add README, conduit

2026-01-13 05:53:57 +01:00
parent b25ce469b6
commit dcb82ed361
6 changed files with 49 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -1,3 +1,5 @@
 see TODO.md for my aspirations
 ## usage
 ### install
--- a/TODO.md
+++ b/TODO.md
@@ -0,0 +1,19 @@
 - add other remote
 - fully automate remote provisioning (remote keys)
 - fix ipv6 on remotes
 - modularize home manager
 - add services?
    - 0x0
    - forgejo
    - matrix homeserver
    - matrix webclient
    - radicale
    - rocket.chat or something better than zulip
    - tor relay
    - wireguard as vpn
 - add home functionality
    - better term emulator
    - switch browser?
        - chromium: much better sandboxing
        - ladybird: be an early tester, contribute
        - glide: sexier tridactyl implementation
--- a/modules/nixos/matrix-conduit.nix
+++ b/modules/nixos/matrix-conduit.nix
@@ -0,0 +1,13 @@
 {config, ...}: {
  services.matrix-conduit = {
    enable = true;
    settings.global = {
      server_name = "${config.networking.domain}";
      address = "localhost";
      database_backend = "rocksdb";
      allow_registration = true;
      allow_federation = true;
    };
    secretFile = config.age.secrets.conduit-secretFile.path;
  };
 }
--- a/pub-keys.nix
+++ b/pub-keys.nix
@@ -1,6 +1,7 @@
 {
  age.secrets = {
    andromeda-pw.file = ./secrets/andromeda-pw.age;
    conduit-secretFile.file = ./secrets/conduit-secretFile.age;
    "dkim-galaxious.de.mail.key".file = ./secrets/dkim-galaxious.de.mail.key.age;
    mtgmonkey-pw.file = ./secrets/mtgmonkey-pw.age;
    mailserver-acc-test-pw.file = ./secrets/mailserver-acc-test-pw.age;
--- a/secrets/conduit-secretFile.age
+++ b/secrets/conduit-secretFile.age
@@ -0,0 +1,9 @@
 age-encryption.org/v1
 -> ssh-ed25519 mT2fyg x0n1JToeD7bRsDYJpv0HFzQYB9YxxiSqt+dG6elG1Eg
 vspLec9Vm6fvJnlDGjzezThc1qeIYyWncBxYwsE/6rg
 -> ssh-ed25519 UHxfvA nOlZo53SINXJs8tt/vdoiGjMnIW/lYZVdI8TJfAFqxE
 XlxvrHDFlm8c7odfNbBw0/QeYuCj5e4VValql5JNNgg
 -> ssh-ed25519 yXDKAA Rf+obXBUKxOcMqrb6rlOSfZGyjkj1PnRvHUSDToj6Tw
 XV/3FmC48Wcg9r3C5soRKBwOcBgat2ueAa8pU1MUYLE
 --- l/eEq13iyiddR9Rgf47Mv8JxPfjINwCnU4pd3KyxMVQ
 ^P%ÔÏ¦‚Û}ÌÝM¤Ñù&ß¢Ù‡óQ¬?d^ØYú	Ã~øTuÃï±oÍfž´·7¬nÙ'!'Í“ã††µ]dÍ‡0>vÆÇŸ¸Ü.Ÿ€E]˜šÔ‡|‰>d— *wDÉ<44>‹¿à<C2AD>›)cH<63>êÁ@W<>v*šWk<57>õéN¤ÎRßF	I@¶ê;9=u¬–Í’¬°°Ï„Œ,—‘©)Ÿ>bÁÝ:O«Jð=´W
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -8,6 +8,11 @@ in {
  "andromeda-pw.age".publicKeys = [andromeda lenovo];
  "mtgmonkey-pw.age".publicKeys = [andromeda lenovo];
  # contains the following env
  # CONDUIT_JWT_SECRET
  # CONDUIT_TURN_SECRET
  "conduit-secretFile.age".publicKeys = [andromeda lenovo _109-199-104-83];
  # dkim private keys
  "dkim-galaxious.de.mail.key.age".publicKeys = [andromeda lenovo _109-199-104-83];