Compare commits
No commits in common. "312b6bc852cf25c519c47c4d5d084327cebbe848" and "d47b2e90eae571d2b53aa4561730ba3f11ebf1e4" have entirely different histories.
312b6bc852
...
d47b2e90ea
8
.env.age
8
.env.age
|
@ -1,8 +0,0 @@
|
||||||
age-encryption.org/v1
|
|
||||||
-> piv-p256 Vmeusg Apk0u/z04skt4ktJsHDslOrOrwEVcBFzcORCAhbCS48I
|
|
||||||
WbCYJz5qY0fWslurJUKUc5Coa1mnZejTd9iNubBYWv8
|
|
||||||
-> hxTct-grease F
|
|
||||||
Nsg4ckSmYxQxGekmQjq6ipcIKgxvRoh4S8Jud45XOjKKQG4vLvdrFtwhf+5MqgjP
|
|
||||||
SbvzIs9J1w
|
|
||||||
--- acYQQSnX0IY7NpTZiPQrtR5S7SIY5PrKrRbBRZl7Glo
|
|
||||||
Z²\Vl;Øýá³<C3A1>håò<C3A5>»ÿÚ‚G¨ehÖo„‰Þu¯Ó\ðåg+“ÈkP1+"ziŽI\Æ<01>nùJr´ÚOÂOÙ4íYÐËèÇ3:MAÚèµÌ®á‘õ˜ÄÜ©N·Ë®q=gЈ¦¿³i4‹P§‡ÝpMQµâÆðXD<Ò1@èM¨™9ˆô9‚çd$2ÔKtâî¡ÝRÙ<52>c"1”Nèžl4+J÷Ç<10>wÆ/³N_\«„M·UÇ©(·ÞÖba?0[†sÑCq¸Û@•C`"cXçË,WúªÌî2[ˆÛ²=ç|Í•"šÎ½Æp<y"Náco’Šéqø7ê²<C3AA>kÕÌò”rÝ;=KQu¬ÉÏ=Œ–~ÛMØÁ>÷T
|
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -41,4 +41,3 @@ terraform.rc
|
||||||
output/
|
output/
|
||||||
result
|
result
|
||||||
.direnv/
|
.direnv/
|
||||||
.env
|
|
||||||
|
|
10
flake.nix
10
flake.nix
|
@ -14,9 +14,13 @@
|
||||||
devShells.default = pkgs.mkShell {
|
devShells.default = pkgs.mkShell {
|
||||||
shellHook =
|
shellHook =
|
||||||
''
|
''
|
||||||
set -o allexport
|
bw sync
|
||||||
source .env set
|
export BW_SESSION=$(bw unlock --raw)
|
||||||
+o allexport
|
export VERCEL_API_TOKEN=$(bw list items --search "Vercel API" | jq -r '.[0].notes')
|
||||||
|
export HCLOUD_TOKEN=$(bw list items --search "Hetzner" | jq -r '.[0].fields[] | select(.name | contains("API")) | .value')
|
||||||
|
export TF_VAR_tailscale_key=$(bw list items --search "Tailscale Key" | jq -r '.[0].notes')
|
||||||
|
export CLOUDFLARE_API_TOKEN=$(bw list items --search "CloudFlare" | jq -r '.[0].fields[] | select(.name | contains("Zone API Key")) | .value')
|
||||||
|
# alias terraform='terraform -chdir=terraform'
|
||||||
'';
|
'';
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
pkgs.jq
|
pkgs.jq
|
||||||
|
|
|
@ -100,22 +100,12 @@
|
||||||
};
|
};
|
||||||
nginx = {
|
nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
recommendedGzipSettings = true;
|
logError = "/var/log/nginx/debug.log info";
|
||||||
recommendedBrotliSettings = true;
|
|
||||||
recommendedZstdSettings = true;
|
|
||||||
recommendedOptimisation = true;
|
|
||||||
|
|
||||||
# We can only proxy one port with Tailscale Funnel so we abuse locations instead.
|
# We can only proxy one port with Tailscale Funnel so we abuse locations instead.
|
||||||
virtualHosts."vancouver.gmem.ca" = {
|
virtualHosts."vancouver.gmem.ca" = {
|
||||||
default = true;
|
default = true;
|
||||||
enableACME = false;
|
enableACME = false;
|
||||||
forceSSL = false;
|
forceSSL = false;
|
||||||
locations."/" = {
|
|
||||||
root = "/var/www/";
|
|
||||||
extraConfig = ''
|
|
||||||
error_page 404 /404.html;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
locations."/git/" = {
|
locations."/git/" = {
|
||||||
proxyWebsockets = false; # needed if you need to use WebSocket
|
proxyWebsockets = false; # needed if you need to use WebSocket
|
||||||
extraConfig =
|
extraConfig =
|
||||||
|
@ -150,9 +140,6 @@
|
||||||
DISABLE_REGISTRATION = true;
|
DISABLE_REGISTRATION = true;
|
||||||
COOKIE_SECURE = true;
|
COOKIE_SECURE = true;
|
||||||
};
|
};
|
||||||
actions = {
|
|
||||||
ENABLED = true;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue