From 87dcf548293293ee820fb7d5cd20cfe39c34da3d Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 20 Sep 2022 16:38:57 +0200 Subject: [PATCH] prep outline --- flake.lock | 18 ++++++------- flake.nix | 6 ++--- nixos/hosts/olympus/nginx/configuration.nix | 1 + nixos/hosts/olympus/outline/configuration.nix | 26 +++++++++++++++++-- 4 files changed, 37 insertions(+), 14 deletions(-) diff --git a/flake.lock b/flake.lock index 67da750..e675dc3 100644 --- a/flake.lock +++ b/flake.lock @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663665418, - "narHash": "sha256-FfHLjo7Cz1U0GRKaGwmBOrbv25LhFfKXkLaJ/PCelHY=", + "lastModified": 1663672654, + "narHash": "sha256-AGaTUx0YCCzDfizsZnE7R6GqLwSKo7GF1/jkOrqIk1c=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "cde624ec6a98b751e67967cbaffd68b1215e8531", + "rev": "2dd1661aec80f216a53b897be11ab72611447247", "type": "github" }, "original": { @@ -583,16 +583,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663494472, - "narHash": "sha256-fSowlaoXXWcAM8m9wA6u+eTJJtvruYHMA+Lb/tFi/qM=", - "owner": "NixOS", + "lastModified": 1663683373, + "narHash": "sha256-TnMwg3MLwUecBjT2SM9CKLqEODG9vfjvDK7qNTGDJJs=", + "owner": "NULLx76", "repo": "nixpkgs", - "rev": "f677051b8dc0b5e2a9348941c99eea8c4b0ff28f", + "rev": "167edcba5042e9e6099844cbef2cae3c1c2b3170", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable", + "owner": "NULLx76", + "ref": "0x76", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index b8a0eea..c8a5f61 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; @@ -113,8 +113,8 @@ nixfmt nixUnstable vault - # (vault-push-approle-envs self) - # (vault-push-approle-approles self) + (vault-push-approle-envs self {}) + (vault-push-approles self {}) ]; }; }; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index a7d652b..457ab4a 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -56,6 +56,7 @@ in virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; + virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; virtualHosts."andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; # Meow diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index e660f64..c411d07 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -3,7 +3,7 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: - +let vs = config.vault-secrets.secrets; in { imports = [ ]; @@ -18,5 +18,27 @@ # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; + networking.firewall.allowedTCPPorts = [ + config.services.outline.port + ]; + + vault-secrets.secrets.outline = { }; + + services.outline = { + enable = false; + concurrency = 1; + port = 3000; + redisUrl = "local"; + databaseUrl = "local"; + publicUrl = "https://outline.0x76.dev"; + utilsSecretFile = "${vs.outline}/utilsSecret"; + secretKeyFile = "${vs.outline}/secretKey"; + storage = { + accessKey = "outline"; + secretKeyFile = "${vs.outline}/s3key"; + uploadBucketUrl = "https://o.0x76.dev"; + uploadBucketName = "outline"; + region = "us-east-1"; # fake + }; + }; }