arch/infra
arch/infra
1
0
Fork 0
Code Actions Packages Activity

nix-cache -> stream
Some checks failed
Lint / lint (push) Failing after 1m46s
Details

Browse source
This commit is contained in:
Gabriel Simmer 2024-01-10 19:06:54 +00:00
parent d4772acd38
commit a984899696
Signed by: arch
SSH key fingerprint: SHA256:m3OEcdtrnBpMX+2BDGh/byv3hrCekCLzDYMdvGEKPPQ
4 changed files with 37 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

48
flake.lock
View file

@ -223,11 +223,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1703368619, "lastModified": 1704498488,
"narHash": "sha256-ZGPMYL7FMA6enhuwby961bBANmoFX14EA86m2/Jw5Jo=", "narHash": "sha256-yINKdShHrtjdiJhov+q0s3Y3B830ujRoSbHduUNyKag=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "a2523ea0343b056ba240abbac90ab5f116a7aa7b", "rev": "51e44a13acea71b36245e8bd8c7db53e0a3e61ee",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -263,11 +263,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1702814943, "lastModified": 1704629345,
"narHash": "sha256-tNKSDbtoEDfCTs30dyW0Fcj4KJpjzTRASL6f2BbuSKE=", "narHash": "sha256-cWrno5kSY2cCaWIl97Ae4/iZ9rnMLlm0VrwRqdzIESk=",
"owner": "nix-community", "owner": "nix-community",
"repo": "lib-aggregate", "repo": "lib-aggregate",
"rev": "ac8b1c4cfb2f9111e709aaf503511df354e86733", "rev": "3e408e7391e9d778f48861bb9da08ac54e01441a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -284,11 +284,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1702815315, "lastModified": 1703466376,
"narHash": "sha256-LEpv7kvB7KPj/6BoNYWMcVjRezTJe6FNmg5kCKZQxMk=", "narHash": "sha256-Wy8iF8u5KSzrTxg1hStTBmUjzzKdKyCyMOg8b/eTvVQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-eval-jobs", "repo": "nix-eval-jobs",
"rev": "3c6e1234af3aa26fc60d0969619cf6806ec51639", "rev": "64104a3c55593c903af78af86a4c9d2e5487a2d7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -391,11 +391,11 @@
}, },
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1702774034, "lastModified": 1704588527,
"narHash": "sha256-M0IsUA89EKHL8IDx9bf+e2W2l1kMRpaZ4h08navMXig=", "narHash": "sha256-YECXW8P0bqFM5e65Mu2fL4wZlonNWCuNEk7UQPsuJZ0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "9b4f1493009b8d2f55a525a01de10addc9a0a752", "rev": "be8e58791dcfa2b98b512c2a1bdf3bd94a38790b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -414,11 +414,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1703373312, "lastModified": 1704684968,
"narHash": "sha256-kVmScLYGHsdAUDn0m3LcE0lIgCH4O+0LSZzPvr3z64w=", "narHash": "sha256-h+lSV/cfnfE5//dHefL154mgvaEmTz13ehI7eb/Hph0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs-wayland", "repo": "nixpkgs-wayland",
"rev": "5f8175aebc87daabacc564c26614c1241a1c6e76", "rev": "17d7827cd61e7e6bdc732c4817ea4da26ab0b47b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -477,11 +477,11 @@
}, },
"nixpkgs_5": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1703134684, "lastModified": 1704626572,
"narHash": "sha256-SQmng1EnBFLzS7WSRyPM9HgmZP2kLJcPAz+Ug/nug6o=", "narHash": "sha256-VwRTEKzK4wSSv64G+g3RLF3t6yBHrhR2VK3kZ5UWisU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d6863cbcbbb80e71cecfc03356db1cda38919523", "rev": "24fe8bb4f552ad3926274d29e083b79d84707da6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -493,11 +493,11 @@
}, },
"nixpkgs_6": { "nixpkgs_6": {
"locked": { "locked": {
"lastModified": 1702539185, "lastModified": 1703134684,
"narHash": "sha256-KnIRG5NMdLIpEkZTnN5zovNYc0hhXjAgv6pfd5Z4c7U=", "narHash": "sha256-SQmng1EnBFLzS7WSRyPM9HgmZP2kLJcPAz+Ug/nug6o=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "aa9d4729cbc99dabacb50e3994dcefb3ea0f7447", "rev": "d6863cbcbbb80e71cecfc03356db1cda38919523",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -631,11 +631,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1702461037, "lastModified": 1702979157,
"narHash": "sha256-ssyGxfGHRuuLHuMex+vV6RMOt7nAo07nwufg9L5GkLg=", "narHash": "sha256-RnFBbLbpqtn4AoJGXKevQMCGhra4h6G2MPcuTSZZQ+g=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "d06b70e5163a903f19009c3f97770014787a080f", "rev": "2961375283668d867e64129c22af532de8e77734",
"type": "github" "type": "github"
}, },
"original": { "original": {

4
flake.nix
View file

@ -148,10 +148,10 @@
} }
]; ];
}; };
oracle-tunnel = nixpkgs.lib.nixosSystem { oracle-stream = nixpkgs.lib.nixosSystem {
system = "aarch64-linux"; system = "aarch64-linux";
modules = [ modules = [
(import ./nix/oracle-nix-cache/configuration.nix) (import ./nix/oracle-stream/configuration.nix)
{ {
_module.args.nixinate = { _module.args.nixinate = {
host = "100.98.25.34"; host = "100.98.25.34";

46
nix/oracle-nix-cache/configuration.nix → nix/oracle-stream/configuration.nix
View file

@ -29,7 +29,7 @@
}; };
networking = { networking = {
hostName = "nix-cache"; hostName = "stream";
domain = "gmem.ca"; domain = "gmem.ca";
firewall = { firewall = {
trustedInterfaces = ["tailscale0"]; trustedInterfaces = ["tailscale0"];
@ -71,6 +71,11 @@
rpcbind.enable = true; rpcbind.enable = true;
openssh.enable = true; openssh.enable = true;
tailscale.enable = true; tailscale.enable = true;
owncast = {
enable = true;
port = 8080;
openFirewall = false;
};
nginx = { nginx = {
enable = true; enable = true;
recommendedProxySettings = true; recommendedProxySettings = true;
@ -80,49 +85,20 @@
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
virtualHosts = { virtualHosts = {
"git.gmem.ca" = { "stream.gmem.ca" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://100.116.48.47"; proxyPass = "http://127.0.0.1:8080";
proxyWebsockets = true;
extraConfig = extraConfig =
'' ''
client_max_body_size 100M; client_max_body_size 100M;
proxy_pass_header Authorization;
''; '';
}; };
}; };
"food.gmem.ca" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://100.77.43.133";
extraConfig =
''
client_max_body_size 100M;
'';
};
};
"authentik.gmem.ca" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyWebsockets = true;
proxyPass = "https://pi.gmem.ca";
recommendedProxySettings = true;
};
};
"photos.gmem.ca" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyWebsockets = true;
proxyPass = "https://pi.gmem.ca";
recommendedProxySettings = true;
extraConfig = ''
client_max_body_size 50000M;
'';
};
};
}; };
}; };
}; };

0
nix/oracle-nix-cache/hardware.nix → nix/oracle-stream/hardware.nix
View file