From 1b234d065d83010b4a26923974e6a465e0769fea Mon Sep 17 00:00:00 2001 From: materus Date: Fri, 20 Oct 2023 23:29:09 +0200 Subject: [PATCH] configurations: update --- configurations/host/materusPC/extraHome.nix | 10 ++ configurations/host/materusPC/network.nix | 2 +- configurations/host/materusPC/scripts.nix | 16 +-- configurations/host/valkyrie/pleroma.nix | 146 -------------------- 4 files changed, 19 insertions(+), 155 deletions(-) delete mode 100644 configurations/host/valkyrie/pleroma.nix diff --git a/configurations/host/materusPC/extraHome.nix b/configurations/host/materusPC/extraHome.nix index a68dc94..5aef434 100644 --- a/configurations/host/materusPC/extraHome.nix +++ b/configurations/host/materusPC/extraHome.nix @@ -39,10 +39,20 @@ mold python3 lua + gtk4.dev + gtk4 + miniaudio SDL2.dev SDL2 + freeglut.dev + freeglut boost.dev boost + glew.dev + libGL.dev + libGLU.dev + vulkan-loader.dev + fpc jdk diff --git a/configurations/host/materusPC/network.nix b/configurations/host/materusPC/network.nix index f53db57..845980e 100644 --- a/configurations/host/materusPC/network.nix +++ b/configurations/host/materusPC/network.nix @@ -4,7 +4,7 @@ networking.hostName = "materusPC"; networking.wireless.iwd.enable = true; networking.networkmanager.enable = true; - networking.networkmanager.wifi.backend = "iwd"; + #networking.networkmanager.wifi.backend = "iwd"; networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [ 24800 5900 5357 4656 8080 9943 9944]; networking.firewall.allowedUDPPorts = [ 24800 5900 3702 4656 6000 9943 9944]; diff --git a/configurations/host/materusPC/scripts.nix b/configurations/host/materusPC/scripts.nix index 24c3663..2e9eb02 100644 --- a/configurations/host/materusPC/scripts.nix +++ b/configurations/host/materusPC/scripts.nix @@ -1,44 +1,44 @@ { config, pkgs, lib, inputs, materusFlake, ... }: let valkyrie-sync = pkgs.writeShellScriptBin "valkyrie-sync" '' -${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/Nixerus materus@valkyrie:/materus/config/ && \ +${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/nixos-config materus@valkyrie:/materus/config/ && \ ${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/private/valkyrie materus@valkyrie:/materus/config/private ''; valkyrie-flakelock = pkgs.writeShellScriptBin "valkyrie-flakelock" '' -${pkgs.openssh}/bin/ssh materus@valkyrie "nix flake update /materus/config/Nixerus --override-input nixpkgs github:NixOS/nixpkgs/23.05 \ +${pkgs.openssh}/bin/ssh materus@valkyrie "nix flake update /materus/config/nixos-config --override-input nixpkgs github:NixOS/nixpkgs/23.05 \ --override-input home-manager github:nix-community/home-manager/release-23.05 \ --override-input private /materus/config/private/valkyrie/flake" ''; valkyrie-rebuild-boot = pkgs.writeShellScriptBin "valkyrie-rebuild-boot" '' -${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild boot --flake /materus/config/Nixerus#valkyrie \ +${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild boot --flake /materus/config/nixos-config#valkyrie \ --override-input private /materus/config/private/valkyrie/flake" ''; valkyrie-rebuild-switch = pkgs.writeShellScriptBin "valkyrie-rebuild-switch" '' -${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild switch --flake /materus/config/Nixerus#valkyrie \ +${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild switch --flake /materus/config/nixos-config#valkyrie \ --override-input private /materus/config/private/valkyrie/flake" ''; flamaster-sync = pkgs.writeShellScriptBin "flamaster-sync" '' -${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/Nixerus materus@flamaster:/materus/config/ && \ +${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/nixos-config materus@flamaster:/materus/config/ && \ ${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/private/flamaster materus@flamaster:/materus/config/private ''; flamaster-flakelock = pkgs.writeShellScriptBin "flamaster-flakelock" '' -${pkgs.openssh}/bin/ssh materus@flamaster "nix flake update /materus/config/Nixerus --override-input nixpkgs github:NixOS/nixpkgs/23.05 \ +${pkgs.openssh}/bin/ssh materus@flamaster "nix flake update /materus/config/nixos-config --override-input nixpkgs github:NixOS/nixpkgs/23.05 \ --override-input home-manager github:nix-community/home-manager/release-23.05 \ --override-input private /materus/config/private/flamaster/flake" ''; flamaster-rebuild-boot = pkgs.writeShellScriptBin "flamaster-rebuild-boot" '' -${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild boot --flake /materus/config/Nixerus#flamaster \ +${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild boot --flake /materus/config/nixos-config#flamaster \ --override-input private /materus/config/private/flamaster/flake" ''; flamaster-rebuild-switch = pkgs.writeShellScriptBin "flamaster-rebuild-switch" '' -${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild switch --flake /materus/config/Nixerus#flamaster \ +${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild switch --flake /materus/config/nixos-config#flamaster \ --override-input private /materus/config/private/flamaster/flake" ''; diff --git a/configurations/host/valkyrie/pleroma.nix b/configurations/host/valkyrie/pleroma.nix deleted file mode 100644 index 7bfab5e..0000000 --- a/configurations/host/valkyrie/pleroma.nix +++ /dev/null @@ -1,146 +0,0 @@ -{ config, pkgs, lib, materusFlake, ... }: -let - - socketPath = "/run/pleroma/http.sock"; - - - socketChmod = with pkgs; with lib; pkgs.writers.writeBashBin "pleroma-socket" - '' - coproc { - ${inotify-tools}/bin/inotifywait -q -m -e create ${escapeShellArg (dirOf socketPath)} - } - - trap 'kill "$COPROC_PID"' EXIT TERM - - until ${pkgs.coreutils}/bin/test -S ${escapeShellArg socketPath} - do read -r -u "''${COPROC[0]}" - done - - ${pkgs.coreutils}/bin/chmod 0666 ${socketPath} - ''; - - soapbox = pkgs.stdenv.mkDerivation rec { - pname = "soapbox"; - version = "v3.2.0"; - dontBuild = true; - dontConfigure = true; - src = pkgs.fetchurl { - name = "soapbox"; - url = "https://gitlab.com/soapbox-pub/soapbox/-/jobs/artifacts/${version}/download?job=build-production"; - sha256 = "sha256-AdW6JK7JkIKLZ8X+N9STeOHqmGNUdhcXyC9jsQPTa9o="; - }; - nativeBuildInputs = [pkgs.unzip]; - unpackPhase = '' - unzip $src -d . - ''; - installPhase = '' - mv ./static $out - ''; - - }; - -in -{ - systemd.tmpfiles.rules = [ - "d /var/lib/pleroma 0766 pleroma pleroma -" - "d /var/lib/pleroma/static 0766 pleroma pleroma -" - "d /var/lib/pleroma/uploads 0766 pleroma pleroma -" - "L+ /var/lib/pleroma/static/frontends/soapbox/${soapbox.version} 0766 pleroma pleroma - ${soapbox}" - ]; - - services.nginx.virtualHosts."podkos.xyz" = { - http2 = true; - useACMEHost = "podkos.xyz"; - forceSSL = true; - locations."/" = { - proxyPass = "http://unix:${socketPath}"; - extraConfig = '' - etag on; - gzip on; - - add_header 'Access-Control-Allow-Origin' '*' always; - add_header 'Access-Control-Allow-Methods' 'POST, PUT, DELETE, GET, PATCH, OPTIONS' always; - add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Idempotency-Key' always; - add_header 'Access-Control-Expose-Headers' 'Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id' always; - if ($request_method = OPTIONS) { - return 204; - } - - add_header X-XSS-Protection "1; mode=block"; - add_header X-Permitted-Cross-Domain-Policies none; - add_header X-Frame-Options DENY; - add_header X-Content-Type-Options nosniff; - add_header Referrer-Policy same-origin; - add_header X-Download-Options noopen; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $host; - - client_max_body_size 8m; - - - ''; - }; - - }; - systemd.services.pleroma.serviceConfig = { - RuntimeDirectory = "pleroma"; - RuntimeDirectoryPreserve = true; - - - ExecStartPost = "${socketChmod}/bin/pleroma-socket"; - ExecStopPost = ''${pkgs.coreutils}/bin/rm -f ${socketPath}''; - }; - - - - - services.pleroma = { - enable = true; - secretConfigFile = "/var/lib/pleroma/secrets.exs"; - configs = [ - '' - import Config - - config :pleroma, Pleroma.Web.Endpoint, - url: [host: "podkos.xyz", scheme: "https", port: 443], - http: [ip: {:local, "${socketPath}"}, port: 0] - - config :pleroma, :instance, - name: "Podziemia Kosmosu", - email: "admin@podkos.xyz", - notify_email: "noreply@podkos.xyz", - limit: 5000, - registrations_open: false - - config :pleroma, :media_proxy, - enabled: false, - redirect_on_failure: true - - config :pleroma, Pleroma.Repo, - adapter: Ecto.Adapters.Postgres, - socket: "/run/postgresql/.s.PGSQL.5432", - username: "pleroma", - database: "pleroma" - - - # Configure web push notifications - config :web_push_encryption, :vapid_details, - subject: "mailto:admin@podkos.x yz" - config :pleroma, :frontends, - primary: %{ - "name" => "soapbox", - "ref" => "${soapbox.version}" - } - - config :pleroma, :database, rum_enabled: false - config :pleroma, :instance, static_dir: "/var/lib/pleroma/static" - config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/pleroma/uploads" - - config :pleroma, configurable_from_database: true - config :pleroma, Pleroma.Upload, filters: [Pleroma.Upload.Filter.AnonymizeFilename] - '' - ]; - }; -}