/etc/nextcloud" = { hostPath = "/ssd1/Nextcloud"; isReadOnly = false; }; }; - config = { - - networking.firewall.allowedTCPPorts = [ 80 ]; + config = { config, lib, pkgs, ... }: { + networking.firewall.allowedTCPPorts = [ 80 443 ]; + services.nginx.virtualHosts."192.168.100.16".listen = [ { addr = "0.0.0.0"; port = 80; } ]; + environment.etc."nextcloud-admin-pass".text = "//falconAdjacent42"; services.nextcloud = { - enable = true; - package = pkgs.nextcloud30; - hostName = "localhost"; - config.adminpassFile = "/var/lib/nextcloud/nextcloud_pass.txt"; - datadir = "/var/lib/nextcloud/data"; - home = "/var/lib/nextcloud/nextcloud_home"; - https = true; - maxUploadSize = "5G"; - settings = { - overwriteprotocol = "https"; - }; + package = pkgs.nextcloud28; + hostName = "192.168.100.16"; + config.adminpassFile = "/etc/nextcloud-admin-pass"; }; - system.stateVersion = "24.05"; + system.stateVersion = "23.05"; }; - }; + };*/ }; } diff --git a/system-config/services/containers/traefik/default.nix b/system-config/services/containers/traefik/default.nix index 59ec535..a1d182d 100644 --- a/system-config/services/containers/traefik/default.nix +++ b/system-config/services/containers/traefik/default.nix @@ -128,32 +128,44 @@ entryPoints = [ "localsecure" "websecure" ]; rule = "Host(`blunkall.us`) || Host(`www.blunkall.us`)"; service = "homepage"; + tls.certResolver = "cloudflare"; middlewares = [ "authentik" ]; }; + nathan = { + entryPoints = [ "localsecure" "websecure" ]; + rule = "Host(`nathan.blunkall.us`)"; + service = "homepage"; + tls.certResolver = "cloudflare"; + }; jellyfin = { entryPoints = [ "localsecure" "websecure" ]; rule = "Host(`jellyfin.blunkall.us`)"; service = "jellyfin"; + tls.certResolver = "cloudflare"; }; auth = { entryPoints = [ "localsecure" "websecure" ]; rule = "Host(`auth.blunkall.us`)"; service = "authentik"; + tls.certResolver = "cloudflare"; }; - /*gitlab = { + gitlab = { entryPoints = [ "localsecure" "websecure" ]; rule = "Host(`gitlab.blunkall.us`)"; - service = "gitlab"; - };*/ + service = "homepage"; + tls.certResolver = "cloudflare"; + #middlewares = [ "authentik" ]; + }; nextcloud = { entryPoints = [ "localsecure" "websecure" ]; rule = "Host(`nextcloud.blunkall.us`)"; service = "nextcloud"; + tls.certResolver = "cloudflare"; middlewares = [ "nextcloud_redirectregex" ]; @@ -163,12 +175,14 @@ entryPoints = [ "localsecure" ]; rule = "Host(`traefik.local.blunkall.us`)"; service = "api@internal"; + tls.certResolver = "cloudflare"; }; pihole = { entryPoints = [ "localsecure" ]; rule = "Host(`pihole.local.blunkall.us`)"; service = "pihole"; + tls.certResolver = "cloudflare"; }; }; @@ -193,8 +207,8 @@ nextcloud_redirectregex.redirectregex = { permanent = true; - regex = "https://(.*)/.well-known/(?:card|cal)dav"; - replacement = "https://$${1}/remote.php/dav"; + regex = "https://nextcloud.blunkall.us/.well-known/(?:card|cal)dav"; + replacement = "https://nextcloud.blunkall.us/remote.php/dav"; }; }; @@ -209,7 +223,7 @@ pihole.loadBalancer.servers = [ { url = "http://192.168.100.10:8080"; } ]; - nextcloud.loadBalancer.servers = [ { url = "http://192.168.100.16:80"; } ]; + nextcloud.loadBalancer.servers = [ { url = "http://192.168.100.10:8081"; } ]; }; }; };