summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--kartei/lass/orange.nix1
-rw-r--r--krebs/1systems/hotdog/config.nix1
-rw-r--r--krebs/2configs/buildbot-stockholm.nix8
-rw-r--r--krebs/nixpkgs-unstable.json8
-rw-r--r--krebs/nixpkgs.json8
-rw-r--r--lass/1systems/coaxmetal/config.nix2
-rw-r--r--lass/1systems/orange/config.nix3
-rw-r--r--lass/2configs/git.nix2
-rw-r--r--lass/2configs/services/coms/proxy.nix1
-rw-r--r--lass/2configs/services/git/default.nix11
-rw-r--r--lass/2configs/services/git/proxy.nix13
11 files changed, 42 insertions, 16 deletions
diff --git a/kartei/lass/orange.nix b/kartei/lass/orange.nix
index 7f656c260..7c511d5b1 100644
--- a/kartei/lass/orange.nix
+++ b/kartei/lass/orange.nix
@@ -6,6 +6,7 @@
ip6.addr = r6 "012a";
aliases = [
"orange.r"
+ "cgit.orange.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 70307a96b..a20878487 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -21,7 +21,6 @@
];
krebs.build.host = config.krebs.hosts.hotdog;
- krebs.github-hosts-sync.enable = true;
krebs.pages.enable = true;
boot.isContainer = true;
diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix
index 9fc6a79e5..f0b6c324d 100644
--- a/krebs/2configs/buildbot-stockholm.nix
+++ b/krebs/2configs/buildbot-stockholm.nix
@@ -21,21 +21,21 @@
disko.urls = [
"http://cgit.gum.r/disko"
"http://cgit.ni.r/disko"
- "http://cgit.prism.r/disko"
+ "http://cgit.orange.r/disko"
];
krops.urls = [
"http://cgit.ni.r/krops"
- "http://cgit.prism.r/krops"
+ "http://cgit.orange.r/krops"
"https://github.com/krebs/krops.git"
];
nix_writers.urls = [
"http://cgit.ni.r/nix-writers"
- "http://cgit.prism.r/nix-writers"
+ "http://cgit.orange.r/nix-writers"
];
stockholm.urls = [
"http://cgit.gum.r/stockholm"
"http://cgit.ni.r/stockholm"
- "http://cgit.prism.r/stockholm"
+ "http://cgit.orange.r/stockholm"
];
};
};
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
index 96c23d47c..885672736 100644
--- a/krebs/nixpkgs-unstable.json
+++ b/krebs/nixpkgs-unstable.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "2caf4ef5005ecc68141ecb4aac271079f7371c44",
- "date": "2023-01-30T22:55:03+01:00",
- "path": "/nix/store/mkif1y61ndjfi6fl2hzm7gmgqn40rchn-nixpkgs",
- "sha256": "1f8d0v4q687r4z3qpg54asglgi3v07ac75hzxzxl0qxjyh0asdz3",
+ "rev": "19cf008bb18e47b6e3b4e16e32a9a4bdd4b45f7e",
+ "date": "2023-03-21T23:16:58+01:00",
+ "path": "/nix/store/rg3f6v4f7mba0kqnhiarj7yg6066cc5v-nixpkgs",
+ "sha256": "0myq7fnykna5qazbk6hdgahy148yd7f5l8nrxhzllj67y86a5sxw",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 20b1237dc..118415785 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "0218941ea68b4c625533bead7bbb94ccce52dceb",
- "date": "2023-01-31T16:39:44+08:00",
- "path": "/nix/store/82grl4czg5pgacsa93nqssf5m7qrmmna-nixpkgs",
- "sha256": "0vwszpqs1x9sgnabvj3413mvcrj7k2ix4wv4hfvw6nmp6k4z6ic1",
+ "rev": "e2c97799da5f5cd87adfa5017fba971771e123ef",
+ "date": "2023-03-20T14:29:52+01:00",
+ "path": "/nix/store/vxca9w313d1bzw9dx4yaw8c0vrqjxa0p-nixpkgs",
+ "sha256": "0qff1r8k0m19z1ppzb8gk5xrnlvabjdl3pqwpc3y5bm15qxzk25s",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
diff --git a/lass/1systems/coaxmetal/config.nix b/lass/1systems/coaxmetal/config.nix
index 1df56f591..7fd76974b 100644
--- a/lass/1systems/coaxmetal/config.nix
+++ b/lass/1systems/coaxmetal/config.nix
@@ -20,8 +20,6 @@
<stockholm/lass/2configs/pass.nix>
<stockholm/lass/2configs/mail.nix>
<stockholm/lass/2configs/bitcoin.nix>
-
- <stockholm/lass/2configs/xonsh.nix>
<stockholm/lass/2configs/review.nix>
<stockholm/lass/2configs/dunst.nix>
# <stockholm/krebs/2configs/ircd.nix>
diff --git a/lass/1systems/orange/config.nix b/lass/1systems/orange/config.nix
index 5e975dba8..47867c31f 100644
--- a/lass/1systems/orange/config.nix
+++ b/lass/1systems/orange/config.nix
@@ -6,10 +6,13 @@ with import <stockholm/lib>;
<stockholm/lass/2configs>
<stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/mumble-reminder.nix>
+ <stockholm/lass/2configs/services/git>
];
krebs.build.host = config.krebs.hosts.orange;
+ services.nginx.enable = true;
+ networking.firewall.allowedTCPPorts = [ 80 443 ];
security.acme = {
acceptTerms = true;
defaults.email = "acme@lassul.us";
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 891aefcfd..16260b77b 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -145,7 +145,7 @@ let
channel = "#xxx";
# TODO define refs in some kind of option per repo
server = "irc.r";
- verbose = config.krebs.build.host.name == "prism";
+ verbose = config.krebs.build.host.name == "orange";
}}
${cgit-clear-cache}/bin/cgit-clear-cache
'';
diff --git a/lass/2configs/services/coms/proxy.nix b/lass/2configs/services/coms/proxy.nix
index 57e132151..e8555f9b7 100644
--- a/lass/2configs/services/coms/proxy.nix
+++ b/lass/2configs/services/coms/proxy.nix
@@ -16,6 +16,7 @@ in
services.nginx.streamConfig = ''
${lib.concatMapStringsSep "\n" (port: ''
server {
+ listen [::]:${toString port};
listen ${toString port};
proxy_pass ${target}:${toString port};
}
diff --git a/lass/2configs/services/git/default.nix b/lass/2configs/services/git/default.nix
new file mode 100644
index 000000000..096f73c03
--- /dev/null
+++ b/lass/2configs/services/git/default.nix
@@ -0,0 +1,11 @@
+{ config, lib, pkgs, ... }:
+{
+ imports = [
+ ../../git.nix
+ ];
+ services.nginx.virtualHosts."cgit.lassul.us" = {
+ enableACME = true;
+ addSSL = true;
+ locations = config.services.nginx.virtualHosts.cgit.locations;
+ };
+}
diff --git a/lass/2configs/services/git/proxy.nix b/lass/2configs/services/git/proxy.nix
new file mode 100644
index 000000000..cb05c3f6c
--- /dev/null
+++ b/lass/2configs/services/git/proxy.nix
@@ -0,0 +1,13 @@
+{ config, pkgs, ... }:
+{
+ services.nginx.virtualHosts."cgit.lassul.us" = {
+ forceSSL = true;
+ enableACME = true;
+ acmeFallbackHost = "orange.r";
+ locations."/" = {
+ proxyPass = "http://orange.r";
+ proxyWebsockets = true;
+ recommendedProxySettings = true;
+ };
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 21:46:49 +0000