fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Compare commits

base: fi:de504c77921d2543199b3bc1552e7b88e487a19e
Branches Tags
fi:main
fi:ikiwiki
fi:mas
..
compare: fi:e1d39fb8d4d3332b6fa32909f7cdd452057d7b51
Branches Tags
fi:main
fi:ikiwiki
fi:mas

3 commits
de504c7792 ... e1d39fb8d4

Author SHA1 Message Date
fi e1d39fb8d4
Setup ikiwiki host 2024-11-12 23:44:53 +01:00
Fiona Grzebien abc3c08a7a flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/dd6d18bf8d291daca03a444973bd4f9aa5c1f681?narHash=sha256-O2/v/ocUL0KsACqEIK5eD5XeX46duRIgKdOu6uCKarw%3D' (2024-10-28)
  → 'github:NixOS/nixpkgs/83fb6c028368e465cd19bb127b86f971a5e41ebc?narHash=sha256-rz30HrFYCHiWEBCKHMffHbMdWJ35hEkcRVU0h7ms3x0%3D' (2024-11-07)
• Updated input 'nixpkgs-master':
    'github:NixOS/nixpkgs/ec7caabec9679b1a9008e0cbcfa4b14a2b600774?narHash=sha256-WPGVR8NW9ctqwLMtYV23b94ExQulTFoTKqD21WI3fbg%3D' (2024-10-29)
  → 'github:NixOS/nixpkgs/b651050919c85b9131fa0d2640115ffd9266daad?narHash=sha256-YsODAqOF2xAHyK4%2BpKiS9nmGu%2BvQW%2B9kc5P7uRCirIM%3D' (2024-11-07)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/75e28c029ef2605f9841e0baa335d70065fe7ae2?narHash=sha256-P8wF4ag6Srmpb/gwskYpnIsnspbjZlRvu47iN527ABQ%3D' (2024-10-28)
  → 'github:NixOS/nixpkgs/0093b93ec307d42f51ced7ce90dda6c37516e98a?narHash=sha256-fhkxOv9RGEoPZNyl7VOpHf0Xoqc%2Bbu0J/uW3BSg7tOs%3D' (2024-11-07)
 2024-11-07 16:20:12 +01:00
Fiona Grzebien 24c8a4c1c1 Add cherry root user key to hydra builder 2024-11-05 01:41:15 +01:00
9 changed files with 107 additions and 12 deletions
Show stats Expand all files Collapse all files

1
config/hosts/hydra/configuration.nix
View file

@ -24,6 +24,7 @@
users.users.builder = {
isNormalUser = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK/plZfxF/RtB+pJsUYx9HUgRcB56EoO0uj+j3AGzZta root@cherry"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKeIiHkHA5c6/jZx+BB28c5wchdzlFI7R1gbvNmPyoOg root@kiara"
];
};

27
config/hosts/ikiwiki/configuration.nix Normal file
View file

@ -0,0 +1,27 @@
{ ... }:
{
boot.loader.grub = {
enable = true;
device = "/dev/vda";
};
networking = {
hostName = "ikiwiki";
firewall = {
enable = true;
allowedTCPPorts = [ 80 8443 ];
};
};
fileSystems = {
# partition data disk with `sudo mkfs.ext4 /dev/vdx`
# label data disk with `e2label /dev/vdx "data"`
"/mnt/data" = {
device = "/dev/disk/by-label/data";
fsType = "ext4";
autoResize = true;
};
};
system.stateVersion = "24.05";
}

8
config/hosts/ikiwiki/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ ... }:
{
imports = [
./configuration.nix
./ikiwiki.nix
./nginx.nix
];
}

17
config/hosts/ikiwiki/ikiwiki.nix Normal file
View file

@ -0,0 +1,17 @@
{ pkgs, config, ... }:
{
environment.systemPackages = with pkgs; [
ikiwiki-full
];
services.fcgiwrap.instances."ikiwiki" = {
socket = {
user = config.services.nginx.user;
group = config.services.nginx.group;
};
process = {
user = config.services.nginx.user;
group = config.services.nginx.group;
};
};
}

39
config/hosts/ikiwiki/nginx.nix Normal file
View file

@ -0,0 +1,39 @@
{ pkgs, ... }:
{
services.nginx = {
enable = true;
virtualHosts."fi.nekover.se" = {
forceSSL = true;
enableACME = true;
listen = [
{
addr = "0.0.0.0";
port = 80;
}
{
addr = "0.0.0.0";
port = 8443;
ssl = true;
extraParameters = [ "proxy_protocol" ];
}
];
root = "/mnt/data/public_html/fi-zone";
locations = {
"/" = {
tryFiles = "$uri $uri/ =404";
};
"~ .cgi" = {
extraConfig = ''
gzip off;
fastcgi_pass unix:/var/run/fcgiwrap-ikiwiki.sock;
include ${pkgs.nginx}/conf/fastcgi_params;
'';
};
};
extraConfig = ''
set_real_ip_from 10.202.41.100;
real_ip_header proxy_protocol;
'';
};
};
}

1
config/hosts/web-public-2/nginx.nix
View file

@ -20,6 +20,7 @@
birdsite.nekover.se 10.202.41.107:8443;
cloud.nekover.se 10.202.41.122:8443;
element.nekover.se 127.0.0.1:8443;
fi.nekover.se 10.202.41.125:8443;
gameserver.grzb.de 127.0.0.1:8443;
git.grzb.de 127.0.0.1:8443;
git.nekover.se 10.202.41.106:8443;

1
config/hosts/web-public-2/virtualHosts/acme-challenge.nix
View file

@ -7,6 +7,7 @@ let
"netbox.grzb.de" = "netbox.vs.grzb.de";
"git.nekover.se" = "forgejo.vs.grzb.de";
"grafana.grzb.de" = "metrics.vs.grzb.de";
"fi.nekover.se" = "ikiwiki.vs.grzb.de";
"jackett.grzb.de" = "torrent.vs.grzb.de";
"jellyseerr.grzb.de" = "jellyseerr.vs.grzb.de";
"keycloak-admin.nekover.se" = "keycloak.vs.grzb.de";

18
flake.lock
View file

@ -70,11 +70,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1730142757,
"narHash": "sha256-O2/v/ocUL0KsACqEIK5eD5XeX46duRIgKdOu6uCKarw=",
"lastModified": 1730963269,
"narHash": "sha256-rz30HrFYCHiWEBCKHMffHbMdWJ35hEkcRVU0h7ms3x0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dd6d18bf8d291daca03a444973bd4f9aa5c1f681",
"rev": "83fb6c028368e465cd19bb127b86f971a5e41ebc",
"type": "github"
},
"original": {
@ -101,11 +101,11 @@
},
"nixpkgs-master": {
"locked": {
"lastModified": 1730209337,
"narHash": "sha256-WPGVR8NW9ctqwLMtYV23b94ExQulTFoTKqD21WI3fbg=",
"lastModified": 1730992357,
"narHash": "sha256-YsODAqOF2xAHyK4+pKiS9nmGu+vQW+9kc5P7uRCirIM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ec7caabec9679b1a9008e0cbcfa4b14a2b600774",
"rev": "b651050919c85b9131fa0d2640115ffd9266daad",
"type": "github"
},
"original": {
@ -117,11 +117,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1730157240,
"narHash": "sha256-P8wF4ag6Srmpb/gwskYpnIsnspbjZlRvu47iN527ABQ=",
"lastModified": 1730945957,
"narHash": "sha256-fhkxOv9RGEoPZNyl7VOpHf0Xoqc+bu0J/uW3BSg7tOs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "75e28c029ef2605f9841e0baa335d70065fe7ae2",
"rev": "0093b93ec307d42f51ced7ce90dda6c37516e98a",
"type": "github"
},
"original": {

7
hosts.nix
View file

@ -26,13 +26,14 @@ let
}) hosts;
in
generateDefaults {
#fee = {
# site = "wg";
#};
hydra = {
site = "vs";
environment = "proxmox";
};
ikiwiki = {
site = "vs";
environment = "proxmox";
};
iperf = {
site = "vs";
environment = "proxmox";