archive/server_config
Archived
1
0
Fork 0
Code Issues 1 Pull requests Packages Projects Releases Wiki Activity

Compare commits

merge into: archive:authentik
Branches Tags
archive:master
archive:trilium
archive:authentik
archive:authelia
...
pull from: archive:master
Branches Tags
archive:master
archive:trilium
archive:authentik
archive:authelia
This repository has been archived on 2024-11-21. You can view files and clone it, but cannot push or open issues or pull requests.

19 commits
authentik ... master

Author SHA1 Message Date
Fabian Montero b9a00a51e1
add firefly 2024-11-17 00:42:45 -06:00
Fabian Montero 75fe6138c0
add .txt extension so bps can be opened in browser 2024-11-15 16:06:45 -06:00
Fabian Montero b460ed6e57
update factorio blueprints 2024-11-15 16:03:36 -06:00
Fabian Montero e46d1dfef7
add cdn and factorio_blueprints 2024-10-29 01:25:23 -06:00
Fabian Montero a462a2df0a
flake.lock: Update 
Flake lock file updates:

• Updated input 'homepage':
    'git+https://git.posixlycorrect.com/fabian/homepage.git?ref=master&rev=d26219c00d1f6070b85278c5efb3cd44ce6cc4eb' (2024-09-19)
  → 'git+https://git.posixlycorrect.com/fabian/homepage.git?ref=master&rev=c5ba6530fb371d09faf933a08efb288b037705f8' (2024-09-19)
 2024-09-18 20:59:41 -06:00
Fabian Montero 7fb0835247
flake.lock: Update 
Flake lock file updates:

• Updated input 'homepage':
    'git+https://git.posixlycorrect.com/fabian/homepage.git?ref=master&rev=a49523cc42d61e0dac0d3dcb01cc1ca3fad7070c' (2024-09-04)
  → 'git+https://git.posixlycorrect.com/fabian/homepage.git?ref=master&rev=d26219c00d1f6070b85278c5efb3cd44ce6cc4eb' (2024-09-19)
 2024-09-18 20:55:05 -06:00
Fabian Montero eda3ab9aab
add index of pki 2024-09-18 20:51:09 -06:00
Fabian Montero 9aa997637f
invalidate_digital_signatures in paperless 2024-09-18 18:03:38 -06:00
Fabian Montero e536c096ce
flake.lock: Update 
Flake lock file updates:

• Updated input 'conduwuit/complement':
    'github:matrix-org/complement/6e4426a9e63233f9821a4d2382bfed145244183f' (2024-07-30)
  → 'github:matrix-org/complement/0d14432e010482ea9e13a6f7c47c1533c0c9d62f' (2024-07-10)
• Updated input 'impermanence':
    'github:nix-community/impermanence/23c1f06316b67cb5dabdfe2973da3785cfe9c34a' (2024-06-22)
  → 'github:nix-community/impermanence/c7f5b394397398c023000cf843986ee2571a1fd7' (2024-08-24)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/12bf09802d77264e441f48e25459c10c93eada2e' (2024-07-29)
  → 'github:nixos/nixpkgs/6e99f2a27d600612004fbd2c3282d614bfee6421' (2024-08-30)
• Updated input 'unstable':
    'github:nixos/nixpkgs/52ec9ac3b12395ad677e8b62106f0b98c1f8569d' (2024-07-28)
  → 'github:nixos/nixpkgs/12228ff1752d7b7624a54e9c1af4b222b3c1073b' (2024-08-31)
• Updated input 'vpsadminos':
    'github:vpsfreecz/vpsadminos/2c8ff8462a6f4aefb7bd2663d6ddbedd9d161f2c' (2024-07-27)
  → 'github:vpsfreecz/vpsadminos/605f2f6c56cb79eb66b2b7d3bec050342d7f43b7' (2024-09-03)
 2024-09-04 14:14:42 -06:00
Fabian Montero bf34e2fe8e
flake.lock: Update 
Flake lock file updates:

• Updated input 'homepage':
    'git+https://git.posixlycorrect.com/fabian/homepage.git?ref=master&rev=4fd192a71d19b79684ae544f4f8470aa777b968d' (2024-08-28)
  → 'git+https://git.posixlycorrect.com/fabian/homepage.git?ref=master&rev=a49523cc42d61e0dac0d3dcb01cc1ca3fad7070c' (2024-09-04)
 2024-09-04 02:20:09 -06:00
Fabian Montero ced4592c1a
add trilium 2024-09-04 02:18:22 -06:00
Fabian Montero 5bd11b2bd4
disable matrix 2024-09-04 01:47:49 -06:00
Fabian Montero 34b1a8e289
make forgejo default theme dark 2024-09-04 00:22:55 -06:00
Fabian Montero c8057ed52c
deactivate authentik 2024-08-28 13:52:35 -06:00
Fabian Montero f14f11be00
flake.lock: Update 
Flake lock file updates:

• Updated input 'homepage':
    'git+https://git.posixlycorrect.com/fabian/homepage.git?ref=master&rev=18b56328eda94579fb4727ba886888f6596f7d0a' (2024-08-23)
  → 'git+https://git.posixlycorrect.com/fabian/homepage.git?ref=master&rev=4fd192a71d19b79684ae544f4f8470aa777b968d' (2024-08-28)
 2024-08-28 12:27:58 -06:00
Fabian Montero 0cafd83313
add paperless 2024-08-28 12:24:17 -06:00
Fabian Montero f8324e96e6
add TemplateStyles extension to mediawiki 2024-08-28 11:32:21 -06:00
Fabian Montero 8ee952b958
add authentik 2024-08-27 19:12:09 -06:00
Fabian Montero 222ce4c296
add mediawiki extensions 2024-08-27 18:35:58 -06:00
18 changed files with 594 additions and 78 deletions
Show stats Expand all files Collapse all files

1
cdn/factorio_blueprints/nauvis_science.txt Normal file
View file

File diff suppressed because one or more lines are too long

1
cdn/factorio_blueprints/red_circuits.txt Normal file
View file

File diff suppressed because one or more lines are too long

328
flake.lock
View file

@ -3,8 +3,8 @@
"attic": { "attic": {
"inputs": { "inputs": {
"crane": "crane", "crane": "crane",
"flake-compat": "flake-compat", "flake-compat": "flake-compat_2",
"flake-utils": "flake-utils", "flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
@ -23,10 +23,53 @@
"type": "github" "type": "github"
} }
}, },
"authentik-nix": {
"inputs": {
"authentik-src": "authentik-src",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"napalm": "napalm",
"nixpkgs": [
"nixpkgs"
],
"poetry2nix": "poetry2nix"
},
"locked": {
"lastModified": 1724362025,
"narHash": "sha256-/fzIU/Hjgksy7A4ji09zK6cH7ATQV5rAEYb/wgBw8x8=",
"owner": "nix-community",
"repo": "authentik-nix",
"rev": "39cf62b92149800dd2a436f8b18acd471c9180dd",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "authentik-nix",
"type": "github"
}
},
"authentik-src": {
"flake": false,
"locked": {
"lastModified": 1724339964,
"narHash": "sha256-QwK/auMLCJEHHtyexFnO+adCq/u0fezHQ90fXW9J4c4=",
"owner": "goauthentik",
"repo": "authentik",
"rev": "8a0b31b9227ca33b96c5448f185419f17090ed38",
"type": "github"
},
"original": {
"owner": "goauthentik",
"ref": "version/2024.6.4",
"repo": "authentik",
"type": "github"
}
},
"cachix": { "cachix": {
"inputs": { "inputs": {
"devenv": "devenv", "devenv": "devenv",
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_4",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"pre-commit-hooks": "pre-commit-hooks" "pre-commit-hooks": "pre-commit-hooks"
}, },
@ -84,11 +127,11 @@
"complement": { "complement": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1722323564, "lastModified": 1720637557,
"narHash": "sha256-6w6/N8walz4Ayc9zu7iySqJRmGFukhkaICLn4dweAcA=", "narHash": "sha256-oZz6nCmFmdJZpC+K1iOG2KkzTI6rlAmndxANPDVU7X0=",
"owner": "matrix-org", "owner": "matrix-org",
"repo": "complement", "repo": "complement",
"rev": "6e4426a9e63233f9821a4d2382bfed145244183f", "rev": "0d14432e010482ea9e13a6f7c47c1533c0c9d62f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -105,8 +148,8 @@
"complement": "complement", "complement": "complement",
"crane": "crane_2", "crane": "crane_2",
"fenix": "fenix", "fenix": "fenix",
"flake-compat": "flake-compat_5", "flake-compat": "flake-compat_6",
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_4",
"liburing": "liburing", "liburing": "liburing",
"nix-filter": "nix-filter", "nix-filter": "nix-filter",
"nixpkgs": [ "nixpkgs": [
@ -218,7 +261,7 @@
], ],
"nix": "nix", "nix": "nix",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"poetry2nix": "poetry2nix", "poetry2nix": "poetry2nix_2",
"pre-commit-hooks": [ "pre-commit-hooks": [
"conduwuit", "conduwuit",
"cachix", "cachix",
@ -268,11 +311,11 @@
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1673956053, "lastModified": 1696426674,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -300,11 +343,11 @@
"flake-compat_3": { "flake-compat_3": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1696426674, "lastModified": 1673956053,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -330,6 +373,22 @@
} }
}, },
"flake-compat_5": { "flake-compat_5": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_6": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1696426674, "lastModified": 1696426674,
@ -346,7 +405,43 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1722555600,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": { "flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": { "locked": {
"lastModified": 1667395993, "lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
@ -361,9 +456,9 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_2": { "flake-utils_3": {
"inputs": { "inputs": {
"systems": "systems" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1689068808, "lastModified": 1689068808,
@ -379,9 +474,9 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_3": { "flake-utils_4": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_4"
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1710146030,
@ -398,9 +493,9 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_4": { "flake-utils_5": {
"inputs": { "inputs": {
"systems": "systems_3" "systems": "systems_5"
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1710146030,
@ -416,9 +511,9 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_5": { "flake-utils_6": {
"inputs": { "inputs": {
"systems": "systems_4" "systems": "systems_6"
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1710146030,
@ -480,15 +575,15 @@
}, },
"homepage": { "homepage": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_5", "flake-utils": "flake-utils_6",
"nixpkgs": "nixpkgs_4" "nixpkgs": "nixpkgs_4"
}, },
"locked": { "locked": {
"lastModified": 1724455559, "lastModified": 1726714659,
"narHash": "sha256-suDqHUBghYgS79MqOOBtxu28MVbiQpbB01JGnvvhN0E=", "narHash": "sha256-DCngitzTqzhGjoykt7npvuGxc9aWDgZq3Pn+S6++5EM=",
"ref": "master", "ref": "master",
"rev": "18b56328eda94579fb4727ba886888f6596f7d0a", "rev": "c5ba6530fb371d09faf933a08efb288b037705f8",
"revCount": 15, "revCount": 21,
"type": "git", "type": "git",
"url": "https://git.posixlycorrect.com/fabian/homepage.git" "url": "https://git.posixlycorrect.com/fabian/homepage.git"
}, },
@ -500,11 +595,11 @@
}, },
"impermanence": { "impermanence": {
"locked": { "locked": {
"lastModified": 1719091691, "lastModified": 1724489415,
"narHash": "sha256-AxaLX5cBEcGtE02PeGsfscSb/fWMnyS7zMWBXQWDKbE=", "narHash": "sha256-ey8vhwY/6XCKoh7fyTn3aIQs7WeYSYtLbYEG87VCzX4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "impermanence", "repo": "impermanence",
"rev": "23c1f06316b67cb5dabdfe2973da3785cfe9c34a", "rev": "c7f5b394397398c023000cf843986ee2571a1fd7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -547,9 +642,34 @@
"type": "github" "type": "github"
} }
}, },
"napalm": {
"inputs": {
"flake-utils": [
"authentik-nix",
"flake-utils"
],
"nixpkgs": [
"authentik-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717929455,
"narHash": "sha256-BiI5xWygriOJuNISnGAeL0KYxrEMnjgpg+7wDskVBhI=",
"owner": "nix-community",
"repo": "napalm",
"rev": "e1babff744cd278b56abe8478008b4a9e23036cf",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "napalm",
"type": "github"
}
},
"nix": { "nix": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_3",
"nixpkgs": [ "nixpkgs": [
"conduwuit", "conduwuit",
"cachix", "cachix",
@ -592,6 +712,28 @@
} }
}, },
"nix-github-actions": { "nix-github-actions": {
"inputs": {
"nixpkgs": [
"authentik-nix",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703863825,
"narHash": "sha256-rXwqjtwiGKJheXB43ybM8NwWB8rO2dSRrEqes0S7F5Y=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "5163432afc817cf8bd1f031418d1869e4c9d5547",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nix-github-actions_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"conduwuit", "conduwuit",
@ -664,6 +806,18 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1722555339,
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
}
},
"nixpkgs-regression": { "nixpkgs-regression": {
"locked": { "locked": {
"lastModified": 1643052045, "lastModified": 1643052045,
@ -775,11 +929,11 @@
}, },
"nixpkgs_5": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1722221733, "lastModified": 1725001927,
"narHash": "sha256-sga9SrrPb+pQJxG1ttJfMPheZvDOxApFfwXCFO0H9xw=", "narHash": "sha256-eV+63gK0Mp7ygCR0Oy4yIYSNcum2VQwnZamHxYTNi+M=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "12bf09802d77264e441f48e25459c10c93eada2e", "rev": "6e99f2a27d600612004fbd2c3282d614bfee6421",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -791,8 +945,36 @@
}, },
"poetry2nix": { "poetry2nix": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": [
"authentik-nix",
"flake-utils"
],
"nix-github-actions": "nix-github-actions", "nix-github-actions": "nix-github-actions",
"nixpkgs": [
"authentik-nix",
"nixpkgs"
],
"systems": "systems_2",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1724208502,
"narHash": "sha256-TCRcEPSfgAw/t7kClmlr23s591N06mQCrhzlAO7cyFw=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "884b66152b0c625b8220b570a31dc7acc36749a3",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"poetry2nix_2": {
"inputs": {
"flake-utils": "flake-utils_3",
"nix-github-actions": "nix-github-actions_2",
"nixpkgs": [ "nixpkgs": [
"conduwuit", "conduwuit",
"cachix", "cachix",
@ -818,7 +1000,7 @@
}, },
"pre-commit-hooks": { "pre-commit-hooks": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_4", "flake-compat": "flake-compat_5",
"gitignore": "gitignore", "gitignore": "gitignore",
"nixpkgs": [ "nixpkgs": [
"conduwuit", "conduwuit",
@ -860,8 +1042,9 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"authentik-nix": "authentik-nix",
"conduwuit": "conduwuit", "conduwuit": "conduwuit",
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_5",
"home-manager": "home-manager", "home-manager": "home-manager",
"homepage": "homepage", "homepage": "homepage",
"impermanence": "impermanence", "impermanence": "impermanence",
@ -913,9 +1096,8 @@
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "id": "systems",
"repo": "default", "type": "indirect"
"type": "github"
} }
}, },
"systems_3": { "systems_3": {
@ -948,13 +1130,65 @@
"type": "github" "type": "github"
} }
}, },
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_6": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"authentik-nix",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1719749022,
"narHash": "sha256-ddPKHcqaKCIFSFc/cvxS14goUhCOAwsM1PbMr0ZtHMg=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "8df5ff62195d4e67e2264df0b7f5e8c9995fd0bd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"unstable": { "unstable": {
"locked": { "locked": {
"lastModified": 1722185531, "lastModified": 1725103162,
"narHash": "sha256-veKR07psFoJjINLC8RK4DiLniGGMgF3QMlS4tb74S6k=", "narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "52ec9ac3b12395ad677e8b62106f0b98c1f8569d", "rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -966,11 +1200,11 @@
}, },
"vpsadminos": { "vpsadminos": {
"locked": { "locked": {
"lastModified": 1722101851, "lastModified": 1725379879,
"narHash": "sha256-fM5Z8Qhk9/AbGYJ4VrJilGlFK9btBEF+ROtbYYJZJ1I=", "narHash": "sha256-RXSlp6OS9BNCio8kKajk4yEpntNc2AyozQeDSQa6f3w=",
"owner": "vpsfreecz", "owner": "vpsfreecz",
"repo": "vpsadminos", "repo": "vpsadminos",
"rev": "2c8ff8462a6f4aefb7bd2663d6ddbedd9d161f2c", "rev": "605f2f6c56cb79eb66b2b7d3bec050342d7f43b7",
"type": "github" "type": "github"
}, },
"original": { "original": {

6
flake.nix
View file

@ -26,6 +26,11 @@
url = "github:StarCitizenTools/mediawiki-skins-Citizen/v2.27.0"; url = "github:StarCitizenTools/mediawiki-skins-Citizen/v2.27.0";
flake = false; flake = false;
}; };
authentik-nix = {
url = "github:nix-community/authentik-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = flakes @ { outputs = flakes @ {
@ -39,6 +44,7 @@
homepage, homepage,
conduwuit, conduwuit,
mediawikiSkinCitizen, mediawikiSkinCitizen,
authentik-nix,
}: let }: let
system = "x86_64-linux"; system = "x86_64-linux";

0
pki/fabian.pub → pki/fabian.ssh
View file

25
pki/fabian_primary.gpg Normal file
View file

@ -0,0 +1,25 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZHlROBYJKwYBBAHaRw8BAQdAhzA1JCghQ6KoHOuf6JPQhEmchHLVXFVye4I2
pRUOUMO0KkZhYmlhbiBNb250ZXJvIDxmYWJpYW5AcG9zaXhseWNvcnJlY3QuY29t
PoiUBBMWCgA8FiEEeqJ35gSkFzkWu7TpH/rDXheYF08FAmR5UTgCGwMFCQlmAYAE
CwkIBwQVCgkIBRYCAwEAAh4FAheAAAoJEB/6w14XmBdPP2EA/i9ugFxpIFF6oOQs
clMfr+sNj6Il0OUTJK0dqpp4mGorAP0awa6nfhU8T1Ju7UWr6cfSmnL4bM6M/4Z3
D+AF/L5PBokCMwQQAQoAHRYhBOd6gIv5qVXWaO7qZHP6nJy18CSbBQJkeVKDAAoJ
EHP6nJy18CSbzTkP/Reio0ObRrRW+QSw62ZXrUG0mFcNeeoM9amldCToFRyGnSDu
wtZ9nqwLiTJ01VPBOsEZLsl4VonO3rdadqnMTZ3XqKK9VHBl6UNot3DQ8INDAcko
GW1zvEdxNkpMxhtAja0JkcBdG7+zxc2aEGeKfEna2qDXA+xtYw5+pssOWYMip7hm
jQ2NzYMYav2KYRBC7eXTkAIIIJi/l9pR1IwHtY3a0gfbkQymgCyt5wVG6LneYFIR
+ycNVCObwyP8gFASdId0bWnA23rkilc9ZBOCps/cGfDLM+KQ+sLAWBFBQyQeEjcv
tU+pLXncAEvWy/SFmprVSLDQMMooFaEJMZChojGcCkwAPG1twsihqIA3E44Q3/+G
K0gZN57jGMnfvuQiuLuttOMdu27KwEu++t3YUt0P6S4kARpx51zZJ7A2Yj2u22aM
7EL8qq6KTNdNoS7FgwQkrWbokdDZIl0HV+5TeMQfylPqOPhuFK/1A9qztqknBPVY
QUx2t6FZUgH9sT7uD+5gXxyeqmEIFo2i6D8G/4TEPbKtWivJfeOqDEBn4QEY2nvE
zgJLLU5XCv9xPz5rizRCa+h+kg+i4mH6fLCBCCAPXsbAAo0gUlGJvX4slPh7uPOa
T2r7A/7uezResBzP/L/vostlmjO5c8cOl9Wc6D1kRZq17/AjMUgy6+KR3iVnuDgE
ZHlROBIKKwYBBAGXVQEFAQEHQPRbCS2p8xpt3fRxfyRnDOdH9pULY4NtGmZUS0ve
ZGkTAwEIB4h+BBgWCgAmFiEEeqJ35gSkFzkWu7TpH/rDXheYF08FAmR5UTgCGwwF
CQlmAYAACgkQH/rDXheYF0/65AD+LtDeedCYv9zs+1Ia3DvejVZM256WEH+dRH5h
Pm3RzQ8A/2+bXRnfsgGqacj/kKEL3spuos95ngRNRkrQ39nc1koP
=PAxr
-----END PGP PUBLIC KEY BLOCK-----

19
pki/fabian_yubikey.gpg Normal file
View file

@ -0,0 +1,19 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZukhMBYJKwYBBAHaRw8BAQdAC/Gy2p7RPFw3k+ROFnKpJvCVqQb+BUYboE2u
CP1kz/C0KkZhYmlhbiBNb250ZXJvIDxmYWJpYW5AcG9zaXhseWNvcnJlY3QuY29t
PoiTBBMWCgA7FiEEcgbY7iR0898Y6odvDsFpH/jBqB8FAmbpITACGwMFCwkIBwIC
IgIGFQoJCAsCBBYCAwECHgcCF4AACgkQDsFpH/jBqB+oGwEAhmegCZJAt8Opv/9+
HBbL51f2035qymHPgkV/SyFM1GEBAOVQY6A5U+NrLNiaQTN5Z7jcfQuBobzk4ksn
RzROhTcAiHUEEBYKAB0WIQR6onfmBKQXORa7tOkf+sNeF5gXTwUCZutnFQAKCRAf
+sNeF5gXT1juAQDsH/lDorfMdWxuP87eV9OP8jQvibuTuZ9n2jUllXsLcQEA5gDJ
05NW5Tw2g9mvlrocWr7N2/PC5UvFct4akwDXtA+4MwRm6SEwFgkrBgEEAdpHDwEB
B0AHSmncE+krtL9ZGe4eq865vjaLiUAVnZQaVObKm11CBYh4BBgWCgAgFiEEcgbY
7iR0898Y6odvDsFpH/jBqB8FAmbpITACGyAACgkQDsFpH/jBqB+hBwD/Y9vAcbPG
CTmZvtgYlZW5Oey5T3hHoANv1THOZwv9G58BALEBZRvDztmYPjRaMyAMonrpc2P0
GPHYLcqCPVbjkaAKuDgEZukhMBIKKwYBBAGXVQEFAQEHQC2+QJcHEJjdZikBYeMj
ks53MjfeawAXU31KtAU60KACAwEIB4h4BBgWCgAgFiEEcgbY7iR0898Y6odvDsFp
H/jBqB8FAmbpITACGwwACgkQDsFpH/jBqB+0TwD+K4IcFstNGLrijlgH2zuQaI+p
8QT8AInjSpGfC4zcMlEBAIVYvdTYw4IXPSQOs0qPyR0nhfGIeoBMeWrAAfoxQ0oB
=wpc0
-----END PGP PUBLIC KEY BLOCK-----

21
pki/gatekeeper_ca.pem
View file

@ -1,21 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIDijCCAnKgAwIBAgIUQCBAoFSQrYx063PnK3XKiOJSpvQwDQYJKoZIhvcNAQEL
BQAwKzEpMCcGA1UEAwwgcG9zaXhseWNvcnJlY3QuY29tIGdhdGVrZWVwZXIgQ0Ew
HhcNMjQwODAyMDcxNzE4WhcNMzQwNzMxMDcxNzE4WjArMSkwJwYDVQQDDCBwb3Np
eGx5Y29ycmVjdC5jb20gZ2F0ZWtlZXBlciBDQTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxjqIpRxIu2yPejUbyMixZACESrbmIGOhhxwUu1ys6aYPOZ
7yQMs5xuJXcgCuD7Oba1eBi+CpLhyvgZlyLrCfxoCzTdAeeXq0EB7YUn8IYEN3dR
e+yds//zkjRzbXAaIbUoAF8XaXgylOSIXLNrh0TTjNscC+TPYvKSbaDhdICOZ1ky
u08w5QdOoi1W8FNJd4LKIKWQZW3dMeNaBbKnt9R4mjL28tE5gP6ZYUvcCIoqYAbE
DSNq29lXsmDzbD914bN5wYoTP3A+k8QG6eYGb10YgaaJ0TBxeLzadVBq7gFylMt3
1LTNmH/v+l73IYfiDV4O3d33cg0VOKqiD48WCnkCAwEAAaOBpTCBojAMBgNVHRME
BTADAQH/MB0GA1UdDgQWBBStVj4YoMTnD+XZ+doBI7Ao17Gg3DBmBgNVHSMEXzBd
gBStVj4YoMTnD+XZ+doBI7Ao17Gg3KEvpC0wKzEpMCcGA1UEAwwgcG9zaXhseWNv
cnJlY3QuY29tIGdhdGVrZWVwZXIgQ0GCFEAgQKBUkK2MdOtz5yt1yojiUqb0MAsG
A1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAZgbpPdkhAbrbA7Y63WI2Bo26
tPVCZpsEKiwpyEbDDC+NVrbOit1kQg/j26RuXLDVg19IfXk407FVFVGYVJNE+kXt
KjyKCGyyZUBQRebCN8kzFsCQ/AJSfzNKQhEK68rchSH66mbjtOtItkdVZRnq0pWI
7WXlTIxK8KTcAx2V/ijyalCENUpwRWfM4Qnkqsi82Dx9e8V0TRCLomW7IQok4dre
F6IolUHw9ZuSC10/T8n8+riqWBWEisBGLz79OrdETdHK9A5gpNHRF+sO9JAhVr/t
exBWTEJ33BeI0NX87d0Pneun4nss5FsLst+Ut7Y0F2QF2Iar1iERUalHVIjCtA==
-----END CERTIFICATE-----

2
sys/default.nix
View file

@ -62,7 +62,7 @@ with lib; {
group = "fabian"; group = "fabian";
shell = pkgs.zsh; shell = pkgs.zsh;
extraGroups = ["users" "wheel" "networkmanager" "dialout" "libvirtd"]; extraGroups = ["users" "wheel" "networkmanager" "dialout" "libvirtd"];
openssh.authorizedKeys.keyFiles = [../pki/fabian.pub]; openssh.authorizedKeys.keyFiles = [../pki/fabian.ssh];
}; };
groups.fabian.gid = 1000; groups.fabian.gid = 1000;
}; };

110
sys/srv/authentik.nix Normal file
View file

@ -0,0 +1,110 @@
{
lib,
pkgs,
flakes,
...
}:
with lib; {
imports = [flakes.authentik-nix.nixosModules.default];
options = {
services.nginx.virtualHosts = mkOption {
type = with lib.types;
attrsOf (
submodule
(
{config, ...}: {
options = {
enableAuthentik = mkOption {
default = false;
type = bool;
};
locations = mkOption {
type = attrsOf (
submodule {
config = mkIf config.enableAuthentik {
extraConfig = ''
auth_request /outpost.goauthentik.io/auth/nginx;
error_page 401 = @goauthentik_proxy_signin;
auth_request_set $auth_cookie $upstream_http_set_cookie;
add_header Set-Cookie $auth_cookie;
# translate headers from the outposts back to the actual upstream
auth_request_set $authentik_username $upstream_http_x_authentik_username;
auth_request_set $authentik_groups $upstream_http_x_authentik_groups;
auth_request_set $authentik_email $upstream_http_x_authentik_email;
auth_request_set $authentik_name $upstream_http_x_authentik_name;
auth_request_set $authentik_uid $upstream_http_x_authentik_uid;
proxy_set_header X-authentik-username $authentik_username;
proxy_set_header X-authentik-groups $authentik_groups;
proxy_set_header X-authentik-email $authentik_email;
proxy_set_header X-authentik-name $authentik_name;
proxy_set_header X-authentik-uid $authentik_uid;
'';
};
}
);
};
};
config = mkIf config.enableAuthentik {
extraConfig = ''
proxy_buffers 8 16k;
proxy_buffer_size 32k;
location /outpost.goauthentik.io {
proxy_pass http://localhost:9000/outpost.goauthentik.io;
# ensure the host of this vserver matches your external URL you've configured
# in authentik
proxy_set_header Host $host;
proxy_redirect http://localhost:9000 https://auth.posixlycorrect.com;
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
add_header Set-Cookie $auth_cookie;
auth_request_set $auth_cookie $upstream_http_set_cookie;
# required for POST requests to work
proxy_pass_request_body off;
proxy_set_header Content-Length "";
}
location @goauthentik_proxy_signin {
internal;
add_header Set-Cookie $auth_cookie;
return 302 /outpost.goauthentik.io/start?rd=$scheme://$http_host$request_uri;
# For domain level, use the below error_page to redirect to your authentik server with the full redirect path
# return 302 https://authentik.company/outpost.goauthentik.io/start?rd=$scheme://$http_host$request_uri;
}
'';
};
}
)
);
};
};
config = {
services = {
authentik = {
enable = true;
environmentFile = "/var/trust/authentik/authentik-env";
nginx = {
enable = true;
enableACME = true;
host = "auth.posixlycorrect.com";
};
settings = {
email = {
host = "smtp.fastmail.com";
port = 587;
username = "fabianmontero@fastmail.com";
use_tls = true;
use_ssl = false;
from = "auth@posixlycorrect.com";
};
disable_startup_analytics = true;
avatars = "initials";
};
};
};
};
}

5
sys/srv/default.nix
View file

@ -10,12 +10,15 @@ with lib; {
./net.nix ./net.nix
./mediawiki.nix ./mediawiki.nix
./jitsi.nix ./jitsi.nix
./matrix.nix # ./matrix.nix currently not being used
./forgejo.nix ./forgejo.nix
./vaultwarden.nix ./vaultwarden.nix
./bepasty.nix ./bepasty.nix
./jellyfin.nix ./jellyfin.nix
./msmtp.nix ./msmtp.nix
./kuma.nix ./kuma.nix
# ./authentik.nix consumes too much RAM and serves no purpose for now
./paperless.nix
./trilium.nix
]; ];
} }

33
sys/srv/firefly.nix Normal file
View file

@ -0,0 +1,33 @@
{
lib,
pkgs,
...
}:
with lib; {
services = {
nginx = {
virtualHosts."firefly.posixlycorrect.com" = {
enableACME = true;
forceSSL = true;
extraConfig = ''
proxy_headers_hash_max_size 512;
proxy_headers_hash_bucket_size 128;
'';
};
};
firefly-iii = {
enable = true;
user = "firefly-iii";
dataDir = "/var/lib/firefly-iii";
enableNginx = true;
virtualHost = "firefly.posixlycorrect.com";
settings = {
SITE_OWNER = "fabian@posixlycorrect.com";
DB_CONNECTION = "sqlite";
APP_ENV = "local";
APP_KEY_FILE = /var/trust/firefly/key_file;
};
};
};
}

1
sys/srv/forgejo.nix
View file

@ -39,6 +39,7 @@ with lib; {
useWizard = false; useWizard = false;
settings = { settings = {
general.APP_NAME = "posixlycorrect"; general.APP_NAME = "posixlycorrect";
ui.DEFAULT_THEME = "forgejo-dark";
server = { server = {
DOMAIN = "git.posixlycorrect.com"; DOMAIN = "git.posixlycorrect.com";
ROOT_URL = "https://git.posixlycorrect.com"; ROOT_URL = "https://git.posixlycorrect.com";

7
sys/srv/jitsi.nix
View file

@ -12,13 +12,6 @@ with lib; {
extraConfig = '' extraConfig = ''
proxy_headers_hash_max_size 512; proxy_headers_hash_max_size 512;
proxy_headers_hash_bucket_size 128; proxy_headers_hash_bucket_size 128;
ssl_verify_depth 1;
ssl_verify_client on;
ssl_client_certificate ${../../pki/gatekeeper_ca.pem};
if ($ssl_client_verify != "SUCCESS") {
return 403;
}
''; '';
}; };
}; };

18
sys/srv/mediawiki.nix
View file

@ -53,6 +53,24 @@ with lib; {
extensions = { extensions = {
# some extensions are included and can enabled by passing null # some extensions are included and can enabled by passing null
VisualEditor = null; VisualEditor = null;
CategoryTree = null;
CiteThisPage = null;
Scribunto = null;
Cite = null;
CodeEditor = null;
Math = null;
MultimediaViewer = null;
PdfHandler = null;
Poem = null;
SecureLinkFixer = null;
WikiEditor = null;
ParserFunctions = null;
TemplateStyles = pkgs.fetchzip {
url = "https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/TemplateStyles/+archive/refs/heads/wmf/1.42.0-wmf.9.tar.gz";
sha256 = "sha256-+EOwkDU8L0qQ4Wo3WDqNug4Pyz/PUhOiHKmNcFJO4G0=";
stripRoot = false;
};
}; };
}; };
}; };

24
sys/srv/net.nix
View file

@ -32,7 +32,29 @@ with lib; {
"posixlycorrect.com" = { "posixlycorrect.com" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
root = "${pkgs.local.homepage}"; locations = {
"/".root = "${pkgs.local.homepage}";
"~ ^/pki(?:/(.*))?$" = { # https://serverfault.com/a/476368
alias = "${../../pki}/$1";
extraConfig = ''
autoindex on;
autoindex_exact_size on;
autoindex_localtime on;
autoindex_format html;
'';
};
"~ ^/factorio_blueprints(?:/(.*))?$" = { # https://serverfault.com/a/476368
alias = "${../../cdn/factorio_blueprints}/$1";
extraConfig = ''
autoindex on;
autoindex_exact_size on;
autoindex_localtime on;
autoindex_format html;
'';
};
};
}; };
}; };
}; };

39
sys/srv/paperless.nix Normal file
View file

@ -0,0 +1,39 @@
{
lib,
pkgs,
...
}:
with lib; {
services = {
nginx = {
virtualHosts."docs.posixlycorrect.com" = {
enableACME = true;
forceSSL = true;
extraConfig = ''
proxy_headers_hash_max_size 512;
proxy_headers_hash_bucket_size 128;
'';
locations."/" = {
proxyPass = "http://127.0.0.1:28981";
};
};
};
paperless = {
enable = true;
user = "paperless";
passwordFile = "/var/trust/paperless/passwordFile";
openMPThreadingWorkaround = true; # see https://github.com/NixOS/nixpkgs/issues/240591
address = "127.0.0.1";
port = 28981;
settings = {
PAPERLESS_URL = "docs.posixlycorrect.com";
PAPERLESS_OCR_LANGUAGE = "eng+spa";
PAPERLESS_APP_TITLE = "posixlycorrect";
PAPERLESS_OCR_USER_ARGS = {
"invalidate_digital_signatures" = true;
};
};
};
};
}

32
sys/srv/trilium.nix Normal file
View file

@ -0,0 +1,32 @@
{
lib,
pkgs,
...
}:
with lib; {
services = {
nginx = {
virtualHosts."notes.posixlycorrect.com" = {
enableACME = true;
forceSSL = true;
extraConfig = ''
proxy_headers_hash_max_size 512;
proxy_headers_hash_bucket_size 128;
'';
};
};
trilium-server = {
enable = true;
host = "127.0.0.1";
port = 8458;
noAuthentication = false;
instanceName = "posixlycorrect";
dataDir = "/var/lib/trilium";
nginx = {
enable = true;
hostName = "notes.posixlycorrect.com";
};
};
};
}