diff --git a/flake.lock b/flake.lock index 24d146e..2928e78 100644 --- a/flake.lock +++ b/flake.lock @@ -1385,11 +1385,11 @@ "locked": { "lastModified": 1, "narHash": "sha256-GNix63XYPLopvFgOUHyouU0d/V9lvKN9h3h1juttDgg=", - "path": "/nix/store/1w9iy5z4gb51v425r1i57983vi3bzdqk-source/home-manager", + "path": "/nix/store/ymfv7s9i4xhig39nyci7aifl9z34y78h-source/home-manager", "type": "path" }, "original": { - "path": "/nix/store/1w9iy5z4gb51v425r1i57983vi3bzdqk-source/home-manager", + "path": "/nix/store/ymfv7s9i4xhig39nyci7aifl9z34y78h-source/home-manager", "type": "path" } }, @@ -2067,11 +2067,11 @@ "locked": { "lastModified": 1, "narHash": "sha256-HAuZ9X84fuwUcit6NWUoJCjHj+29nST/YN6Rs8JQugY=", - "path": "/nix/store/f585mnr0xhrs90swbckv27h60c7hk8mp-source/programs", + "path": "/nix/store/lmily1c217gvdwsz3rlsjphdc15v2d2h-source/programs", "type": "path" }, "original": { - "path": "/nix/store/f585mnr0xhrs90swbckv27h60c7hk8mp-source/programs", + "path": "/nix/store/lmily1c217gvdwsz3rlsjphdc15v2d2h-source/programs", "type": "path" } }, @@ -2155,11 +2155,11 @@ "locked": { "lastModified": 1, "narHash": "sha256-0Ztx5DVQ2I7hvCK/qjGa4XTdRgbzM8rhf19m0al8lVM=", - "path": "/nix/store/f585mnr0xhrs90swbckv27h60c7hk8mp-source/services/sddm", + "path": "/nix/store/lmily1c217gvdwsz3rlsjphdc15v2d2h-source/services/sddm", "type": "path" }, "original": { - "path": "/nix/store/f585mnr0xhrs90swbckv27h60c7hk8mp-source/services/sddm", + "path": "/nix/store/lmily1c217gvdwsz3rlsjphdc15v2d2h-source/services/sddm", "type": "path" } }, @@ -2226,12 +2226,12 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-d2cED6HwQD1a5sWYGKTkrXSYqvDecyIioUT5U2W4xds=", - "path": "/nix/store/1w9iy5z4gb51v425r1i57983vi3bzdqk-source/system-config", + "narHash": "sha256-YHm0+Ze4OZOFqRrorlnH/iz3DAZEukDLS8mbgGiExBc=", + "path": "/nix/store/ymfv7s9i4xhig39nyci7aifl9z34y78h-source/system-config", "type": "path" }, "original": { - "path": "/nix/store/1w9iy5z4gb51v425r1i57983vi3bzdqk-source/system-config", + "path": "/nix/store/ymfv7s9i4xhig39nyci7aifl9z34y78h-source/system-config", "type": "path" } }, diff --git a/system-config/configuration/homebox/default.nix b/system-config/configuration/homebox/default.nix index bfa8ad1..75d4aee 100644 --- a/system-config/configuration/homebox/default.nix +++ b/system-config/configuration/homebox/default.nix @@ -19,7 +19,7 @@ ]; boot = { - kernelPackages = pkgs.linuxKernel.kernels.linux_6_11; + kernelPackages = pkgs.linuxKernel.packages.linux_6_1; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; @@ -250,6 +250,8 @@ traefik.enable = true; authentik.enable = false; + + "blunkall.us".enable = true; gitlab.enable = false; }; diff --git a/system-config/services/containers/authentik-nix/default.nix b/system-config/services/containers/authentik-nix/default.nix index 19a735b..9010bf4 100644 --- a/system-config/services/containers/authentik-nix/default.nix +++ b/system-config/services/containers/authentik-nix/default.nix @@ -5,10 +5,6 @@ default = false; }; - imports = [ - inputs.authentik-nix.nixosModules.default - ]; - config = lib.mkIf config.sysconfig.opts.virtualization.authentik.enable { sops.templates."authentik.env" = { @@ -33,6 +29,10 @@ }; }; config = { + + imports = [ + inputs.authentik-nix.nixosModules.default + ]; services.authentik = { @@ -43,6 +43,8 @@ avatars = "initials"; }; }; + + networking.firewall.enable = false; }; }; diff --git a/system-config/services/containers/default.nix b/system-config/services/containers/default.nix index bb616eb..c7aad72 100644 --- a/system-config/services/containers/default.nix +++ b/system-config/services/containers/default.nix @@ -4,5 +4,6 @@ ./gitlab ./traefik ./authentik-nix + ./nginx ]; } diff --git a/system-config/services/containers/httpd/default.nix b/system-config/services/containers/httpd/default.nix deleted file mode 100644 index e69de29..0000000 diff --git a/system-config/services/containers/nginx/default.nix b/system-config/services/containers/nginx/default.nix new file mode 100644 index 0000000..03e7857 --- /dev/null +++ b/system-config/services/containers/nginx/default.nix @@ -0,0 +1,39 @@ +{ config, lib, ... }: { + + options.sysconfig.opts.virtualization."blunkall.us".enable = lib.mkOption { + type = lib.types.bool; + default = false; + }; + + config = lib.mkIf config.sysconfig.opts.virtualization."blunkall.us".enable { + + containers.blunkall_us = { + + autoStart = true; + privateNetwork = true; + hostAddress = "192.168.100.10"; + localAddress = "192.168.100.13"; + + bindMounts = { + "/var/www/data" = { + hostPath = "/ssd1/blunkall_us/data"; + isReadOnly = false; + }; + }; + + config = { + + services.nginx = { + enable = true; + virtualHosts."blunkall.us" = { + enableACME = false; + forceSSL = false; + root = "/var/www/data"; + }; + }; + + networking.firewall.allowedTCPPorts = [ 80 ]; + }; + }; + }; +} diff --git a/system-config/services/containers/traefik/default.nix b/system-config/services/containers/traefik/default.nix index 1699bb9..29e52f8 100644 --- a/system-config/services/containers/traefik/default.nix +++ b/system-config/services/containers/traefik/default.nix @@ -176,7 +176,7 @@ services = { #gitlab.loadBalancer.servers = [ { url = "http://192.168.100.12:80"; } ]; - homepage.loadBalancer.servers = [ { url = "http://192.168.100.10:8000"; } ]; + homepage.loadBalancer.servers = [ { url = "http://192.168.100.13:80"; } ]; }; }; };