From 08c17eae69079713c35a866756803092401d00bd Mon Sep 17 00:00:00 2001 From: Tasia Iso Date: Thu, 3 Oct 2024 21:36:16 +0200 Subject: [PATCH] split config into files, update tasiaiso --- flake.lock | 8 +-- hosts/vulpecula/configuration.nix | 98 +------------------------------ hosts/vulpecula/forgejo.nix | 60 +++++++++++++++++++ hosts/vulpecula/grafana.nix | 41 +++++++++++++ hosts/vulpecula/tasiaiso.nix | 7 +++ 5 files changed, 115 insertions(+), 99 deletions(-) create mode 100644 hosts/vulpecula/forgejo.nix create mode 100644 hosts/vulpecula/grafana.nix create mode 100644 hosts/vulpecula/tasiaiso.nix diff --git a/flake.lock b/flake.lock index 57802dd..d597059 100644 --- a/flake.lock +++ b/flake.lock @@ -318,11 +318,11 @@ ] }, "locked": { - "lastModified": 1727959305, - "narHash": "sha256-j+7pLGrjMIAuCvuyoS9aNESmXpwHniZV0mr0wAsZJfM=", + "lastModified": 1727984096, + "narHash": "sha256-/nOhETgFkoP+qRG4M0FtKQHaJW5v/+p36Zgb+tTC1xA=", "ref": "refs/heads/main", - "rev": "faed0287bbbb2914bbd54ef835caa17469dec469", - "revCount": 66, + "rev": "b8df28ab6e3f7d7045b81c0cd8bc17d0611a7cec", + "revCount": 68, "type": "git", "url": "https://git.vulpecula.zone/tasiaiso/tasiaiso.vulpecula.zone" }, diff --git a/hosts/vulpecula/configuration.nix b/hosts/vulpecula/configuration.nix index 787d2bb..2f0e7cd 100644 --- a/hosts/vulpecula/configuration.nix +++ b/hosts/vulpecula/configuration.nix @@ -9,6 +9,9 @@ in { imports = [ ./hardware-configuration.nix ../../common/base.nix + + ./forgejo.nix + ./grafana.nix ]; networking = { @@ -56,16 +59,6 @@ in { enableACME = true; root = inputs.vulpecula-zone.packages.x86_64-linux.default; }; - virtualHosts."tasiaiso.vulpecula.zone" = { - addSSL = true; - enableACME = true; - root = inputs.tasiaiso-vulpecula-zone.packages.x86_64-linux.default; - }; - virtualHosts."git.vulpecula.zone" = { - addSSL = true; - enableACME = true; - locations."/".proxyPass = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}"; - }; }; # change when ppl can make their own website @@ -74,91 +67,6 @@ in { defaults.email = "tasiaiso@proton.me"; }; - services.forgejo = { - enable = true; - database.type = "postgres"; - # Enable support for Git Large File Storage - lfs.enable = true; - settings = { - server = { - DOMAIN = "git.vulpecula.zone"; - # You need to specify this to remove the port from URLs in the web UI. - ROOT_URL = "https://git.vulpecula.zone/"; - HTTP_PORT = 62101; - }; - # You can temporarily allow registration to create an admin user. - service.DISABLE_REGISTRATION = true; - # Add support for actions, based on act: https://github.com/nektos/act - # actions = { - # ENABLED = true; - # DEFAULT_ACTIONS_URL = "github"; - # }; - # Sending emails is completely optional - # You can send a test email from the web UI at: - # Profile Picture > Site Administration > Configuration > Mailer Configuration - # mailer = { - # ENABLED = true; - # SMTP_ADDR = "mail.example.com"; - # FROM = "noreply@${srv.DOMAIN}"; - # USER = "noreply@${srv.DOMAIN}"; - # }; - }; - # mailerPasswordFile = config.age.secrets.forgejo-mailer-password.path; - }; - - # services.gitea-actions-runner = { - # package = pkgs.forgejo-actions-runner; - # instances.default = { - # enable = true; - # name = "monolith"; - # url = "https://git.vulpecula.zone"; - # # Obtaining the path to the runner token file may differ - # tokenFile = config.age.secrets.forgejo-runner-token.path; - # labels = [ - # "ubuntu-latest:docker://node:16-bullseye" - # "ubuntu-22.04:docker://node:16-bullseye" - # "ubuntu-20.04:docker://node:16-bullseye" - # "ubuntu-18.04:docker://node:16-buster" - # ## optionally provide native execution on the host: - # # "native:host" - # ]; - # }; - # }; - - services.grafana = { - enable = false; - settings.server = { - domain = "grafana.vulpecula.zone"; - http_port = 62102; - http_addr = "0.0.0.0"; - }; - }; - - services.prometheus = { - enable = false; - port = 62103; - retentionTime = "60d"; - - exporters = { - node = { - enable = false; - enabledCollectors = ["systemd"]; - port = 62104; - }; - }; - - scrapeConfigs = [ - { - job_name = "vulpecula"; - static_configs = [ - { - targets = ["127.0.0.1:${toString config.services.prometheus.exporters.node.port}"]; - } - ]; - } - ]; - }; - boot.tmp.cleanOnBoot = true; zramSwap.enable = true; networking.domain = ""; diff --git a/hosts/vulpecula/forgejo.nix b/hosts/vulpecula/forgejo.nix new file mode 100644 index 0000000..f145e46 --- /dev/null +++ b/hosts/vulpecula/forgejo.nix @@ -0,0 +1,60 @@ +{config,...}: { + services.nginx.virtualHosts."git.vulpecula.zone" = { + addSSL = true; + enableACME = true; + locations."/".proxyPass = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}"; + }; + + services.forgejo = { + enable = true; + database.type = "postgres"; + # Enable support for Git Large File Storage + lfs.enable = true; + settings = { + server = { + DOMAIN = "git.vulpecula.zone"; + # You need to specify this to remove the port from URLs in the web UI. + ROOT_URL = "https://git.vulpecula.zone/"; + HTTP_PORT = 62101; + # TODO + DISABLE_SSH = true; + }; + # You can temporarily allow registration to create an admin user. + service.DISABLE_REGISTRATION = true; + # Add support for actions, based on act: https://github.com/nektos/act + # actions = { + # ENABLED = true; + # DEFAULT_ACTIONS_URL = "github"; + # }; + # Sending emails is completely optional + # You can send a test email from the web UI at: + # Profile Picture > Site Administration > Configuration > Mailer Configuration + # mailer = { + # ENABLED = true; + # SMTP_ADDR = "mail.example.com"; + # FROM = "noreply@${srv.DOMAIN}"; + # USER = "noreply@${srv.DOMAIN}"; + # }; + }; + # mailerPasswordFile = config.age.secrets.forgejo-mailer-password.path; + }; + + # services.gitea-actions-runner = { + # package = pkgs.forgejo-actions-runner; + # instances.default = { + # enable = true; + # name = "monolith"; + # url = "https://git.vulpecula.zone"; + # # Obtaining the path to the runner token file may differ + # tokenFile = config.age.secrets.forgejo-runner-token.path; + # labels = [ + # "ubuntu-latest:docker://node:16-bullseye" + # "ubuntu-22.04:docker://node:16-bullseye" + # "ubuntu-20.04:docker://node:16-bullseye" + # "ubuntu-18.04:docker://node:16-buster" + # ## optionally provide native execution on the host: + # # "native:host" + # ]; + # }; + # }; +} diff --git a/hosts/vulpecula/grafana.nix b/hosts/vulpecula/grafana.nix new file mode 100644 index 0000000..9a7d87d --- /dev/null +++ b/hosts/vulpecula/grafana.nix @@ -0,0 +1,41 @@ +{config, ...}: { + services.nginx.virtualHosts."grafana.vulpecula.zone" = { + addSSL = true; + enableACME = true; + locations."/".proxyPass = "http://localhost:${toString config.services.grafana.settings.server.http_port}"; + }; + + services.grafana = { + enable = false; + settings.server = { + domain = "grafana.vulpecula.zone"; + http_port = 62102; + http_addr = "0.0.0.0"; + }; + }; + + services.prometheus = { + enable = false; + port = 62103; + retentionTime = "60d"; + + exporters = { + node = { + enable = false; + enabledCollectors = ["systemd"]; + port = 62104; + }; + }; + + scrapeConfigs = [ + { + job_name = "vulpecula"; + static_configs = [ + { + targets = ["127.0.0.1:${toString config.services.prometheus.exporters.node.port}"]; + } + ]; + } + ]; + }; +} diff --git a/hosts/vulpecula/tasiaiso.nix b/hosts/vulpecula/tasiaiso.nix new file mode 100644 index 0000000..d77ac16 --- /dev/null +++ b/hosts/vulpecula/tasiaiso.nix @@ -0,0 +1,7 @@ +{...}: { + services.nginx.virtualHosts."tasiaiso.vulpecula.zone" = { + addSSL = true; + enableACME = true; + root = inputs.tasiaiso-vulpecula-zone.packages.x86_64-linux.default; + }; +}