From 21f1f79c2fc136230d1355a3d339c5d3a4d339d6 Mon Sep 17 00:00:00 2001 From: Tyler Starr Date: Sun, 31 Dec 2023 17:23:47 -0800 Subject: [PATCH 1/2] fix insecure package warning --- provision/flake.nix | 1 - provision/hosts/bulwark/configuration.nix | 1 + provision/hosts/kestrel/configuration.nix | 1 + provision/hosts/torus/configuration.nix | 1 + provision/modules/devel/notes.nix | 3 --- 5 files changed, 3 insertions(+), 4 deletions(-) diff --git a/provision/flake.nix b/provision/flake.nix index d82a89f2..5666dfb8 100644 --- a/provision/flake.nix +++ b/provision/flake.nix @@ -19,7 +19,6 @@ system = "x86_64-linux"; pkgs = import nixpkgs { inherit system; - config.allowUnfree = true; }; lib = nixpkgs.lib; user = "tstarr"; diff --git a/provision/hosts/bulwark/configuration.nix b/provision/hosts/bulwark/configuration.nix index ed3c6910..7bbc6e13 100644 --- a/provision/hosts/bulwark/configuration.nix +++ b/provision/hosts/bulwark/configuration.nix @@ -19,6 +19,7 @@ # Add non-free packages nixpkgs.config.allowUnfree = true; + nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" "openssl-1.1.1w" ]; nixpkgs.overlays = import ../../lib/overlays.nix; # Hardware options diff --git a/provision/hosts/kestrel/configuration.nix b/provision/hosts/kestrel/configuration.nix index b4f789ae..df9050a5 100644 --- a/provision/hosts/kestrel/configuration.nix +++ b/provision/hosts/kestrel/configuration.nix @@ -18,6 +18,7 @@ # Add non-free packages nixpkgs.config.allowUnfree = true; + nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" "openssl-1.1.1w" ]; nixpkgs.overlays = import ../../lib/overlays.nix; # Use zen kernel diff --git a/provision/hosts/torus/configuration.nix b/provision/hosts/torus/configuration.nix index caefd0db..6bde7b14 100644 --- a/provision/hosts/torus/configuration.nix +++ b/provision/hosts/torus/configuration.nix @@ -25,6 +25,7 @@ # Add non-free packages nixpkgs.config.allowUnfree = true; + nixpkgs.config.permittedInsecurePackages = [ "openssl-1.1.1w" ]; nixpkgs.overlays = import ../../lib/overlays.nix; # Use normal kernel diff --git a/provision/modules/devel/notes.nix b/provision/modules/devel/notes.nix index ff7bfcf7..00fe8e1e 100644 --- a/provision/modules/devel/notes.nix +++ b/provision/modules/devel/notes.nix @@ -5,9 +5,6 @@ let in { options.modules.devel.notes.enable = lib.mkEnableOption "notes"; config = lib.mkIf cfg.enable { - nixpkgs.config.permittedInsecurePackages = [ - "electron-25.9.0" - ]; environment.systemPackages = with pkgs; [ pandoc gollum From a4dff1bd626d00d0dd6fc56e3ca3e84df23052ac Mon Sep 17 00:00:00 2001 From: Tyler Starr Date: Mon, 1 Jan 2024 00:13:30 -0800 Subject: [PATCH 2/2] initial gitea setup on torus --- provision/hosts/torus/configuration.nix | 4 ++++ provision/hosts/torus/gitea.nix | 22 ++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 provision/hosts/torus/gitea.nix diff --git a/provision/hosts/torus/configuration.nix b/provision/hosts/torus/configuration.nix index 6bde7b14..4fa101a2 100644 --- a/provision/hosts/torus/configuration.nix +++ b/provision/hosts/torus/configuration.nix @@ -9,6 +9,7 @@ ./share.nix ./rss.nix ./home-assistant + ./gitea.nix ]; nix = { @@ -122,6 +123,9 @@ "media.tstarr.us" = (SSL // { locations."/".proxyPass = "http://localhost:8096/"; }); + "git.tstarr.us" = (SSL // { + locations."/".proxyPass = "http://localhost:3001/"; + }); "vault.tstarr.us" = (SSL // { locations."/".proxyPass = "http://localhost:5000/"; extraConfig = '' diff --git a/provision/hosts/torus/gitea.nix b/provision/hosts/torus/gitea.nix new file mode 100644 index 00000000..79e5a5e4 --- /dev/null +++ b/provision/hosts/torus/gitea.nix @@ -0,0 +1,22 @@ +{ config, lib, pkgs, user, ... }: +{ + services.gitea = { + enable = true; + lfs.enable = true; + dump = { + enable = true; + interval = "23:05"; + }; + settings.service = { + DISABLE_REGISTRATION = true; + }; + settings.server = { + DOMAIN = "git.tstarr.us"; + HTTP_PORT = 3001; + ROOT_URL = "https://git.tstarr.us"; + }; + #settings.actions = { + # ENABLED = true; + #}; + }; +}