age; refactor (un peu) wiki; misc
This commit is contained in:
parent
87545d9e8b
commit
9680562642
7 changed files with 22 additions and 7 deletions
|
@ -10,7 +10,7 @@
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
./physical.nix
|
./physical.nix
|
||||||
../../profiles/core-hackens
|
../../profiles/core-hackens
|
||||||
./wiki.nix
|
./wiki
|
||||||
./webpass.nix
|
./webpass.nix
|
||||||
./mosquitto.nix
|
./mosquitto.nix
|
||||||
./monitoring
|
./monitoring
|
||||||
|
|
|
@ -6,8 +6,8 @@ let
|
||||||
]);
|
]);
|
||||||
script = pkgs.fetchgit {
|
script = pkgs.fetchgit {
|
||||||
url = "https://git.eleves.ens.fr/hackens/kfet2mqtt.git";
|
url = "https://git.eleves.ens.fr/hackens/kfet2mqtt.git";
|
||||||
rev = "30d948dc2f7b4a0b440445ef578b6ed718a53273";
|
rev = "4a9ca954fd4405ccbabdb0793f1a2f76c7561a8e";
|
||||||
sha256 = "0d93jc0cwx1a8rhq9m0lwzqp53jsffr9qyswdkwydji14f3kwd4d";
|
sha256 = "1g4gv2mc0kd108yw8y6gbskg8zhnrlwdnza8mhii2n8jidh63485";
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
|
@ -5,7 +5,7 @@ in
|
||||||
{
|
{
|
||||||
services.mosquitto = {
|
services.mosquitto = {
|
||||||
enable = true;
|
enable = true;
|
||||||
logType = [ "all" ];
|
#logType = [ "all" ];
|
||||||
listeners = [
|
listeners = [
|
||||||
{
|
{
|
||||||
address = "0.0.0.0";
|
address = "0.0.0.0";
|
||||||
|
|
|
@ -1,18 +1,20 @@
|
||||||
{ pkgs, config, ... }:
|
{ pkgs, config, ... }:
|
||||||
let
|
let
|
||||||
hostname = "new.hackens.org"; #config.my.subZone;
|
hostname = "new.hackens.org";
|
||||||
debug = false; #config.my.debug;
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
modules/custom-dokuwiki.nix
|
../modules/custom-dokuwiki.nix
|
||||||
];
|
];
|
||||||
disabledModules = [ "services/web-apps/dokuwiki.nix" ];
|
disabledModules = [ "services/web-apps/dokuwiki.nix" ];
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
|
|
||||||
services.nginx.virtualHosts."${hostname}" = {
|
services.nginx.virtualHosts."${hostname}" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.dokuwiki.sites."${hostname}" = {
|
services.dokuwiki.sites."${hostname}" = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
1
pubkeys/hackens-host.keys
Normal file
1
pubkeys/hackens-host.keys
Normal file
|
@ -0,0 +1 @@
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3EvmAE38YNp2pNfGbyyywInEDBpTz4yseOAqmnZS1m
|
5
secrets/default.nix
Normal file
5
secrets/default.nix
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
imports = [ <agenix/modules/age.nix> ];
|
||||||
|
age.secrets."wikiOpenID".file = ./wiki-openID.age
|
||||||
|
}
|
7
secrets/secrets.nix
Normal file
7
secrets/secrets.nix
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
let
|
||||||
|
lib = (import <nixpkgs> {}).lib;
|
||||||
|
readPubkeys = user: builtins.filter (k: k != "") (lib.splitString "\n" (builtins.readFile (./pubkeys + "/${user}.keys")));
|
||||||
|
in
|
||||||
|
{
|
||||||
|
"wiki-openID.age".publicKeys = (readPubkeys "sinavir") ++ (readPubkeys "hackens-host") ++ (readPubkeys "raito") ++ (readPubkeys "gdd") ++ (readPubkeys "backslash");
|
||||||
|
}
|
Loading…
Reference in a new issue