Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-03-25 21:30:52 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: Luj:fdada747e18288c69a6a9c71f4a8b6c0df455f1e
Branches Tags
Luj:main
...
compare: Luj:10f670ff7b338ac9c2970d16bdba1ecff75959e6
Branches Tags
Luj:main

2 commits
fdada747e1 ... 10f670ff7b

Author SHA1 Message Date
Julien Malka
10f670ff7b
fix(perf): deploy personal page using s3 2025-01-12 00:52:54 +01:00
Julien Malka
5e7b5ab4a8
feat(gustave): disable mastodon 
At the end of the day, we are not going to self-host it
 2025-01-12 00:13:39 +01:00
5 changed files with 7 additions and 48 deletions
Show stats Expand all files Collapse all files

6
machines/biblios/garage.nix
View file

@ -53,7 +53,7 @@ in
services.nginx.virtualHosts."cdn.luj.fr" = { services.nginx.virtualHosts."cdn.luj.fr" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
serverAliases = [ "cdn.social.luj.fr" ]; serverAliases = [ "luj.fr" ];
locations."/".extraConfig = '' locations."/".extraConfig = ''
proxy_pass http://127.0.0.1:3902; proxy_pass http://127.0.0.1:3902;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@ -61,10 +61,10 @@ in
''; '';
}; };
machine.meta.zones."luj.fr".subdomains."social".subdomains."cdn".A = [ machine.meta.zones."luj.fr".A = [
config.machine.meta.ips.public.ipv4 config.machine.meta.ips.public.ipv4
]; ];
machine.meta.zones."luj.fr".subdomains."social".subdomains."cdn".AAAA = [ machine.meta.zones."luj.fr".AAAA = [
config.machine.meta.ips.public.ipv6 config.machine.meta.ips.public.ipv6
]; ];

5
machines/gustave/default.nix
View file

@ -11,12 +11,12 @@
./home-julien.nix ./home-julien.nix
./nsd.nix ./nsd.nix
./borg.nix ./borg.nix
./pages.nix # Performance is not as good as we expected, wait for pages v3
# ./pages.nix
./readeck.nix ./readeck.nix
./plausible.nix ./plausible.nix
./nextcloud.nix ./nextcloud.nix
./glance.nix ./glance.nix
./mastodon.nix
]; ];
machine.meta = { machine.meta = {
@ -26,6 +26,7 @@
profiles = with profiles; [ profiles = with profiles; [
vm-simple-network vm-simple-network
server server
behind-sniproxy
]; ];
ips = { ips = {
public.ipv4 = "82.67.34.230"; public.ipv4 = "82.67.34.230";

41
machines/gustave/mastodon.nix
View file

@ -1,41 +0,0 @@
{ config, ... }:
{
age.secrets."mastodon-env".file = ../../secrets/mastodon-env.age;
services.mastodon = {
enable = true;
localDomain = "social.luj.fr";
configureNginx = true;
extraConfig.SINGLE_USER_MODE = "true";
streamingProcesses = 10;
extraConfig = {
OIDC_ENABLED = "true";
OIDC_DISPLAY_NAME = "Luj - SSO";
OIDC_DISCOVERY = "true";
OIDC_ISSUER = "https://auth.luj.fr/oauth2/openid/mastodon";
OIDC_SCOPE = "openid,profile,email";
OIDC_UID_FIELD = "email";
OIDC_CLIENT_ID = "mastodon";
OIDC_REDIRECT_URI = "https://social.luj.fr/auth/auth/openid_connect/callback";
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED = "true";
ONE_CLICK_SSO_LOGIN = "true";
# S3
S3_ENABLED = "true";
S3_BUCKET = "mastodon";
S3_REGION = "paris";
S3_ENDPOINT = "https://s3.luj.fr";
S3_HOSTNAME = "s3.luj.fr";
S3_ALIAS_HOST = "cdn.social.luj.fr";
SMTP_SERVER = "mail.luj.fr";
SMTP_PORT = "587";
SMTP_FROM_ADDRESS = "infra@luj.fr";
SMTP_LOGIN = "luj";
};
extraEnvFiles = [ config.age.secrets."mastodon-env".path ];
};
}

2
machines/gustave/nsd.nix
View file

@ -101,8 +101,6 @@ lib.mkMerge [
networking.firewall.allowedUDPPorts = [ 53 ]; networking.firewall.allowedUDPPorts = [ 53 ];
networking.firewall.allowedTCPPorts = [ 53 ]; networking.firewall.allowedTCPPorts = [ 53 ];
machine.meta.zones."luj.fr".A = [ config.machine.meta.ips.public.ipv4 ];
machine.meta.zones."luj.fr".AAAA = [ config.machine.meta.ips.public.ipv6 ];
machine.meta.zones."luj.fr".TXT = [ "homepage.luj.luj-static.page" ]; machine.meta.zones."luj.fr".TXT = [ "homepage.luj.luj-static.page" ];
machine.meta.monitors = { machine.meta.monitors = {

1
machines/tower/forgejo-runner.nix
View file

@ -20,6 +20,7 @@
bash bash
coreutils coreutils
curl curl
awscli2
]; ];
}; };
}; };