bump best-blog

change from Andromeda/blog to Andromeda/best-blog
fix merge conflicts?
2025-06-19 09:53:24 -04:00 · 2025-06-19 06:27:03 -04:00 · 2025-06-18 14:04:49 -04:00 · 2025-06-18 13:32:49 -04:00 · 2025-06-18 15:45:04 +00:00 · 2025-06-17 14:23:03 +00:00
14 changed files with 302 additions and 86 deletions
--- a/cachix.nix
+++ b/cachix.nix
@@ -0,0 +1,13 @@
+
+# WARN: this file will get overwritten by $ cachix use <name>
+{ pkgs, lib, ... }:
+
+let
+  folder = ./cachix;
+  toImport = name: value: folder + ("/" + name);
+  filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
+  imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
+in {
+  inherit imports;
+  nix.settings.substituters = ["https://cache.nixos.org/"];
+}
--- a/cachix/rgit.nix
+++ b/cachix/rgit.nix
@@ -0,0 +1,13 @@
+
+{
+  nix = {
+    settings = {
+      substituters = [
+        "https://rgit.cachix.org"
+      ];
+      trusted-public-keys = [
+        "rgit.cachix.org-1:3Wva/GHhrlhbYx+ObbEYQSYq1Yzk8x9OAvEvcYazgL0="
+      ];
+    };
+  };
+}
--- a/configuration.nix
+++ b/configuration.nix
@@ -12,7 +12,8 @@
  networking.domain = "";
  networking.firewall = {
    enable = true;
-    allowedTCPPorts = [80 443];
+    allowedTCPPorts = [80 443 9418];
+    allowedUDPPorts = [80 443 9418];
  };
  boot.loader.grub.devices = ["nodev"];

@@ -34,12 +35,6 @@
    '';
  };

-  services.fail2ban = {
-    enable = true;
-    maxretry = 10;
-    bantime-increment.enable = true;
-  };
-
  users.users.mtgmonkey = {
    isNormalUser = true;
    description = "mtgmonkey";
--- a/flake.lock
+++ b/flake.lock
@@ -1,21 +1,40 @@
 {
  "nodes": {
-    "elmskell-blog": {
+    "best-blog": {
      "inputs": {
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": "nixpkgs",
+        "rust-http-server": "rust-http-server"
      },
      "locked": {
-        "lastModified": 1749395936,
-        "narHash": "sha256-tEqZKBzQbENlyIDvVMWcnhifjEQkaEzK3eKDQWCbt58=",
+        "lastModified": 1750341141,
+        "narHash": "sha256-6aVmNXmX+cDh+bCAPBOTfeSm/UI3/iRY6xA9ZQdUdQg=",
        "ref": "refs/heads/master",
-        "rev": "36fa8afd57449cacdc0535417c8d20fb6b702348",
-        "revCount": 9,
+        "rev": "50c9b7fbfa6862ded556d178b8234332f6fc3f9e",
+        "revCount": 8,
        "type": "git",
-        "url": "file:///var/lib/git-server/blog.git"
+        "url": "https://git.mtgmonkey.net/Andromeda/best-blog.git"
      },
      "original": {
        "type": "git",
-        "url": "file:///var/lib/git-server/blog.git"
+        "url": "https://git.mtgmonkey.net/Andromeda/best-blog.git"
+      }
+    },
+    "elmskell-blog": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_3"
+      },
+      "locked": {
+        "lastModified": 1749494299,
+        "narHash": "sha256-I6/TSz5ciJTEZNFCyrCXWRYqBkNIh3fZy67UErIw3fk=",
+        "ref": "refs/heads/master",
+        "rev": "596af4a7318d60816ee995526d571643e21744b5",
+        "revCount": 11,
+        "type": "git",
+        "url": "https://git.mtgmonkey.net/Andromeda/blog.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://git.mtgmonkey.net/Andromeda/blog.git"
      }
    },
    "flake-utils": {
@@ -36,7 +55,73 @@
        "type": "github"
      }
    },
+    "jank-client": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_4"
+      },
+      "locked": {
+        "lastModified": 1749606892,
+        "narHash": "sha256-ZGUUWNORko3QFy9p/2mc4voJ65/11Joy6Au79+TwxPw=",
+        "ref": "refs/heads/main",
+        "rev": "0e59a339c813bcf1e9969344d8b50ed380231552",
+        "revCount": 1179,
+        "type": "git",
+        "url": "https://git.mtgmonkey.net/Andromeda/jank-client-fork.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://git.mtgmonkey.net/Andromeda/jank-client-fork.git"
+      }
+    },
+    "math-project": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_5"
+      },
+      "locked": {
+        "lastModified": 1750258769,
+        "narHash": "sha256-BazJgo04yFqFfp2AA0Tfba+nBAeaNddQJBdLghVJskk=",
+        "ref": "refs/heads/master",
+        "rev": "fa0e8ca47dd5341d24d8aae90a0bc28a689c3d46",
+        "revCount": 6,
+        "type": "git",
+        "url": "https://git.mtgmonkey.net/Andromeda/math-project.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://git.mtgmonkey.net/Andromeda/math-project.git"
+      }
+    },
    "nixpkgs": {
+      "locked": {
+        "lastModified": 1750134718,
+        "narHash": "sha256-v263g4GbxXv87hMXMCpjkIxd/viIF7p3JpJrwgKdNiI=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "9e83b64f727c88a7711a2c463a7b16eedb69a84c",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-unstable",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1749794982,
+        "narHash": "sha256-Kh9K4taXbVuaLC0IL+9HcfvxsSUx8dPB5s5weJcc9pc=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "ee930f9755f58096ac6e8ca94a1887e0534e2d81",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-unstable",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs_3": {
      "locked": {
        "lastModified": 1749143949,
        "narHash": "sha256-QuUtALJpVrPnPeozlUG/y+oIMSLdptHxb3GK6cpSVhA=",
@@ -51,23 +136,52 @@
        "type": "indirect"
      }
    },
-    "nixpkgs_2": {
+    "nixpkgs_4": {
      "locked": {
-        "lastModified": 1749373575,
-        "narHash": "sha256-/3nvhGaUMG1A6zG185QHyTFR2fMiyffxU7VdMYk5qj0=",
-        "owner": "nixos",
+        "lastModified": 1749285348,
+        "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=",
+        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "6a8d437617048567166f83b32d07ba73aeb2d125",
+        "rev": "3e3afe5174c561dee0df6f2c2b2236990146329f",
        "type": "github"
      },
      "original": {
-        "owner": "nixos",
-        "ref": "release-25.05",
-        "repo": "nixpkgs",
-        "type": "github"
+        "id": "nixpkgs",
+        "ref": "nixos-unstable",
+        "type": "indirect"
      }
    },
-    "nixpkgs_3": {
+    "nixpkgs_5": {
+      "locked": {
+        "lastModified": 1748889542,
+        "narHash": "sha256-Hb4iMhIbjX45GcrgOp3b8xnyli+ysRPqAgZ/LZgyT5k=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "10d7f8d34e5eb9c0f9a0485186c1ca691d2c5922",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-25.05",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs_6": {
+      "locked": {
+        "lastModified": 1750134718,
+        "narHash": "sha256-v263g4GbxXv87hMXMCpjkIxd/viIF7p3JpJrwgKdNiI=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "9e83b64f727c88a7711a2c463a7b16eedb69a84c",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-unstable",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs_7": {
      "locked": {
        "lastModified": 1714253743,
        "narHash": "sha256-mdTQw2XlariysyScCv2tTE45QSU9v/ezLcHJ22f0Nxc=",
@@ -83,7 +197,7 @@
        "type": "github"
      }
    },
-    "nixpkgs_4": {
+    "nixpkgs_8": {
      "locked": {
        "lastModified": 1746141548,
        "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=",
@@ -101,7 +215,7 @@
    },
    "noshell": {
      "inputs": {
-        "nixpkgs": "nixpkgs_3"
+        "nixpkgs": "nixpkgs_7"
      },
      "locked": {
        "lastModified": 1717396029,
@@ -119,16 +233,37 @@
    },
    "root": {
      "inputs": {
+        "best-blog": "best-blog",
        "elmskell-blog": "elmskell-blog",
-        "nixpkgs": "nixpkgs_2",
+        "jank-client": "jank-client",
+        "math-project": "math-project",
+        "nixpkgs": "nixpkgs_6",
        "noshell": "noshell",
        "spacebar-server": "spacebar-server"
      }
    },
+    "rust-http-server": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_2"
+      },
+      "locked": {
+        "lastModified": 1750341039,
+        "narHash": "sha256-iT6qEBuHJMEAFDnRNUydh6eJu7LX4OklUy0CpOtz/tg=",
+        "ref": "refs/heads/master",
+        "rev": "d214b0bf8646ee7f2f0792bbf3b96db8dacc2468",
+        "revCount": 3,
+        "type": "git",
+        "url": "https://git.mtgmonkey.net/Andromeda/rust-http-server.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://git.mtgmonkey.net/Andromeda/rust-http-server.git"
+      }
+    },
    "spacebar-server": {
      "inputs": {
        "flake-utils": "flake-utils",
-        "nixpkgs": "nixpkgs_4"
+        "nixpkgs": "nixpkgs_8"
      },
      "locked": {
        "lastModified": 1748414795,
--- a/flake.nix
+++ b/flake.nix
@@ -1,23 +1,24 @@
 {
  description = "server flake";
  inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/release-25.05";
+    nixpkgs.url = "nixpkgs/nixos-unstable";
    noshell.url = "github:viperML/noshell";
    spacebar-server.url = "github:spacebarchat/server";

-    elmskell-blog.url = "git+file:///var/lib/git-server/blog.git";
-    jank-client.url = "git+file:///var/lib/git-server/jank-client-fork.git";
-    math-project.url = "git+file:///var/lib/git-server/math-project.git";
+    elmskell-blog.url = "git+https://git.mtgmonkey.net/Andromeda/blog.git";
+    jank-client.url = "git+https://git.mtgmonkey.net/Andromeda/jank-client-fork.git";
+    math-project.url = "git+https://git.mtgmonkey.net/Andromeda/math-project.git";
+    best-blog.url = "git+https://git.mtgmonkey.net/Andromeda/best-blog.git";
  };

  outputs = {
    self,
    nixpkgs,
    noshell,
-    elmskell-blog,
    spacebar-server,
    jank-client,
    math-project,
+    best-blog,
    ...
  }: let
    system = "x86_64-linux";
@@ -27,30 +28,30 @@
      specialArgs = {
        inherit self;
        inherit system;
-        inherit elmskell-blog;
        inherit spacebar-server;
+        inherit math-project;
+        inherit best-blog;
        ssh-pub-keys = import ./ssh-pub-keys.nix;
      };
      modules = [
-        ./services/ferron.nix
+        ./configuration.nix

-        ./services/elmskell.nix
        ./services/blog.nix
-
-        jank-client.nixosModules.x86_64-linux.default
+        ./services/elmskell.nix
+        ./services/ferron.nix
+        ./services/gitea.nix
+        #./services/rgit.nix
+        ./services/math-project.nix
        ./services/spacebar.nix
-        ./services/rgit.nix
-
        ./services/translate.nix

+        jank-client.nixosModules.x86_64-linux.default
+        math-project.nixosModules.x86_64-linux.default
        noshell.nixosModules.default
-        {programs.noshell.enable = true;}
-
-        math-project.nixosModules.default
-        {programs.math-project.enable = true;}
-        ./services/math-project.nix
-
-        ./configuration.nix
+        {
+          programs.noshell.enable = true;
+          services.math-project.enable = true;
+        }
      ];
    };
  };
--- a/services/blog.nix
+++ b/services/blog.nix
@@ -1,5 +1,5 @@
 {
-  elmskell-blog,
+  best-blog,
  lib,
  pkgs,
  ...
@@ -18,13 +18,6 @@
      }
    ];
  };
-  ferron-conf-nix = {
-    global = {
-      port = 8181;
-      secure = false;
-      wwwroot = "${elmskell-blog.packages.x86_64-linux.default}/wwwroot";
-    };
-  };
 in {
  services.anubis = {
    instances.blog = {
@@ -36,7 +29,7 @@ in {
        METRICS_BIND = "[::1]:9182";
        METRICS_BIND_NETWORK = "tcp";
        POLICY_FNAME = "/etc/anubis/blog.botPolicies.yaml";
-        TARGET = "http://localhost:8181";
+        TARGET = "http://localhost:9345";
      };
    };
  };
@@ -44,15 +37,16 @@ in {
    source = (pkgs.formats.yaml {}).generate "" botPolicies-nix;
    mode = "644";
  };
-  systemd.services.blog-ferron = {
+  systemd.services.blog = {
    serviceConfig = {
      Type = "simple";
-      ExecStart = "${lib.getExe pkgs.ferron} --config=/etc/blog.ferron.yaml";
+      ExecStart = "${lib.getExe best-blog.packages.x86_64-linux.default}";
      RemainAfterExit = true;
+      Restart = "always";
+      RestartMaxDelaySec = "1m";
+      RestartSec = "100ms";
+      RestartSteps = 9;
    };
-  };
-  environment.etc."blog.ferron.yaml" = {
-    source = (pkgs.formats.yaml {}).generate "" ferron-conf-nix;
-    mode = "644";
+    wantedBy = ["multi-user.target"];
  };
 }
--- a/services/elmskell.nix
+++ b/services/elmskell.nix
@@ -39,7 +39,12 @@ in {
      Type = "simple";
      ExecStart = "/etc/nixos/services/elmskell/elmskell";
      RemainAfterExit = true;
+      Restart = "always";
+      RestartMaxDelaySec = "1m";
+      RestartSec = "100ms";
+      RestartSteps = 9;
    };
+    wantedBy = ["multi-user.target"];
  };
  services.tor = {
    enable = true;
--- a/services/ferron.nix
+++ b/services/ferron.nix
@@ -50,6 +50,7 @@ in {
      ExecStart = "${lib.getExe pkgs.ferron} --config=/etc/ferron.yaml";
      RemainAfterExit = true;
    };
+    wantedBy = ["multi-user.target"];
  };

  environment.etc."ferron.yaml" = {
--- a/services/gitea.nix
+++ b/services/gitea.nix
@@ -0,0 +1,28 @@
+{
+  pkgs,
+  lib,
+  ...
+}: {
+  systemd.services.gitea = {
+    serviceConfig = {
+      Type = "simple";
+      ExecStart = "${lib.getExe pkgs.forgejo} -c /etc/gitea/config.ini";
+      RemainAfterExit = true;
+      Restart = "always";
+      RestartMaxDelaySec = "1m";
+      RestartSec = "100ms";
+      RestartSteps = 9;
+      User = "git";
+      Group = "git";
+    };
+    wantedBy = ["multi-user.target"];
+  };
+  environment.etc."gitea/config.ini.default" = {
+    text = ''
+      WORK_PATH = /var/lib/git-server
+      [server]
+      HTTP_PORT = 8000
+    '';
+    mode = "644";
+  };
+}
--- a/services/math-project.nix
+++ b/services/math-project.nix
@@ -29,7 +29,7 @@ in {
        METRICS_BIND = "[::1]:9283";
        METRICS_BIND_NETWORK = "tcp";
        POLICY_FNAME = "/etc/anubis/math-project.botPolicies.yaml";
-        TARGET = "http://localhost:8080";
+        TARGET = "http://localhost:8081";
      };
    };
  };
@@ -42,8 +42,13 @@ in {
  systemd.services.math-project = {
    serviceConfig = {
      Type = "simple";
-      ExecStart = "${lib.getExe math-project}";
+      ExecStart = "${lib.getExe math-project.packages.x86_64-linux.default}";
      RemainAfterExit = true;
+      Restart = "always";
+      RestartMaxDelaySec = "1m";
+      RestartSec = "100ms";
+      RestartSteps = 9;
    };
+    wantedBy = ["multi-user.target"];
  };
 }
--- a/services/rgit.nix
+++ b/services/rgit.nix
@@ -1,23 +1,16 @@
-{
-  virtualisation.docker = {
-    enable = true;
-  };
-  virtualisation.oci-containers.backend = "docker";
-  virtualisation.oci-containers.containers.rgit = {
-    image = "ghcr.io/w4/rgit:main";
-    ports = [
-      "8000:8000"
-    ];
-    volumes = [
-      "/var/lib/git-server:/git:ro"
-    ];
-    cmd = [
-      "[::]:8000"
-      "/git"
-      "-d /tmp/rgit-cache.db"
-    ];
-    environment = {
-      REFRESH_INTERVAL = "5m";
+{rgit, ...}: {
+  systemd.services.rgit = {
+    serviceConfig = {
+      Type = "simple";
+      ExecStart = "${rgit.packages.x86_64-linux.default}/bin/rgit -d /var/lib/git-server/.db/rgit-cache.db [::1]:8000 /var/lib/git-server";
+      RemainAfterExit = true;
+      Restart = "always";
+      RestartMaxDelay = "1m";
+      RestartSec = "100ms";
+      RestartSteps = 9;
+      User = "git";
+      Group = "git";
    };
+    wantedBy = ["multi-user.target"];
  };
 }
--- a/services/rgit.nix.bak
+++ b/services/rgit.nix.bak
@@ -0,0 +1,23 @@
+{
+  virtualisation.docker = {
+    enable = true;
+  };
+  virtualisation.oci-containers.backend = "docker";
+  virtualisation.oci-containers.containers.rgit = {
+    image = "ghcr.io/w4/rgit:main";
+    ports = [
+      "8000:8000"
+    ];
+    volumes = [
+      "/var/lib/git-server:/git:ro"
+    ];
+    cmd = [
+      "[::]:8000"
+      "/git"
+      "-d /tmp/rgit-cache.db"
+    ];
+    environment = {
+      REFRESH_INTERVAL = "5m";
+    };
+  };
+}
--- a/services/spacebar.nix
+++ b/services/spacebar.nix
@@ -45,7 +45,12 @@ in {
      RemainAfterExit = true;
      User = "spacebar";
      Group = "spacebar";
+      Restart = "always";
+      RestartMaxDelaySec = "1m";
+      RestartSec = "100ms";
+      RestartSteps = 9;
    };
+    wantedBy = ["multi-user.target"];
    environment = {
      DATABASE = "/var/lib/spacebar-server/database.db";
      STORAGE_LOCATION = "/var/lib/spacebar-server/files/";
--- a/services/translate.nix
+++ b/services/translate.nix
@@ -41,8 +41,13 @@ in {
  systemd.services.translate = {
    serviceConfig = {
      Type = "simple";
-      ExecStart = "${lib.getExe pkgs.libretranslate}";
+      ExecStart = "${lib.getExe pkgs.libretranslate} --port 8108";
      RemainAfterExit = true;
+      Restart = "always";
+      RestartMaxDelaySec = "1m";
+      RestartSec = "100ms";
+      RestartSteps = 9;
    };
+    wantedBy = ["multi-user.target"];
  };
 }
Author	SHA1	Message	Date
mtgmonkey	7cef5d8798	bump best-blog	2025-06-19 09:53:24 -04:00
mtgmonkey	3f5ad1a3df	change from Andromeda/blog to Andromeda/best-blog	2025-06-19 06:27:03 -04:00
mtgmonkey	39b987332b	fix merge conflicts?	2025-06-18 14:04:49 -04:00
mtgmonkey	3c96c9818c	update lockfile, gitiffy	2025-06-18 13:32:49 -04:00
mtgmonkey	91206fb3c0	add forgejo	2025-06-18 15:45:04 +00:00
mtgmonkey	de1d958778	fix breaking change pushed in `bdc3a22`	2025-06-17 14:23:03 +00:00
mtgmonkey	dbec636ab7	updated all the systemd daemons	2025-06-17 14:05:43 +00:00
mtgmonkey	bdc3a22570	add git user to rgit service	2025-06-16 21:20:42 +00:00
mtgmonkey	56af2b408c	add ipv6	2025-06-16 20:40:06 +00:00
mtgmonkey	8af386e521	add ports for rgit	2025-06-16 20:13:51 +00:00
mtgmonkey	7865de7103	Merge remote-tracking branch 'origin'	2025-06-12 10:53:17 +00:00
mtgmonkey	1fdb3a8599	fix translation problem	2025-06-12 10:52:11 +00:00