diff options
Diffstat (limited to 'hosts')
-rw-r--r-- | hosts/navi/default.nix | 12 | ||||
-rw-r--r-- | hosts/vps/default.nix | 16 | ||||
-rw-r--r-- | hosts/vps/services/cytube.nix | 140 | ||||
-rw-r--r-- | hosts/vps/services/hydrus.nix | 1 | ||||
-rw-r--r-- | hosts/vps/services/matrix.nix | 6 | ||||
-rw-r--r-- | hosts/vps/services/website.nix | 78 |
6 files changed, 202 insertions, 51 deletions
diff --git a/hosts/navi/default.nix b/hosts/navi/default.nix index cdc49cb..4f722d9 100644 --- a/hosts/navi/default.nix +++ b/hosts/navi/default.nix @@ -123,11 +123,11 @@ home-manager.users.tzlil = { services.gnome-keyring = { - enable = true; # for nheko - components = ["secrets"]; + enable = true; # for nheko + components = ["secrets"]; }; home.packages = [ - pkgs.nheko + pkgs.nheko pkgs.keepassxc pkgs.gtkcord4 pkgs.cmst @@ -296,12 +296,12 @@ virtualisation.docker.enable = true; virtualisation.docker.storageDriver = "btrfs"; - + # rtl sdr hardware.rtl-sdr.enable = true; - users.users.tzlil.extraGroups = [ "plugdev" ]; + users.users.tzlil.extraGroups = ["plugdev"]; - services.udev.packages = [ pkgs.usb-blaster-udev-rules ]; + services.udev.packages = [pkgs.usb-blaster-udev-rules]; # pragmata # home-manager.users.tzlil.home.packages = [ diff --git a/hosts/vps/default.nix b/hosts/vps/default.nix index 7cd5f6c..d55a62e 100644 --- a/hosts/vps/default.nix +++ b/hosts/vps/default.nix @@ -10,10 +10,11 @@ ../../mixins/cli.nix ./services/website.nix ./services/git.nix - ./services/hydrus.nix + # ./services/hydrus.nix ./services/matrix.nix ./services/maloja.nix ./services/arXiv.nix + ./services/cytube.nix ]; config = { @@ -66,10 +67,21 @@ openFirewall = true; }; services.factorio = { - enable = true; + enable = false; openFirewall = true; game-password = "???"; requireUserVerification = false; }; + security.lockKernelModules = lib.mkForce false; + virtualisation.podman = { + enable = true; + autoPrune.enable = true; + dockerCompat = true; + defaultNetwork.settings = { + # Required for container networking to be able to use names. + dns_enabled = true; + }; + }; + virtualisation.oci-containers.backend = "podman"; }; } diff --git a/hosts/vps/services/cytube.nix b/hosts/vps/services/cytube.nix new file mode 100644 index 0000000..deb0058 --- /dev/null +++ b/hosts/vps/services/cytube.nix @@ -0,0 +1,140 @@ +{ + pkgs, + config, + lib, + system, + ... +}: { + config = let + dir = "/var/lib/cytube"; + yamlConfig = + pkgs.writeText "config.yaml" + (lib.generators.toYAML {} { + mysql = { + server = "localhost"; + port = 3306; + database = "cytube"; + user = "cytube"; + password = ""; + pool-size = 10; + }; + listen = [ + { + ip = ""; + port = 8080; + http = true; + } + { + ip = ""; + port = 8081; + io = true; + url = "https://tube.tzlil.net"; + } + ]; + http = { + default-port = 8080; + root-domain = "tube.tzlil.net"; + alt-domains = []; + minify = false; + max-age = "7d"; + gzip = true; + gzip-threshold = 1024; + cookie-secret = "tube.tzlil.net"; + index = { + max-entries = 50; + }; + trust-proxies = ["loopback"]; + }; + https = { + enabled = false; + }; + html-template = { + title = "TZLINC"; + description = "lol"; + }; + io = { + domain = "https://tube.tzlil.net"; + default-port = 8081; + }; + youtube-v3-key = ""; + max-channels-per-user = 1; + max-accounts-per-ip = 5; + ffmpeg = { + enabled = true; + ffprobe-exec = "ffprobe"; + }; + service-socket = { + enabled = false; + }; + }); + in { + services.mysql = { + enable = true; + package = pkgs.mariadb; + ensureDatabases = ["cytube"]; + ensureUsers = [ + { + name = "cytube"; + ensurePermissions = { + "cytube.*" = "ALL PRIVILEGES"; + }; + } + ]; + + settings = { + mysqld = { + bind-address = "127.0.0.1"; + port = "3306"; + }; + }; + }; + + virtualisation.oci-containers.containers.cytube = { + ports = [ + "8080:8080" + "8081:8081" + ]; + image = "cytube"; + + imageFile = pkgs.dockerTools.buildImage { + name = "cytube"; + tag = "latest"; + fromImage = pkgs.dockerTools.pullImage { + imageName = "kittysh/cytube"; + imageDigest = "sha256:77e6051c0fe4ce486375f53d80a5cb9a18e289db9cc8ba28e142287b53730455"; + sha256 = "072gyx9s4nnq2i8h5b3n3vrcl5h7wigq9fzbf6y11n945km1ds2r"; + finalImageName = "kittysh/cytube"; + finalImageTag = "latest"; + }; + + copyToRoot = pkgs.buildEnv { + name = "image-root"; + paths = [pkgs.ffmpeg]; + pathsToLink = ["/bin"]; + }; + config.Cmd = ["node" "index.js"]; + }; + + workdir = "/home/syncuser/sync"; + extraOptions = ["--mount=type=bind,source=${yamlConfig},target=/home/syncuser/sync/config.yaml" "--network=host"]; + }; + + environment.persistence."/nix/persist".directories = [ + { + directory = "${config.services.mysql.dataDir}"; + user = "${config.services.mysql.user}"; + group = "${config.services.mysql.group}"; + } + ]; + + services.caddy = { + virtualHosts."tube.tzlil.net".extraConfig = '' + bind 0.0.0.0 + handle /socket.io/* { + reverse_proxy :8081 + } + reverse_proxy :8080 + ''; + }; + }; +} diff --git a/hosts/vps/services/hydrus.nix b/hosts/vps/services/hydrus.nix index c967fbc..1c5f30c 100644 --- a/hosts/vps/services/hydrus.nix +++ b/hosts/vps/services/hydrus.nix @@ -41,7 +41,6 @@ }; }; - security.lockKernelModules = lib.mkForce false; virtualisation.oci-containers.containers.hydrus-web = { ports = ["100.67.217.90:8080:80"]; image = "ghcr.io/floogulinc/hydrus-web:dev"; diff --git a/hosts/vps/services/matrix.nix b/hosts/vps/services/matrix.nix index a56b489..66adaed 100644 --- a/hosts/vps/services/matrix.nix +++ b/hosts/vps/services/matrix.nix @@ -93,9 +93,9 @@ ensureUsers = [ { name = "dendrite"; - ensurePermissions = { - "DATABASE dendrite" = "ALL PRIVILEGES"; - }; + # ensurePermissions = { + # "DATABASE dendrite" = "ALL PRIVILEGES"; + # }; } ]; diff --git a/hosts/vps/services/website.nix b/hosts/vps/services/website.nix index 1cdd33e..8aa51b0 100644 --- a/hosts/vps/services/website.nix +++ b/hosts/vps/services/website.nix @@ -42,46 +42,46 @@ bind 0.0.0.0 handle_path / { try_files ${pkgs.writeText "index.html" '' - <style> - @media (prefers-color-scheme: dark) { - body { background-color: #121212; color: #d4d4d4; } - a { color: #7878ff; } - a:visited { color: #6464fa; } - } - .mail:before { - content: attr(b) "\0040" attr(a); - unicode-bidi: bidi-override; - direction: rtl; - </style> - <pre> - ~?~+=I?~~IIIII++,: .?= .,I=O8OZ.DNNO, ZD7:::=.? ,,:,,I,,:,~+?II?I?II?=+=~+7$ZO - ?==++??==+I???7..:. :II$77?I+ID~NND8.ZMN7~=~I7:,., :?7,.,.~+?I???????,+~7+$ZOZ - 7+===I+~===?I77: ? ,$7$.:.,I?=7NNNINMMMNOI=++ .~==I$7, ..++?I???I+=?.+:O+ZZOZ - ===++I+==?III??I,?, ~I7NN,.. ??ONNNMMMD$777$7I$ZOO$7?....+=????I~=+,:+,O8DNMM - ~=~==7II=+I?II7I,I+,8Z.II8D+=~:.,7$NMMMMMN8$7~. .. :88I. ..?=?++I:~+=.~~~NMMMNN - ~====II?I~+?I?$7I?~8D7+7$ZZNONDN8Z8NMMMMMMNNON:=. :,$.I7 .,+=??I:,=, .:,=DNNMMN - =+?==+==?~+=I?$$I+88D:I$8NMNDDNNNDNNNMMMMMMMMM8I$77=MMDO. :~=+?,,, .~,?8DDD8D - =~=+==I7I=IIIIO$=~OOD=I7ODNNNNMNNDNDNMMMMMMMMNO$O+OZ 78.,.I::++:.. .,::=888OOO - ===I=I?~=?I???$I$?OODZ=7Z8NDONNN7D88MMMMMMMMMMNNNN8DNN~..~:7,,+7?,:,:::+8=Z888OO - ~+===7?=??I????7Z7ZOD8I777$+NNN:OOZOMMMMMMMMMMMMMMNMM+..~=?=O:+?::=+~:~+IDD888OZ - I==II??=I???=::7OI?O88Z=I~,?ZDD,Z$IDMMMMMMMMMMMMMMMM:$$?.~?+=?:,~+?I??==+++I8OOO - ==+++??+=.,~,~:7Z$?7I77$=. $I$8I$7+~8NMMMMMMMMMMMMDDMN$ ,:+?=.~==?II+++=+=?II+OZ - ==+?+I?,=:+?=~~??I++~7$$$= 777Z,$Z$$ONNMMMMMMMMMMMMMM8? .~=?:.==+?I~+?=+=??II?I8 - ?=+?I:=~??II=~~, II?+ 7$7?=?77$?$Z:8NMMMNMMMMMMMMMMMD7 ,,===::~=?II.??++?++III+~ - ??+.I+I=+I+??=~=~ =I+:?7$77?$$$ZI7Z8DM7NMMNMMMMMMMMOI. .,=~~.~~+I?:???==~????II? - I??:==?I++I?~==+=~:.?I7I77$?IZ$ZODDOIDNNNNNMMMMNM8?.:. ,,+=,::~+==II=~,=?+?IIIII - ??I:?=,=+++?II+=:,:, +77777$$777ODDMMNO~DNNNDD8?..::: .,,+~.,::=??????=+?IIIII?I - ????++=~:=?IIIII=~:: ~~+II77$$7$ZO8NMMMND.+: .=7+=~ ,,:?...~II??+??I?+??IIII?I - ??III7II+~:?II7+II?, ~,:,~7777$$$I$8DNMMNO .~I .Z:.,:~: ,+???+=,IIIIII??IIIII - ???I7I:,~=:,+II+=~I??:.,,,.:77777777$ODMM8 .:+ZI. ,~,..~~ :II?==~:?II??IIIIIIIII - No matter where you go, everyone's connected + <style> + @media (prefers-color-scheme: dark) { + body { background-color: #121212; color: #d4d4d4; } + a { color: #7878ff; } + a:visited { color: #6464fa; } + } + .mail:before { + content: attr(b) "\0040" attr(a); + unicode-bidi: bidi-override; + direction: rtl; + </style> + <pre> + ~?~+=I?~~IIIII++,: .?= .,I=O8OZ.DNNO, ZD7:::=.? ,,:,,I,,:,~+?II?I?II?=+=~+7$ZO + ?==++??==+I???7..:. :II$77?I+ID~NND8.ZMN7~=~I7:,., :?7,.,.~+?I???????,+~7+$ZOZ + 7+===I+~===?I77: ? ,$7$.:.,I?=7NNNINMMMNOI=++ .~==I$7, ..++?I???I+=?.+:O+ZZOZ + ===++I+==?III??I,?, ~I7NN,.. ??ONNNMMMD$777$7I$ZOO$7?....+=????I~=+,:+,O8DNMM + ~=~==7II=+I?II7I,I+,8Z.II8D+=~:.,7$NMMMMMN8$7~. .. :88I. ..?=?++I:~+=.~~~NMMMNN + ~====II?I~+?I?$7I?~8D7+7$ZZNONDN8Z8NMMMMMMNNON:=. :,$.I7 .,+=??I:,=, .:,=DNNMMN + =+?==+==?~+=I?$$I+88D:I$8NMNDDNNNDNNNMMMMMMMMM8I$77=MMDO. :~=+?,,, .~,?8DDD8D + =~=+==I7I=IIIIO$=~OOD=I7ODNNNNMNNDNDNMMMMMMMMNO$O+OZ 78.,.I::++:.. .,::=888OOO + ===I=I?~=?I???$I$?OODZ=7Z8NDONNN7D88MMMMMMMMMMNNNN8DNN~..~:7,,+7?,:,:::+8=Z888OO + ~+===7?=??I????7Z7ZOD8I777$+NNN:OOZOMMMMMMMMMMMMMMNMM+..~=?=O:+?::=+~:~+IDD888OZ + I==II??=I???=::7OI?O88Z=I~,?ZDD,Z$IDMMMMMMMMMMMMMMMM:$$?.~?+=?:,~+?I??==+++I8OOO + ==+++??+=.,~,~:7Z$?7I77$=. $I$8I$7+~8NMMMMMMMMMMMMDDMN$ ,:+?=.~==?II+++=+=?II+OZ + ==+?+I?,=:+?=~~??I++~7$$$= 777Z,$Z$$ONNMMMMMMMMMMMMMM8? .~=?:.==+?I~+?=+=??II?I8 + ?=+?I:=~??II=~~, II?+ 7$7?=?77$?$Z:8NMMMNMMMMMMMMMMMD7 ,,===::~=?II.??++?++III+~ + ??+.I+I=+I+??=~=~ =I+:?7$77?$$$ZI7Z8DM7NMMNMMMMMMMMOI. .,=~~.~~+I?:???==~????II? + I??:==?I++I?~==+=~:.?I7I77$?IZ$ZODDOIDNNNNNMMMMNM8?.:. ,,+=,::~+==II=~,=?+?IIIII + ??I:?=,=+++?II+=:,:, +77777$$777ODDMMNO~DNNNDD8?..::: .,,+~.,::=??????=+?IIIII?I + ????++=~:=?IIIII=~:: ~~+II77$$7$ZO8NMMMND.+: .=7+=~ ,,:?...~II??+??I?+??IIII?I + ??III7II+~:?II7+II?, ~,:,~7777$$$I$8DNMMNO .~I .Z:.,:~: ,+???+=,IIIIII??IIIII + ???I7I:,~=:,+II+=~I??:.,,,.:77777777$ODMM8 .:+ZI. ,~,..~~ :II?==~:?II??IIIIIIIII + No matter where you go, everyone's connected - <a href="https://fm.tzlil.net">fm.tzlil.net</a> music - <a href="https://git.tzlil.net">git.tzlil.net</a> code - <a href="/arXiv">arXiv randomizer</a> - matrix @tzlil:tzlil.net - email tzlils protonmail com - </pre> + <a href="https://fm.tzlil.net">fm.tzlil.net</a> music + <a href="https://git.tzlil.net">git.tzlil.net</a> code + <a href="/arXiv">arXiv randomizer</a> + matrix @tzlil:tzlil.net + email tzlils protonmail com + </pre> ''} / file_server } |