rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-01-18 17:11:39 +01:00
Code Issues Projects Releases Packages Wiki Activity

purge: update

Browse source
This commit is contained in:
Rouven Seifert 2024-03-25 19:06:38 +01:00
parent dcb384b1cd
commit 4fcf655dc4
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
5 changed files with 16 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
flake.lock
View file

@ -398,11 +398,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1709309729, "lastModified": 1711389856,
"narHash": "sha256-W6RjXe2/LGFnNGfY9ML4YCDasmqksUWKoMRVPHkIguM=", "narHash": "sha256-fz75+eNnBgYnLvH1PlG6Rxr+YU7mvltyz0MyQQbG1CA=",
"owner": "rouven0", "owner": "rouven0",
"repo": "purge", "repo": "purge",
"rev": "0d083d35316101755d2ecb9bba32fefc42df914d", "rev": "4efddb7c14ac11e20f1fa7cfc98711c47ad75bad",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
hosts/falkenstein/modules/nginx/default.nix
View file

@ -5,6 +5,8 @@
services.nginx.virtualHosts = mkOption { services.nginx.virtualHosts = mkOption {
type = types.attrsOf (types.submodule type = types.attrsOf (types.submodule
({ name, ... }: { ({ name, ... }: {
enableACME = true;
forceSSL = true;
# enable http3 for all hosts # enable http3 for all hosts
quic = true; quic = true;
http3 = true; http3 = true;

8
hosts/falkenstein/modules/purge/default.nix
View file

@ -7,6 +7,7 @@ in
file = ../../../../secrets/falkenstein/purge.age; file = ../../../../secrets/falkenstein/purge.age;
}; };
services.purge = { services.purge = {
inherit domain;
enable = true; enable = true;
discord = { discord = {
clientId = "941041925216157746"; clientId = "941041925216157746";
@ -14,11 +15,4 @@ in
tokenFile = config.age.secrets.purge.path; tokenFile = config.age.secrets.purge.path;
}; };
}; };
services.nginx.virtualHosts."${domain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.purge.listenPort}";
};
};
} }

2
hosts/nuc/modules/nginx/default.nix
View file

@ -6,6 +6,8 @@
type = types.attrsOf (types.submodule type = types.attrsOf (types.submodule
({ name, ... }: { ({ name, ... }: {
# split up nginx access logs per vhost # split up nginx access logs per vhost
enableACME = true;
forceSSL = true;
extraConfig = '' extraConfig = ''
access_log /var/log/nginx/${name}_access.log; access_log /var/log/nginx/${name}_access.log;
error_log /var/log/nginx/${name}_error.log; error_log /var/log/nginx/${name}_error.log;

9
shared/activation.nix
View file

@ -1,9 +1,16 @@
{ config, ... }: { pkgs, config, ... }:
{ {
system.activationScripts.report-nixos-changes = '' system.activationScripts.report-nixos-changes = ''
if [ -e /run/current-system ] && [ -e $systemConfig ]; then if [ -e /run/current-system ] && [ -e $systemConfig ]; then
echo System package diff: echo System package diff:
${config.nix.package}/bin/nix store diff-closures /run/current-system $systemConfig || true ${config.nix.package}/bin/nix store diff-closures /run/current-system $systemConfig || true
fi fi
NO_FORMAT="\033[0m"
F_BOLD="\033[1m"
C_RED="\033[38;5;9m"
${pkgs.diffutils}/bin/cmp --silent \
<(readlink /run/current-system/{initrd,kernel,kernel-modules}) \
<(readlink $systemConfig/{initrd,kernel,kernel-modules}) \
|| echo -e "''${F_BOLD}''${C_RED}Kernel version changed, reboot is advised.''${NO_FORMAT}"
''; '';
} }