Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-04-02 02:00:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: Luj:fdada747e18288c69a6a9c71f4a8b6c0df455f1e
Branches Tags
Luj:main
..
compare: Luj:dd163b483ea289580fe8117e32578c17618dd8b8
Branches Tags
Luj:main

No commits in common. "fdada747e18288c69a6a9c71f4a8b6c0df455f1e" and "dd163b483ea289580fe8117e32578c17618dd8b8" have entirely different histories.
fdada747e1 ... dd163b483e

6 changed files with 0 additions and 218 deletions
Show stats Expand all files Collapse all files

25
machines/biblios/garage.nix
View file

@ -21,12 +21,6 @@ in
api_bind_addr = "[::]:3900"; api_bind_addr = "[::]:3900";
root_domain = ".${api_domain}"; root_domain = ".${api_domain}";
}; };
s3_web = {
bind_addr = "127.0.0.1:3902";
root_domain = ".cdn.luj.fr";
index = "index.html";
};
rpc_bind_addr = "[::]:3901"; rpc_bind_addr = "[::]:3901";
rpc_public_addr = "127.0.0.1:3901"; rpc_public_addr = "127.0.0.1:3901";
@ -49,23 +43,4 @@ in
''; '';
}; };
}; };
services.nginx.virtualHosts."cdn.luj.fr" = {
enableACME = true;
forceSSL = true;
serverAliases = [ "cdn.social.luj.fr" ];
locations."/".extraConfig = ''
proxy_pass http://127.0.0.1:3902;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
'';
};
machine.meta.zones."luj.fr".subdomains."social".subdomains."cdn".A = [
config.machine.meta.ips.public.ipv4
];
machine.meta.zones."luj.fr".subdomains."social".subdomains."cdn".AAAA = [
config.machine.meta.ips.public.ipv6
];
} }

2
machines/gustave/default.nix
View file

@ -15,8 +15,6 @@
./readeck.nix ./readeck.nix
./plausible.nix ./plausible.nix
./nextcloud.nix ./nextcloud.nix
./glance.nix
./mastodon.nix
]; ];
machine.meta = { machine.meta = {

144
machines/gustave/glance.nix
View file

@ -1,144 +0,0 @@
{ config, ... }:
{
services.glance = {
enable = true;
settings = {
pages = [
{
center-vertically = true;
columns = [
{
size = "full";
widgets = [
{
autofocus = true;
type = "search";
search-engine = "google";
}
{
cache = "1m";
sites = [
{
icon = "si:jellyfin";
title = "Jellyfin";
url = "https://yourdomain.com/";
}
{
icon = "si:gitea";
title = "Gitea";
url = "https://yourdomain.com/";
}
{
icon = "si:qbittorrent";
title = "qBittorrent";
url = "https://yourdomain.com/";
}
{
icon = "si:immich";
title = "Immich";
url = "https://yourdomain.com/";
}
{
icon = "si:adguard";
title = "AdGuard Home";
url = "https://yourdomain.com/";
}
{
icon = "si:vaultwarden";
title = "Vaultwarden";
url = "https://yourdomain.com/";
}
];
title = "Services";
type = "monitor";
}
{
type = "lobsters";
sort-by = "hot";
limit = 15;
collapse-after = 5;
}
{
type = "repository";
repository = "SaumonNet/proxmox-nixos";
pull-requests-limit = 5;
issues-limit = 3;
}
{
groups = [
{
links = [
{
title = "Gmail";
url = "https://mail.google.com/mail/u/0/";
}
{
title = "Amazon";
url = "https://www.amazon.com/";
}
{
title = "Github";
url = "https://github.com/";
}
];
title = "General";
}
{
links = [
{
title = "YouTube";
url = "https://www.youtube.com/";
}
{
title = "Prime Video";
url = "https://www.primevideo.com/";
}
{
title = "Disney+";
url = "https://www.disneyplus.com/";
}
];
title = "Entertainment";
}
{
links = [
{
title = "Reddit";
url = "https://www.reddit.com/";
}
{
title = "Twitter";
url = "https://twitter.com/";
}
{
title = "Instagram";
url = "https://www.instagram.com/";
}
];
title = "Social";
}
];
type = "bookmarks";
}
];
}
];
hide-desktop-navigation = true;
name = "Startpage";
width = "slim";
}
];
};
};
services.nginx.virtualHosts = {
"dashboard.luj" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.glance.settings.server.port}";
};
};
};
}

41
machines/gustave/mastodon.nix
View file

@ -1,41 +0,0 @@
{ config, ... }:
{
age.secrets."mastodon-env".file = ../../secrets/mastodon-env.age;
services.mastodon = {
enable = true;
localDomain = "social.luj.fr";
configureNginx = true;
extraConfig.SINGLE_USER_MODE = "true";
streamingProcesses = 10;
extraConfig = {
OIDC_ENABLED = "true";
OIDC_DISPLAY_NAME = "Luj - SSO";
OIDC_DISCOVERY = "true";
OIDC_ISSUER = "https://auth.luj.fr/oauth2/openid/mastodon";
OIDC_SCOPE = "openid,profile,email";
OIDC_UID_FIELD = "email";
OIDC_CLIENT_ID = "mastodon";
OIDC_REDIRECT_URI = "https://social.luj.fr/auth/auth/openid_connect/callback";
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED = "true";
ONE_CLICK_SSO_LOGIN = "true";
# S3
S3_ENABLED = "true";
S3_BUCKET = "mastodon";
S3_REGION = "paris";
S3_ENDPOINT = "https://s3.luj.fr";
S3_HOSTNAME = "s3.luj.fr";
S3_ALIAS_HOST = "cdn.social.luj.fr";
SMTP_SERVER = "mail.luj.fr";
SMTP_PORT = "587";
SMTP_FROM_ADDRESS = "infra@luj.fr";
SMTP_LOGIN = "luj";
};
extraEnvFiles = [ config.age.secrets."mastodon-env".path ];
};
}

BIN
secrets/mastodon-env.age
View file

Binary file not shown.

6
secrets/secrets.nix
View file

@ -168,10 +168,4 @@ in
gustave gustave
]; ];
"mastodon-env.age".publicKeys = [
tower
gallifrey
gustave
];
} }