Andromeda/server-configuration
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

fix merge conflicts?

Browse source
This commit is contained in:
mtgmonkey 2025-06-18 14:04:49 -04:00
commit 39b987332b
14 changed files with 130 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

13
cachix.nix Normal file
View file

@ -0,0 +1,13 @@
# WARN: this file will get overwritten by $ cachix use <name>
{ pkgs, lib, ... }:
let
folder = ./cachix;
toImport = name: value: folder + ("/" + name);
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
in {
inherit imports;
nix.settings.substituters = ["https://cache.nixos.org/"];
}

13
cachix/rgit.nix Normal file
View file

@ -0,0 +1,13 @@
{
nix = {
settings = {
substituters = [
"https://rgit.cachix.org"
];
trusted-public-keys = [
"rgit.cachix.org-1:3Wva/GHhrlhbYx+ObbEYQSYq1Yzk8x9OAvEvcYazgL0="
];
};
};
}

9
configuration.nix
View file

@ -12,7 +12,8 @@
networking.domain = ""; networking.domain = "";
networking.firewall = { networking.firewall = {
enable = true; enable = true;
allowedTCPPorts = [80 443]; allowedTCPPorts = [80 443 9418];
allowedUDPPorts = [80 443 9418];
}; };
boot.loader.grub.devices = ["nodev"]; boot.loader.grub.devices = ["nodev"];
@ -34,12 +35,6 @@
''; '';
}; };
services.fail2ban = {
enable = true;
maxretry = 10;
bantime-increment.enable = true;
};
users.users.mtgmonkey = { users.users.mtgmonkey = {
isNormalUser = true; isNormalUser = true;
description = "mtgmonkey"; description = "mtgmonkey";

15
flake.lock generated
View file

@ -119,18 +119,17 @@
}, },
"nixpkgs_4": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1750259320, "lastModified": 1750134718,
"narHash": "sha256-H8J4H2XCIMEJ5g6fZ179QfQvsc2dUqhqfBjC8RAHNRY=", "narHash": "sha256-v263g4GbxXv87hMXMCpjkIxd/viIF7p3JpJrwgKdNiI=",
"owner": "nixos", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9ba04bda9249d5d5e5238303c9755de5a49a79c5", "rev": "9e83b64f727c88a7711a2c463a7b16eedb69a84c",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "id": "nixpkgs",
"ref": "release-25.05", "ref": "nixos-unstable",
"repo": "nixpkgs", "type": "indirect"
"type": "github"
} }
}, },
"nixpkgs_5": { "nixpkgs_5": {

5
flake.nix
View file

@ -1,7 +1,7 @@
{ {
description = "server flake"; description = "server flake";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/release-25.05"; nixpkgs.url = "nixpkgs/nixos-unstable";
noshell.url = "github:viperML/noshell"; noshell.url = "github:viperML/noshell";
spacebar-server.url = "github:spacebarchat/server"; spacebar-server.url = "github:spacebarchat/server";
@ -40,7 +40,8 @@
jank-client.nixosModules.x86_64-linux.default jank-client.nixosModules.x86_64-linux.default
./services/spacebar.nix ./services/spacebar.nix
./services/rgit.nix # ./services/rgit.nix
./services/gitea.nix
./services/translate.nix ./services/translate.nix

5
services/blog.nix
View file

@ -49,7 +49,12 @@ in {
Type = "simple"; Type = "simple";
ExecStart = "${lib.getExe pkgs.ferron} --config=/etc/blog.ferron.yaml"; ExecStart = "${lib.getExe pkgs.ferron} --config=/etc/blog.ferron.yaml";
RemainAfterExit = true; RemainAfterExit = true;
Restart = "always";
RestartMaxDelaySec = "1m";
RestartSec = "100ms";
RestartSteps = 9;
}; };
wantedBy = ["multi-user.target"];
}; };
environment.etc."blog.ferron.yaml" = { environment.etc."blog.ferron.yaml" = {
source = (pkgs.formats.yaml {}).generate "" ferron-conf-nix; source = (pkgs.formats.yaml {}).generate "" ferron-conf-nix;

5
services/elmskell.nix
View file

@ -39,7 +39,12 @@ in {
Type = "simple"; Type = "simple";
ExecStart = "/etc/nixos/services/elmskell/elmskell"; ExecStart = "/etc/nixos/services/elmskell/elmskell";
RemainAfterExit = true; RemainAfterExit = true;
Restart = "always";
RestartMaxDelaySec = "1m";
RestartSec = "100ms";
RestartSteps = 9;
}; };
wantedBy = ["multi-user.target"];
}; };
services.tor = { services.tor = {
enable = true; enable = true;

1
services/ferron.nix
View file

@ -50,6 +50,7 @@ in {
ExecStart = "${lib.getExe pkgs.ferron} --config=/etc/ferron.yaml"; ExecStart = "${lib.getExe pkgs.ferron} --config=/etc/ferron.yaml";
RemainAfterExit = true; RemainAfterExit = true;
}; };
wantedBy = ["multi-user.target"];
}; };
environment.etc."ferron.yaml" = { environment.etc."ferron.yaml" = {

28
services/gitea.nix Executable file
View file

@ -0,0 +1,28 @@
{
pkgs,
lib,
...
}: {
systemd.services.gitea = {
serviceConfig = {
Type = "simple";
ExecStart = "${lib.getExe pkgs.forgejo} -c /etc/gitea/config.ini";
RemainAfterExit = true;
Restart = "always";
RestartMaxDelaySec = "1m";
RestartSec = "100ms";
RestartSteps = 9;
User = "git";
Group = "git";
};
wantedBy = ["multi-user.target"];
};
environment.etc."gitea/config.ini.default" = {
text = ''
WORK_PATH = /var/lib/git-server
[server]
HTTP_PORT = 8000
'';
mode = "644";
};
}

7
services/math-project.nix
View file

@ -29,7 +29,7 @@ in {
METRICS_BIND = "[::1]:9283"; METRICS_BIND = "[::1]:9283";
METRICS_BIND_NETWORK = "tcp"; METRICS_BIND_NETWORK = "tcp";
POLICY_FNAME = "/etc/anubis/math-project.botPolicies.yaml"; POLICY_FNAME = "/etc/anubis/math-project.botPolicies.yaml";
TARGET = "http://localhost:8080"; TARGET = "http://localhost:8081";
}; };
}; };
}; };
@ -44,6 +44,11 @@ in {
Type = "simple"; Type = "simple";
ExecStart = "${lib.getExe math-project.packages.x86_64-linux.default}"; ExecStart = "${lib.getExe math-project.packages.x86_64-linux.default}";
RemainAfterExit = true; RemainAfterExit = true;
Restart = "always";
RestartMaxDelaySec = "1m";
RestartSec = "100ms";
RestartSteps = 9;
}; };
wantedBy = ["multi-user.target"];
}; };
} }

33
services/rgit.nix
View file

@ -1,23 +1,16 @@
{ {rgit, ...}: {
virtualisation.docker = { systemd.services.rgit = {
enable = true; serviceConfig = {
}; Type = "simple";
virtualisation.oci-containers.backend = "docker"; ExecStart = "${rgit.packages.x86_64-linux.default}/bin/rgit -d /var/lib/git-server/.db/rgit-cache.db [::1]:8000 /var/lib/git-server";
virtualisation.oci-containers.containers.rgit = { RemainAfterExit = true;
image = "ghcr.io/w4/rgit:main"; Restart = "always";
ports = [ RestartMaxDelay = "1m";
"8000:8000" RestartSec = "100ms";
]; RestartSteps = 9;
volumes = [ User = "git";
"/var/lib/git-server:/git:ro" Group = "git";
];
cmd = [
"[::]:8000"
"/git"
"-d /tmp/rgit-cache.db"
];
environment = {
REFRESH_INTERVAL = "5m";
}; };
wantedBy = ["multi-user.target"];
}; };
} }

23
services/rgit.nix.bak Executable file
View file

@ -0,0 +1,23 @@
{
virtualisation.docker = {
enable = true;
};
virtualisation.oci-containers.backend = "docker";
virtualisation.oci-containers.containers.rgit = {
image = "ghcr.io/w4/rgit:main";
ports = [
"8000:8000"
];
volumes = [
"/var/lib/git-server:/git:ro"
];
cmd = [
"[::]:8000"
"/git"
"-d /tmp/rgit-cache.db"
];
environment = {
REFRESH_INTERVAL = "5m";
};
};
}

5
services/spacebar.nix
View file

@ -45,7 +45,12 @@ in {
RemainAfterExit = true; RemainAfterExit = true;
User = "spacebar"; User = "spacebar";
Group = "spacebar"; Group = "spacebar";
Restart = "always";
RestartMaxDelaySec = "1m";
RestartSec = "100ms";
RestartSteps = 9;
}; };
wantedBy = ["multi-user.target"];
environment = { environment = {
DATABASE = "/var/lib/spacebar-server/database.db"; DATABASE = "/var/lib/spacebar-server/database.db";
STORAGE_LOCATION = "/var/lib/spacebar-server/files/"; STORAGE_LOCATION = "/var/lib/spacebar-server/files/";

7
services/translate.nix
View file

@ -41,8 +41,13 @@ in {
systemd.services.translate = { systemd.services.translate = {
serviceConfig = { serviceConfig = {
Type = "simple"; Type = "simple";
ExecStart = "${lib.getExe pkgs.libretranslate}"; ExecStart = "${lib.getExe pkgs.libretranslate} --port 8108";
RemainAfterExit = true; RemainAfterExit = true;
Restart = "always";
RestartMaxDelaySec = "1m";
RestartSec = "100ms";
RestartSteps = 9;
}; };
wantedBy = ["multi-user.target"];
}; };
} }