summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/baseX.nix2
-rw-r--r--lass/2configs/exim-smarthost.nix2
-rw-r--r--lass/2configs/nixpkgs.nix2
-rw-r--r--lass/2configs/repo-sync.nix1
-rw-r--r--lass/2configs/websites/domsen.nix2
-rw-r--r--lass/2configs/websites/lassulus.nix91
6 files changed, 98 insertions, 2 deletions
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 2649ecab9..4b05e3296 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -49,6 +49,8 @@ in {
mpv-poll
yt-next
+
+ youtube-tools
#window manager stuff
#haskellPackages.xmobar
#haskellPackages.yeganesh
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 00a3612fd..3ed8be77f 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -29,6 +29,8 @@ with config.krebs.lib;
{ from = "finanzamt@lassul.us"; to = lass.mail; }
{ from = "netzclub@lassul.us"; to = lass.mail; }
{ from = "nebenan@lassul.us"; to = lass.mail; }
+ { from = "feed@lassul.us"; to = lass.mail; }
+ { from = "art@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index 6e9138b61..73c96e876 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "354fd3728952c229fee4f2924737c601d7ab4725";
+ ref = "b8ede35d2efa96490857c22c751e75d600bea44f";
};
}
diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix
index 027f31fe0..eae583a84 100644
--- a/lass/2configs/repo-sync.nix
+++ b/lass/2configs/repo-sync.nix
@@ -92,6 +92,7 @@ in {
(sync-remote "skytraq-datalogger" "https://github.com/makefu/skytraq-datalogger")
(sync-remote "xintmap" "https://github.com/4z3/xintmap")
(sync-remote "realwallpaper" "https://github.com/lassulus/realwallpaper")
+ (sync-remote "lassulus-blog" "https://github.com/lassulus/lassulus-blog")
(sync-remote-silent "nixpkgs" "https://github.com/nixos/nixpkgs")
(sync-retiolum "go")
(sync-retiolum "much")
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index e05f40d97..3a3e60d39 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -191,7 +191,7 @@ in {
server_set_id = $auth1
'';
internet-aliases = [
- { from = "dominik@apanowicz.de"; to = "dma@ubikmedia.eu"; }
+ { from = "dominik@apanowicz.de"; to = "dominik_a@gmx.de"; }
{ from = "mail@jla-trading.com"; to = "jla-trading"; }
{ from = "testuser@lassul.us"; to = "testuser"; }
];
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
new file mode 100644
index 000000000..04c19fad0
--- /dev/null
+++ b/lass/2configs/websites/lassulus.nix
@@ -0,0 +1,91 @@
+{ config, pkgs, lib, ... }:
+
+with lib;
+let
+ inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
+ genid
+ ;
+
+in {
+ imports = [
+ ../git.nix
+ ];
+
+ security.acme = {
+ certs."lassul.us" = {
+ email = "lass@lassul.us";
+ webroot = "/var/lib/acme/challenges/lassul.us";
+ plugins = [
+ "account_key.json"
+ "key.pem"
+ "fullchain.pem"
+ "full.pem"
+ ];
+ allowKeysForGroup = true;
+ group = "lasscert";
+ };
+ certs."cgit.lassul.us" = {
+ email = "lassulus@gmail.com";
+ webroot = "/var/lib/acme/challenges/cgit.lassul.us";
+ plugins = [
+ "account_key.json"
+ "key.pem"
+ "fullchain.pem"
+ ];
+ group = "nginx";
+ allowKeysForGroup = true;
+ };
+ };
+
+ users.groups.lasscert.members = [
+ "dovecot2"
+ "ejabberd"
+ "exim"
+ "nginx"
+ ];
+
+ krebs.nginx.servers."lassul.us" = {
+ server-names = [ "lassul.us" ];
+ locations = [
+ (nameValuePair "/" ''
+ root /srv/http/lassul.us;
+ '')
+ (nameValuePair "/.well-known/acme-challenge" ''
+ root /var/lib/acme/challenges/lassul.us/;
+ '')
+ ];
+ ssl = {
+ enable = true;
+ certificate = "/var/lib/acme/lassul.us/fullchain.pem";
+ certificate_key = "/var/lib/acme/lassul.us/key.pem";
+ };
+ };
+
+ krebs.nginx.servers.cgit = {
+ server-names = [
+ "cgit.lassul.us"
+ ];
+ locations = [
+ (nameValuePair "/.well-known/acme-challenge" ''
+ root /var/lib/acme/challenges/cgit.lassul.us/;
+ '')
+ ];
+ ssl = {
+ enable = true;
+ certificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem";
+ certificate_key = "/var/lib/acme/cgit.lassul.us/key.pem";
+ };
+ };
+
+ users.users.blog = {
+ uid = genid "blog";
+ description = "lassul.us blog deployment";
+ home = "/srv/http/lassul.us";
+ useDefaultShell = true;
+ createHome = true;
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.lass.pubkey
+ ];
+ };
+}
+