Compare commits
3 commits
d47b2e90ea
...
312b6bc852
Author | SHA1 | Date | |
---|---|---|---|
Gabriel Simmer | 312b6bc852 | ||
Gabriel Simmer | 5cf1be37a3 | ||
Gabriel Simmer | e07c3921f4 |
8
.env.age
Normal file
8
.env.age
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> piv-p256 Vmeusg Apk0u/z04skt4ktJsHDslOrOrwEVcBFzcORCAhbCS48I
|
||||||
|
WbCYJz5qY0fWslurJUKUc5Coa1mnZejTd9iNubBYWv8
|
||||||
|
-> hxTct-grease F
|
||||||
|
Nsg4ckSmYxQxGekmQjq6ipcIKgxvRoh4S8Jud45XOjKKQG4vLvdrFtwhf+5MqgjP
|
||||||
|
SbvzIs9J1w
|
||||||
|
--- acYQQSnX0IY7NpTZiPQrtR5S7SIY5PrKrRbBRZl7Glo
|
||||||
|
Z²\Vl;Øýá³<C3A1>håò<C3A5>»ÿÚ‚G¨ehÖo„‰Þu¯Ó\ðåg+“ÈkP1+"ziŽI\Æ<01>nùJr´ÚOÂOÙ4íYÐËèÇ3:MAÚèµÌ®á‘õ˜ÄÜ©N·Ë®q=gЈ¦¿³i4‹P§‡ÝpMQµâÆðXD<Ò1@èM¨™9ˆô9‚çd$2ÔKtâî¡ÝRÙ<52>c"1”Nèžl4+J÷Ç<10>wÆ/³N_\«„M·UÇ©(·ÞÖba?0[†sÑCq¸Û@•C`"cXçË,WúªÌî2[ˆÛ²=ç|Í•"šÎ½Æp<y"Náco’Šéqø7ê²<C3AA>kÕÌò”rÝ;=KQu¬ÉÏ=Œ–~ÛMØÁ>÷T
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -41,3 +41,4 @@ terraform.rc
|
||||||
output/
|
output/
|
||||||
result
|
result
|
||||||
.direnv/
|
.direnv/
|
||||||
|
.env
|
||||||
|
|
10
flake.nix
10
flake.nix
|
@ -14,13 +14,9 @@
|
||||||
devShells.default = pkgs.mkShell {
|
devShells.default = pkgs.mkShell {
|
||||||
shellHook =
|
shellHook =
|
||||||
''
|
''
|
||||||
bw sync
|
set -o allexport
|
||||||
export BW_SESSION=$(bw unlock --raw)
|
source .env set
|
||||||
export VERCEL_API_TOKEN=$(bw list items --search "Vercel API" | jq -r '.[0].notes')
|
+o allexport
|
||||||
export HCLOUD_TOKEN=$(bw list items --search "Hetzner" | jq -r '.[0].fields[] | select(.name | contains("API")) | .value')
|
|
||||||
export TF_VAR_tailscale_key=$(bw list items --search "Tailscale Key" | jq -r '.[0].notes')
|
|
||||||
export CLOUDFLARE_API_TOKEN=$(bw list items --search "CloudFlare" | jq -r '.[0].fields[] | select(.name | contains("Zone API Key")) | .value')
|
|
||||||
# alias terraform='terraform -chdir=terraform'
|
|
||||||
'';
|
'';
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
pkgs.jq
|
pkgs.jq
|
||||||
|
|
|
@ -100,12 +100,22 @@
|
||||||
};
|
};
|
||||||
nginx = {
|
nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
logError = "/var/log/nginx/debug.log info";
|
recommendedGzipSettings = true;
|
||||||
|
recommendedBrotliSettings = true;
|
||||||
|
recommendedZstdSettings = true;
|
||||||
|
recommendedOptimisation = true;
|
||||||
|
|
||||||
# We can only proxy one port with Tailscale Funnel so we abuse locations instead.
|
# We can only proxy one port with Tailscale Funnel so we abuse locations instead.
|
||||||
virtualHosts."vancouver.gmem.ca" = {
|
virtualHosts."vancouver.gmem.ca" = {
|
||||||
default = true;
|
default = true;
|
||||||
enableACME = false;
|
enableACME = false;
|
||||||
forceSSL = false;
|
forceSSL = false;
|
||||||
|
locations."/" = {
|
||||||
|
root = "/var/www/";
|
||||||
|
extraConfig = ''
|
||||||
|
error_page 404 /404.html;
|
||||||
|
'';
|
||||||
|
};
|
||||||
locations."/git/" = {
|
locations."/git/" = {
|
||||||
proxyWebsockets = false; # needed if you need to use WebSocket
|
proxyWebsockets = false; # needed if you need to use WebSocket
|
||||||
extraConfig =
|
extraConfig =
|
||||||
|
@ -140,6 +150,9 @@
|
||||||
DISABLE_REGISTRATION = true;
|
DISABLE_REGISTRATION = true;
|
||||||
COOKIE_SECURE = true;
|
COOKIE_SECURE = true;
|
||||||
};
|
};
|
||||||
|
actions = {
|
||||||
|
ENABLED = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue