init

2025-06-08 13:11:14 +00:00 · 2025-06-08 13:11:14 +00:00 · f7d48d286a
commit f7d48d286a
16 changed files with 519 additions and 0 deletions
--- a/services/blog.nix
+++ b/services/blog.nix
@ -0,0 +1,26 @@
+{
+  elmskell-blog,
+  lib,
+  pkgs,
+  ...
+}: let
+  ferron-conf-nix = {
+    global = {
+      secure = false;
+      wwwroot = "${elmskell-blog.packages.x86_64-linux.default}/wwwroot";
+    };
+  };
+in {
+  systemd.services.ferron = {
+    serviceConfig = {
+      Type = "simple";
+      ExecStart = "${lib.getExe pkgs.ferron} --config=/etc/ferron.yaml";
+      RemainAfterExit = true;
+    };
+  };
+
+  environment.etc."ferron.yaml" = {
+    source = (pkgs.formats.yaml {}).generate "" ferron-conf-nix;
+    mode = "644";
+  };
+}
--- a/services/elmskell.nix
+++ b/services/elmskell.nix
@ -0,0 +1,62 @@
+{pkgs, ...}: let
+  botPolicies-nix = {
+    dnsbl = false;
+    status_codes = {
+      CHALLENGE = 200;
+      DENY = 200;
+    };
+    bots = [
+      {
+        name = "catch-everything";
+        user_agent_regex = ".*";
+        action = "CHALLENGE";
+      }
+    ];
+  };
+in {
+  services.anubis = {
+    instances.elmskell = {
+      enable = true;
+      settings = {
+        BIND = "[::1]:9080";
+        BIND_NETWORK = "tcp";
+        DIFFICULTY = 4;
+        METRICS_BIND = "[::1]:9081";
+        METRICS_BIND_NETWORK = "tcp";
+        POLICY_FNAME = "/etc/anubis/elmskell.botPolicies.yaml";
+        TARGET = "http://localhost:8080";
+      };
+    };
+  };
+
+  environment.etc."anubis/elmskell.botPolicies.yaml" = {
+    source = (pkgs.formats.yaml {}).generate "" botPolicies-nix;
+    mode = "644";
+  };
+
+  systemd.services.elmskell = {
+    serviceConfig = {
+      Type = "simple";
+      ExecStart = "/etc/nixos/services/elmskell/elmskell";
+      RemainAfterExit = true;
+    };
+  };
+  services.tor = {
+    enable = true;
+    enableGeoIP = false;
+    relay.onionServices = {
+      elmskell = {
+        version = 3;
+        map = [
+          {
+            port = 80;
+            target = {
+              addr = "127.0.0.1";
+              port = 8080;
+            };
+          }
+        ];
+      };
+    };
+  };
+}
--- a/services/elmskell/elmskell
+++ b/services/elmskell/elmskell
--- a/services/ferron.nix
+++ b/services/ferron.nix
@ -0,0 +1,52 @@
+{
+  elmskell-blog,
+  lib,
+  pkgs,
+  ...
+}: let
+  ferron-conf-nix = {
+    global = {
+      secure = true;
+      enableAutomaticTLS = true;
+      automaticTLSContactCacheDirectory = "/etc/ferron/contactCacheDir";
+      useAutomaticTLSHTTPChallenge = true;
+      disableProxyCertificateVerification = true;
+      loadModules = ["rproxy"];
+    };
+    hosts = [
+      {
+        domain = "mtgmonkey.net";
+        proxyTo = "http://localhost:9080/";
+      }
+      {
+        domain = "blog.mtgmonkey.net";
+        proxyTo = "http://localhost:9181/";
+      }
+      {
+        domain = "git.mtgmonkey.net";
+        proxyTo = "http://localhost:8000/";
+      }
+      {
+        domain = "chat.mtgmonkey.net";
+        proxyTo = "http://localhost:9780/";
+      }
+      {
+        domain = "www.mtgmonkey.net";
+        proxyTo = "http://localhost:9080/";
+      }
+    ];
+  };
+in {
+  systemd.services.ferron = {
+    serviceConfig = {
+      Type = "simple";
+      ExecStart = "${lib.getExe pkgs.ferron} --config=/etc/ferron.yaml";
+      RemainAfterExit = true;
+    };
+  };
+
+  environment.etc."ferron.yaml" = {
+    source = (pkgs.formats.yaml {}).generate "" ferron-conf-nix;
+    mode = "644";
+  };
+}
--- a/services/ferron/wwwroot/css/style.css
+++ b/services/ferron/wwwroot/css/style.css
@ -0,0 +1,73 @@
+html,
+body {
+  margin: 0;
+  padding: 0;
+  font-family: system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;
+  background-color: #ffffff;
+  color: #0f172a;
+}
+
+body {
+  margin: 2em auto;
+  padding: 1em;
+  box-sizing: border-box;
+  width: 100%;
+  max-width: 1280px;
+}
+
+header {
+  text-align: center;
+}
+
+.logo {
+  display: inline-block;
+  background-image: url(../img/logo.png);
+  background-size: 100%;
+  width: 160px;
+  height: 53.875px;
+}
+
+.column {
+  width: 50%;
+  padding: 0.75em;
+  box-sizing: border-box;
+  float: left;
+}
+
+.clearfix {
+  display: table;
+  clear: both;
+}
+
+h1 {
+  font-size: 2.5em;
+}
+
+a {
+  color: #ff4400;
+}
+
+@media screen and (max-width: 512px) {
+  h1 {
+    font-size: 2em;
+  }
+
+  .column {
+    float: none;
+    width: 100%;
+    padding: 0;
+  }
+}
+
+@media screen and (prefers-color-scheme: dark) {
+
+  html,
+  body {
+    background-color: #0c0a09;
+    color: #e1e7ef;
+  }
+
+  .logo {
+    background-image: url(../img/logo-dark.png);
+  }
+}
--- a/services/ferron/wwwroot/favicon.ico
+++ b/services/ferron/wwwroot/favicon.ico
--- a/services/ferron/wwwroot/img/logo-dark.png
+++ b/services/ferron/wwwroot/img/logo-dark.png
--- a/services/ferron/wwwroot/img/logo.png
+++ b/services/ferron/wwwroot/img/logo.png
--- a/services/ferron/wwwroot/index.html
+++ b/services/ferron/wwwroot/index.html
@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <link rel="shortcut icon" href="favicon.ico" type="image/x-icon">
+  <link rel="stylesheet" href="css/style.css">
+  <title>Ferron is installed successfully! 🥳</title>
+</head>
+
+<body>
+  <header>
+    <span class="logo"></span>
+    <h1>Ferron is installed successfully! 🥳</h1>
+  </header>
+  <section class="column">
+    <h2>If you're just visiting this website</h2>
+    <p>Thank you for visiting my website! It is not running yet. Contact me on Matrix @mtgmonkey:calitabby.net for a shoutout!</p>
+    <p><strong>Ferron probably has nothing to do with this website or its content, it just provides the
+        software for the website to run.</strong> If you have issues with this website, contact the
+      administrator of the website, not Ferron.</p>
+  </section>
+  <section class="column">
+    <h2>If you're an administrator of this website</h2>
+    <p>This page means that the web server's installation is successful. You can now add contents of the website to
+      the webroot directory (<i>/var/www/ferron</i> if installed using Ferron installer for GNU/Linux or via
+      Docker, or <i>%SystemDrive%\ferron\wwwroot</i> if installed using Ferron installer for Windows).</p>
+    <p>You can configure your web server according to <a href="https://www.ferronweb.org/docs">Ferron's
+        documentation.</a></p>
+    <p><strong>Thank you for installing Ferron!</strong></p>
+  </section>
+  <div class="clearfix"></div>
+</body>
+
+</html>
--- a/services/mattermost.nix
+++ b/services/mattermost.nix
@ -0,0 +1,7 @@
+{
+  services.mattermost = {
+    enable = true;
+    siteUrl = "https://chat.mtgmonkey.net";
+    port = 9780;
+  };
+}
--- a/services/rgit.nix
+++ b/services/rgit.nix
@ -0,0 +1,23 @@
+{
+  virtualisation.docker = {
+    enable = true;
+  };
+  virtualisation.oci-containers.backend = "docker";
+  virtualisation.oci-containers.containers.rgit = {
+    image = "ghcr.io/w4/rgit:main";
+    ports = [
+      "8000:8000"
+    ];
+    volumes = [
+      "/var/lib/git-server:/git:ro"
+    ];
+    cmd = [
+      "[::]:8000"
+      "/git"
+      "-d /tmp/rgit-cache.db"
+    ];
+    environment = {
+      REFRESH_INTERVAL = "5m";
+    };
+  };
+}