2016-04-14 14:02:16 +02:00
|
|
|
|
# Edit this configuration file to define what should be installed on
|
|
|
|
|
# your system. Help is available in the configuration.nix(5) man page
|
|
|
|
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
|
|
|
|
|
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
imports = [
|
2018-03-11 19:21:08 +01:00
|
|
|
|
<yori-nix/physical/kassala.nix>
|
|
|
|
|
<yori-nix/roles/server.nix>
|
|
|
|
|
../modules/muflax-blog.nix
|
2016-04-14 14:02:16 +02:00
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
system.stateVersion = "16.03";
|
2017-02-02 16:58:48 +01:00
|
|
|
|
|
2018-03-11 18:28:25 +01:00
|
|
|
|
services.nginx.enable = true;
|
|
|
|
|
services.yorick = {
|
2018-11-20 22:28:58 +01:00
|
|
|
|
public = { enable = true; vhost = "pub.yori.cc"; };
|
2018-03-11 18:28:25 +01:00
|
|
|
|
website = { enable = true; vhost = "yorickvanpelt.nl"; };
|
|
|
|
|
mail = {
|
|
|
|
|
enable = true;
|
|
|
|
|
mainUser = "yorick";
|
2018-03-11 19:21:08 +01:00
|
|
|
|
users.yorick = {
|
|
|
|
|
password = (import <yori-nix/secrets.nix>).yorick_mailPassword;
|
|
|
|
|
domains = ["yori.cc" "yorickvanpelt.nl"];
|
2018-03-11 18:28:25 +01:00
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
xmpp = {
|
2018-05-25 00:27:43 +02:00
|
|
|
|
enable = false;
|
2018-03-11 18:28:25 +01:00
|
|
|
|
vhost = "yori.cc";
|
|
|
|
|
admins = [ "yorick@yori.cc" ];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
services.nginx.virtualHosts."yori.cc" = {
|
2017-01-30 17:41:54 +01:00
|
|
|
|
enableACME = true;
|
|
|
|
|
forceSSL = true;
|
2018-03-11 18:28:25 +01:00
|
|
|
|
globalRedirect = "yorickvanpelt.nl";
|
2017-01-30 17:41:54 +01:00
|
|
|
|
};
|
2016-04-21 22:45:06 +02:00
|
|
|
|
|
2016-04-22 19:12:59 +02:00
|
|
|
|
|
|
|
|
|
|
2016-04-29 01:07:06 +02:00
|
|
|
|
|
|
|
|
|
services.muflax-blog = {
|
|
|
|
|
enable = true;
|
|
|
|
|
web-server = {
|
|
|
|
|
port = 9001;
|
|
|
|
|
};
|
|
|
|
|
hidden-service = {
|
|
|
|
|
hostname = "muflax65ngodyewp.onion";
|
2018-03-11 23:17:55 +01:00
|
|
|
|
private_key = "/root/keys/http.muflax.key";
|
2016-04-29 01:07:06 +02:00
|
|
|
|
};
|
|
|
|
|
};
|
2018-05-25 00:27:43 +02:00
|
|
|
|
users.extraUsers.git = {
|
|
|
|
|
createHome = true;
|
|
|
|
|
home = config.services.gitea.stateDir; extraGroups = [ "git" ]; useDefaultShell = true;};
|
|
|
|
|
services.gitea = {
|
|
|
|
|
enable = true;
|
|
|
|
|
user = "git";
|
|
|
|
|
database.user = "root";
|
|
|
|
|
database.name = "gogs";
|
|
|
|
|
#dump.enable = true; TODO: backups
|
|
|
|
|
domain = "git.yori.cc";
|
|
|
|
|
rootUrl = "https://git.yori.cc/";
|
|
|
|
|
httpAddress = "localhost";
|
|
|
|
|
cookieSecure = true;
|
|
|
|
|
extraConfig = ''
|
|
|
|
|
[service]
|
|
|
|
|
REGISTER_EMAIL_CONFIRM = false
|
|
|
|
|
ENABLE_NOTIFY_MAIL = false
|
|
|
|
|
DISABLE_REGISTRATION = true
|
|
|
|
|
REQUIRE_SIGNIN_VIEW = false
|
|
|
|
|
[picture]
|
|
|
|
|
DISABLE_GRAVATAR = false
|
|
|
|
|
[mailer]
|
|
|
|
|
ENABLED = false
|
|
|
|
|
AVATAR_UPLOAD_PATH = ${config.services.gitea.stateDir}/data/avatars
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
services.nginx.virtualHosts."git.yori.cc" = {
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
enableACME = true;
|
|
|
|
|
locations."/" = {
|
|
|
|
|
proxyPass = "http://127.0.0.1:${toString config.services.gitea.httpPort}";
|
|
|
|
|
extraConfig = ''
|
|
|
|
|
proxy_buffering off;
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
};
|
2018-03-11 23:17:55 +01:00
|
|
|
|
deployment.keyys = [ <yori-nix/keys/http.muflax.key> ];
|
2016-04-14 14:02:16 +02:00
|
|
|
|
}
|