Compare commits

..

No commits in common. "5c6e336e39907c2cb3fa6216a5f94600a6bb9ad3" and "d66927eb669988ca6d3e044e00184fa7f7784bab" have entirely different histories.

8 changed files with 2 additions and 130 deletions

View File

@ -1,7 +1,6 @@
keys: keys:
- &admin_jrpotter age1huyyxsy4g0e5svmcejxvvdjnnk6qkulgd3qfpue59exnfrnqzudspxnn62 - &admin_jrpotter age1huyyxsy4g0e5svmcejxvvdjnnk6qkulgd3qfpue59exnfrnqzudspxnn62
- &server_thebe age1pjgqvdyzxz30rxvu3zysjpmxrjjsvklggfepswhmwdaunx0kg3vsfept24 - &server_thebe age1pjgqvdyzxz30rxvu3zysjpmxrjjsvklggfepswhmwdaunx0kg3vsfept24
- &server_europa age1z0rfzzfll963msxfschxn7m65pz5p8nuz9p3h940mhhfr6uxe5mqpl4dul
creation_rules: creation_rules:
- path_regex: .* - path_regex: .*
key_groups: key_groups:

View File

@ -49,9 +49,6 @@
thebe = { thebe = {
inherit (tapir) sops-nix; inherit (tapir) sops-nix;
}; };
europa = {
inherit (tapir) sops-nix;
};
}; };
}; };
@ -86,14 +83,6 @@
targetHost = "64.23.168.148"; targetHost = "64.23.168.148";
}; };
}; };
europa = {
imports = [ ./hive/europa ];
deployment = {
allowLocalDeployment = false;
targetHost = "147.182.255.90";
};
};
}; };
packages.${system}.digital-ocean = { packages.${system}.digital-ocean = {

View File

@ -1,31 +0,0 @@
{ sops-nix, lib, ... }:
{
imports = lib.optional (builtins.pathExists ./do-userdata.nix) ./do-userdata.nix ++ [
sops-nix.nixosModules.sops
../../digital-ocean/configuration.nix
../../services/reconn
];
networking = {
hostName = "europa";
firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
};
};
programs.mosh.enable = true;
services = {
nginx.enable = true;
openssh.enable = true;
postgresql.enable = true;
};
security.acme = {
acceptTerms = true;
defaults.email = "jrpotter2112@gmail.com";
};
system.stateVersion = "23.11";
}

View File

@ -73,7 +73,6 @@
firefox firefox
gimp gimp
obsidian obsidian
signal-desktop
virt-manager virt-manager
vlc vlc
wezterm wezterm
@ -124,7 +123,6 @@
}; };
}; };
# time.timeZone = "America/Los_Angeles";
time.timeZone = "America/Denver"; time.timeZone = "America/Denver";
# time.timeZone = "America/New_York"; # time.timeZone = "America/New_York";

View File

@ -1,7 +1,7 @@
{ system, ... }: { system, ... }:
let let
notebook = builtins.getFlake notebook = builtins.getFlake
"github:jrpotter/notebook/79b715a64c703279f593cad08775b0d73400a19b"; "github:jrpotter/notebook/4b65764c8973f54b82a0192aef19391fc61e1fef";
in in
{ {
services.nginx.virtualHosts."notebook.jrpotter.com" = { services.nginx.virtualHosts."notebook.jrpotter.com" = {

View File

@ -1,7 +1,7 @@
{ system, ... }: { system, ... }:
let let
portfolio = builtins.getFlake portfolio = builtins.getFlake
"github:jrpotter/portfolio/eca5e764f26faaa64f6966dbf3970b86eaaf2195"; "github:jrpotter/portfolio/357999e784102ba11c52cf1fc9edbfaa8a00912d";
in in
{ {
services.nginx.virtualHosts."www.jrpotter.com" = { services.nginx.virtualHosts."www.jrpotter.com" = {

View File

@ -1,53 +0,0 @@
{ system, pkgs, lib, ... }:
let
reconn-url = "git+https://git.jrpotter.com/r/reconn?rev=fa031b2507c625c54abca36fd3f86fc8338e8777";
reconn = (builtins.getFlake reconn-url).packages.${system}.app;
in
{
services = {
nginx.virtualHosts."www.hideandseek.live" = {
forceSSL = true;
enableACME = true;
serverAliases = [ "hideandseek.live" ];
locations."/" = {
recommendedProxySettings = true;
proxyPass = "http://127.0.0.1:4000";
};
};
postgresql = {
package = (pkgs.postgresql_15.withPackages (pkgs: [ pkgs.postgis ]));
ensureDatabases = [ "reconn" ];
authentication = lib.mkOverride 10 ''
# TYPE DATABASE USER ADDRESS METHOD
local all all trust
host all all 127.0.0.1/32 trust
'';
};
};
systemd.services.reconn = {
enable = true;
description = "Reconn Server";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "postgresql.service" ];
requires = [ "network-online.target" "postgresql.service" ];
environment = {
DATABASE_URL = "ecto://postgres:postgres@localhost/reconn";
};
serviceConfig = {
Type = "exec";
EnvironmentFile = "/run/secrets/RECONN_SECRET_KEY_BASE";
ExecStartPre = "${reconn}/bin/migrate";
ExecStart = "${reconn}/bin/reconn start";
ExecStop = "${reconn}/bin/reconn stop";
ExecReload = "${reconn}/bin/reconn restart";
Restart = "on-failure";
};
};
sops = {
secrets.RECONN_SECRET_KEY_BASE = {
sopsFile = ./secrets.yaml;
};
};
}

View File

@ -1,30 +0,0 @@
RECONN_SECRET_KEY_BASE: ENC[AES256_GCM,data:uJa1Yb9YaoNtm7YH8Sn7lbG+NX2bBc8NAFaybyKRktMMnX3yBcEc8YviPXP/WYSakqq2DpmgJoUe4mciPDW3aadT3ufkDchWFpSvItkndXg=,iv:fkc2nuQrIqOrUiCqx1vK+hWa87yZgsVphSEo+pWv+Ig=,tag:TXUXHo7TdCz75wat8tK5qg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1huyyxsy4g0e5svmcejxvvdjnnk6qkulgd3qfpue59exnfrnqzudspxnn62
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqTEY1UzlkcjVlQzQzVUww
QWtvNnZXY2g5UU84aStUd3JyQnIrUGYzVzIwCmROcWdCNjZ5ZkxVaW5jSS94YTV5
ZWZZaWo0Rms2cldtYkxlV0dZSWhxMWMKLS0tIFZXNG9CKzRzQmtUNjN4UjQvcU1t
U1JmLzdFMTlvQnRFbnd4eVFNSlFsQWsKFxYi7rNAcjWUR5l8leh6e6YtrnpAj14B
KhrPUwiG4fwHMF9kWMEH05nWHQh41Vl43AYt7aEs0IO4uVqhXFghug==
-----END AGE ENCRYPTED FILE-----
- recipient: age1z0rfzzfll963msxfschxn7m65pz5p8nuz9p3h940mhhfr6uxe5mqpl4dul
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXWUJ0bW1sVjlBRVNnaU42
YmdhWEUyeStCalNQdWdybm5GdjV4TWFGYjE0CmViOGY2TlFqVW1iaVBSQ0l3L0d1
N3UzcUNlTkcrMjNUMWRJZHU1V1J0V00KLS0tIE5BdHZVak1oWnlhdy85NXhmQWhs
SEJMWFczYmhqOVkyT3JWYVI5c2I0TkEKyxl9d1C/ONI6TemSTYbyjopS4pDf7fUp
sbS77k1QzGb3EM2rD16WUu9i6mfqaaDboaO2D3Ltf4FVWdXTDQyt0w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-04-12T18:11:00Z"
mac: ENC[AES256_GCM,data:MK4DB60A07e5pjroITCd9RqOOnL1NRpKkQXbLPkHG/JgxR8n3PqzPs25tayBs9qogD/M3kHwLuyEiZdJOvMxqsMGqPYkrN26QVgEy3GFgAP6XfcFmBj+k0J18FNabnZNbiGMhgX+n1uwqxucRC93fcd99CItZC5DDBXbk2zl87o=,iv:apc5SjAS71dtVqGDvnUSe9phJlYG8wobu9luuo2CDOI=,tag:Bap5KTqiLGahbV/1L2YsPg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3