update truck simulator

nginx: remove useless enableACME options
purge: update
2024-11-15 05:13:10 +01:00 · 2024-03-25 20:35:26 +01:00 · 2024-03-25 19:09:28 +01:00 · 2024-03-25 19:06:38 +01:00 · 2024-03-25 19:06:25 +01:00
12 changed files with 46 additions and 68 deletions
--- a/flake.lock
+++ b/flake.lock
@ -398,11 +398,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1709309729,
-        "narHash": "sha256-W6RjXe2/LGFnNGfY9ML4YCDasmqksUWKoMRVPHkIguM=",
+        "lastModified": 1711391819,
+        "narHash": "sha256-sNI0PLFXvFM5M6h9PYrbF+IfL199OYLRz875lNZ9Y0Q=",
        "owner": "rouven0",
        "repo": "purge",
-        "rev": "0d083d35316101755d2ecb9bba32fefc42df914d",
+        "rev": "e82088390a446b6ad1f4df92d62478ea557d98de",
        "type": "github"
      },
      "original": {
@ -414,11 +414,11 @@
    "river": {
      "flake": false,
      "locked": {
-        "lastModified": 1711277167,
-        "narHash": "sha256-i+5wQkGsiyN/LaGfuj306tdiv+7vcbgahL9JvscM4iw=",
+        "lastModified": 1711393006,
+        "narHash": "sha256-vwOJIc2gUUa8MuiEzV/phB2sAl5pWdC6mnivNimmXqk=",
        "ref": "refs/heads/master",
-        "rev": "12de175e115f08d1a77b438910ba6dc58a3d80af",
-        "revCount": 1216,
+        "rev": "4d0315b56596868d5ae39d18fe74d8be5c4ac50d",
+        "revCount": 1220,
        "submodules": true,
        "type": "git",
        "url": "https://github.com/riverwm/river"
@ -507,11 +507,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1710096282,
-        "narHash": "sha256-t4190TfQUJoqaFEUX4DNGMDaQ+rJJxffwir0EEwnfDY=",
+        "lastModified": 1711395032,
+        "narHash": "sha256-2fH6TXdPKZaTx6NXucFn7HaFDZ9vC1ebTql5XkdkWTI=",
        "owner": "rouven0",
        "repo": "TruckSimulatorBot",
-        "rev": "da4e4e1908aebc93744cbbe9a7867a9b60da02e9",
+        "rev": "4776a2235fffb96aa8fcc8e33d39af17907754ae",
        "type": "github"
      },
      "original": {
--- a/hosts/falkenstein/modules/mail/rspamd.nix
+++ b/hosts/falkenstein/modules/mail/rspamd.nix
@ -39,8 +39,6 @@
      };
    };
    nginx.virtualHosts."rspamd.${config.networking.domain}" = {
-      enableACME = true;
-      forceSSL = true;
      locations = {
        "/" = {
          proxyPass = "http://127.0.0.1:11334";
--- a/hosts/falkenstein/modules/nginx/default.nix
+++ b/hosts/falkenstein/modules/nginx/default.nix
@ -5,6 +5,8 @@
    services.nginx.virtualHosts = mkOption {
      type = types.attrsOf (types.submodule
        ({ name, ... }: {
+          enableACME = true;
+          forceSSL = true;
          # enable http3 for all hosts
          quic = true;
          http3 = true;
@ -50,8 +52,6 @@
        recommendedGzipSettings = true;
        recommendedOptimisation = true;
        virtualHosts."${config.networking.domain}" = {
-          enableACME = true;
-          forceSSL = true;
          root = "/srv/web/${config.networking.domain}";
          locations = {
            "/.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
--- a/hosts/falkenstein/modules/purge/default.nix
+++ b/hosts/falkenstein/modules/purge/default.nix
@ -7,6 +7,7 @@ in
    file = ../../../../secrets/falkenstein/purge.age;
  };
  services.purge = {
+    inherit domain;
    enable = true;
    discord = {
      clientId = "941041925216157746";
@ -14,11 +15,4 @@ in
      tokenFile = config.age.secrets.purge.path;
    };
  };
-  services.nginx.virtualHosts."${domain}" = {
-    enableACME = true;
-    forceSSL = true;
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:${toString config.services.purge.listenPort}";
-    };
-  };
 }
--- a/hosts/falkenstein/modules/trucksimulatorbot/default.nix
+++ b/hosts/falkenstein/modules/trucksimulatorbot/default.nix
@ -1,9 +1,10 @@
-{ config, pkgs, trucksimulatorbot, ... }:
+{ config, pkgs, ... }:
 let
  domain = "trucks.${config.networking.domain}";
 in
 {
  services.trucksimulatorbot = {
+    inherit domain;
    enable = true;
    discord = {
      clientId = "831052837353816066";
@ -23,20 +24,4 @@ in
    ];
    ensureDatabases = [ "trucksimulator" ];
  };
-  services.nginx.virtualHosts = {
-    "${domain}" = {
-      enableACME = true;
-      forceSSL = true;
-      locations."/invite".return = "301 https://discord.com/api/oauth2/authorize?client_id=831052837353816066&permissions=262144&scope=bot%20applications.commands";
-      locations."/" = {
-        proxyPass = "http://127.0.0.1:${toString config.services.trucksimulatorbot.listenPort}";
-      };
-      locations."/images/" = {
-        proxyPass = "http://127.0.0.1:${toString config.services.trucksimulatorbot.images.listenPort}/";
-      };
-      locations."/docs" = {
-        root = "${trucksimulatorbot.packages.x86_64-linux.docs}";
-      };
-    };
-  };
 }
--- a/hosts/nuc/modules/cache/default.nix
+++ b/hosts/nuc/modules/cache/default.nix
@ -11,8 +11,6 @@ in
    secretKeyFile = config.age.secrets.cache.path;
  };
  services.nginx.virtualHosts."${domain}" = {
-    enableACME = true;
-    forceSSL = true;
    locations."/" = {
      proxyPass = "http://127.0.0.1:${toString config.services.nix-serve.port}";
    };
--- a/hosts/nuc/modules/matrix/default.nix
+++ b/hosts/nuc/modules/matrix/default.nix
@ -67,10 +67,6 @@ in
      virtualHosts = {
        # synapse
        "${domain}" = {
-          enableACME = true;
-          forceSSL = true;
-
-
          # locations."/".extraConfig = "return 404;";

          # # proxy to synapse
@ -83,9 +79,6 @@ in

        # element
        "${domainClient}" = {
-          enableACME = true;
-          forceSSL = true;
-
          root = pkgs.element-web.override {
            conf = {
              default_server_config = {
--- a/hosts/nuc/modules/nginx/default.nix
+++ b/hosts/nuc/modules/nginx/default.nix
@ -6,6 +6,8 @@
      type = types.attrsOf (types.submodule
        ({ name, ... }: {
          # split up nginx access logs per vhost
+          enableACME = true;
+          forceSSL = true;
          extraConfig = ''
            access_log /var/log/nginx/${name}_access.log;
            error_log /var/log/nginx/${name}_error.log;
--- a/hosts/nuc/modules/seafile/default.nix
+++ b/hosts/nuc/modules/seafile/default.nix
@ -12,8 +12,6 @@ in
    seafileSettings.fileserver.port = 8083;
  };
  services.nginx.virtualHosts."${domain}" = {
-    enableACME = true;
-    forceSSL = true;
    locations."/" = {
      proxyPass = "http://unix:/run/seahub/gunicorn.sock";
    };
--- a/hosts/nuc/modules/vaultwarden/default.nix
+++ b/hosts/nuc/modules/vaultwarden/default.nix
@ -30,8 +30,6 @@ in
    ensureDatabases = [ "vaultwarden" ];
  };
  services.nginx.virtualHosts."${domain}" = {
-    enableACME = true;
-    forceSSL = true;
    locations."/" = {
      proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.rocketPort}";
    };
--- a/hosts/thinkpad/hardware-configuration.nix
+++ b/hosts/thinkpad/hardware-configuration.nix
@ -9,6 +9,7 @@
  environment.systemPackages = with pkgs; [
    nvme-cli
    intel-gpu-tools
+    nvtopPackages.intel
    lm_sensors
    pciutils
  ];
@ -35,43 +36,47 @@
  };


-#  fileSystems."/" =
-#    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
-#      fsType = "btrfs";
-#      options = [ "subvol=root" ];
- #   };
+  #  fileSystems."/" =
+  #    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
+  #      fsType = "btrfs";
+  #      options = [ "subvol=root" ];
+  #   };

  fileSystems."/home" =
-    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
+    {
+      device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
      fsType = "btrfs";
      options = [ "subvol=home" "compress=zstd" ];
    };

  fileSystems."/nix" =
-    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
+    {
+      device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
      fsType = "btrfs";
-      options = [ "subvol=nix" "compress=zstd" "noatime"];
+      options = [ "subvol=nix" "compress=zstd" "noatime" ];
    };

  fileSystems."/var/log" =
-    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
+    {
+      device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
      fsType = "btrfs";
      options = [ "subvol=log" "compress=zstd" ];
    };

  fileSystems."/var/lib" =
-    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
+    {
+      device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
      fsType = "btrfs";
      options = [ "subvol=lib" "compress=zstd" ];
    };


-   fileSystems."/" =
-     {
-       device = "tmpfs";
-       fsType = "tmpfs";
-       options = [ "mode=755" ];
-     };
+  fileSystems."/" =
+    {
+      device = "tmpfs";
+      fsType = "tmpfs";
+      options = [ "mode=755" ];
+    };

  fileSystems."/boot" =
    {
--- a/shared/activation.nix
+++ b/shared/activation.nix
@ -1,9 +1,16 @@
-{ config, ... }:
+{ pkgs, config, ... }:
 {
  system.activationScripts.report-nixos-changes = ''
    if [ -e /run/current-system ] && [ -e $systemConfig ]; then
      echo System package diff:
      ${config.nix.package}/bin/nix store diff-closures /run/current-system $systemConfig || true
    fi
+    NO_FORMAT="\033[0m"
+    F_BOLD="\033[1m"
+    C_RED="\033[38;5;9m"
+    ${pkgs.diffutils}/bin/cmp --silent \
+      <(readlink /run/current-system/{initrd,kernel,kernel-modules}) \
+      <(readlink $systemConfig/{initrd,kernel,kernel-modules}) \
+      || echo -e "''${F_BOLD}''${C_RED}Kernel version changed, reboot is advised.''${NO_FORMAT}"
  '';
 }
Author	SHA1	Message	Date
Rouven Seifert	b429b2c811	update truck simulator	2024-03-25 20:35:26 +01:00
Rouven Seifert	00a670cbf5	nginx: remove useless enableACME options	2024-03-25 19:09:28 +01:00
Rouven Seifert	4fcf655dc4	purge: update	2024-03-25 19:06:38 +01:00
Rouven Seifert	dcb384b1cd	formatting	2024-03-25 19:06:25 +01:00