From 8f06712b8b28d77b6ecaa0c9ead12ac602cb89c5 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Thu, 24 Apr 2025 20:36:25 -0500 Subject: [PATCH 1/3] Remove unused/incomplete Karakeep config. --- hosts/hub/apps/karakeep.nix | 23 ----------------------- hosts/hub/apps/peertube.nix | 15 +++++++++++++++ secrets/secrets.nix | 1 + secrets/thewordnerd_peertube.age | 5 +++++ 4 files changed, 21 insertions(+), 23 deletions(-) delete mode 100644 hosts/hub/apps/karakeep.nix create mode 100644 hosts/hub/apps/peertube.nix create mode 100644 secrets/thewordnerd_peertube.age diff --git a/hosts/hub/apps/karakeep.nix b/hosts/hub/apps/karakeep.nix deleted file mode 100644 index 8bf4170..0000000 --- a/hosts/hub/apps/karakeep.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, ... }: - -{ - systemd.tmpfiles.rules = [ - "d /var/lib/actual 0755 root root" - ]; - - virtualisation.oci-containers.containers.actual = { - image = "actualbudget/actual-server:latest"; - ports = [ - "5006:5006" - ]; - environment = { - ACTUAL_LOGIN_METHOD = "header"; - }; - volumes = [ "/var/lib/actual:/data" ]; - }; - - services.caddy.virtualHosts."https://budget.tailc50184.ts.net".extraConfig = '' - bind tailscale/budget - reverse_proxy http://localhost:5006 - ''; -} diff --git a/hosts/hub/apps/peertube.nix b/hosts/hub/apps/peertube.nix new file mode 100644 index 0000000..cef59d2 --- /dev/null +++ b/hosts/hub/apps/peertube.nix @@ -0,0 +1,15 @@ +{ + services = { + peertube = { + enable = true; + localDomain = "peertube.thewordnerd.info"; + redis.createLocally = true; + database.createLocally = true; + + }; + services.caddy.virtualHosts."peertube.thewordnerd.info".extraConfig = '' + reverse_proxy http://localhost:9000 + ''; + + }; +} diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 94cda20..6aa7785 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -37,4 +37,5 @@ in hub nolan ]; + "thewordnerd_peertube.age".publicKeys = [ hub ]; } diff --git a/secrets/thewordnerd_peertube.age b/secrets/thewordnerd_peertube.age new file mode 100644 index 0000000..2e69507 --- /dev/null +++ b/secrets/thewordnerd_peertube.age @@ -0,0 +1,5 @@ +age-encryption.org/v1 +-> ssh-ed25519 5X7MKw 8HgABUK/pWaX4v3hcf4Q0QKNrvwZfLLGGYNSYEY6eAE +DaPJEDRHG60VWEJCdRxlU+N/gsPL608nqYl4/w0d8fw +--- XdjnYGqiHzc1SCNXV9p08Tonizbg5wXSJiCUV+Sgj2g +*! SS|.{U`Yf~z+K 1jS\/cb^RI&&&ȼsjCxXKVF  \ No newline at end of file From 31a2c39d2bc44df7e2a2d3973edb70c0ee8a8ac3 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Fri, 25 Apr 2025 10:07:58 -0500 Subject: [PATCH 2/3] Add gotosocial and peertube. --- hosts/hub/apps/gts.nix | 24 ++++++++++++++++++++++++ hosts/hub/apps/peertube.nix | 12 +++++++++--- hosts/hub/default.nix | 3 ++- 3 files changed, 35 insertions(+), 4 deletions(-) create mode 100644 hosts/hub/apps/gts.nix diff --git a/hosts/hub/apps/gts.nix b/hosts/hub/apps/gts.nix new file mode 100644 index 0000000..713b1cb --- /dev/null +++ b/hosts/hub/apps/gts.nix @@ -0,0 +1,24 @@ +{ pkgs, ... }: + +let + package = pkgs.unstable.gotosocial; +in +{ + services = { + gotosocial = { + enable = true; + package = package; + settings = { + application-name = "Nolan's Social Media"; + host = "gts.thewordnerd.info"; + port = 8081; + landing-page-user = "nolan"; + }; + }; + + caddy.virtualHosts."gts.thewordnerd.info".extraConfig = '' + reverse_proxy http://localhost:8081 + ''; + }; + environment.systemPackages = [ package ]; +} diff --git a/hosts/hub/apps/peertube.nix b/hosts/hub/apps/peertube.nix index cef59d2..ba55ffd 100644 --- a/hosts/hub/apps/peertube.nix +++ b/hosts/hub/apps/peertube.nix @@ -1,15 +1,21 @@ +{ config, ... }: + { + age.secrets.thewordnerd_peertube = { + file = ../../../secrets/thewordnerd_peertube.age; + owner = config.services.peertube.user; + }; services = { peertube = { enable = true; localDomain = "peertube.thewordnerd.info"; + listenWeb = 443; redis.createLocally = true; database.createLocally = true; - + secrets.secretsFile = config.age.secrets.thewordnerd_peertube.path; }; - services.caddy.virtualHosts."peertube.thewordnerd.info".extraConfig = '' + caddy.virtualHosts."peertube.thewordnerd.info".extraConfig = '' reverse_proxy http://localhost:9000 ''; - }; } diff --git a/hosts/hub/default.nix b/hosts/hub/default.nix index 5efc676..693c548 100644 --- a/hosts/hub/default.nix +++ b/hosts/hub/default.nix @@ -18,7 +18,6 @@ ../../roles/lldap.nix ../../roles/authelia.nix ../../roles/podman.nix - ../../roles/minio.nix ../../roles/caddy.nix ../../roles/vscode-remote.nix ../../roles/postgres.nix @@ -28,6 +27,8 @@ ./apps/dev.nix ./apps/nextcloud.nix ./apps/paperless.nix + ./apps/gts.nix + ./apps/peertube.nix ./apps/searxng.nix ./apps/actual.nix ./apps/adguard.nix From 65edf315b29db95716a3261a236e92d8356260c7 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Fri, 25 Apr 2025 12:00:46 -0500 Subject: [PATCH 3/3] Correctly enable Fish so aliases are set. --- users/root.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/users/root.nix b/users/root.nix index ab329e8..bf78610 100644 --- a/users/root.nix +++ b/users/root.nix @@ -10,11 +10,14 @@ programs.fish.enable = true; - home-manager.users.root.home = { - shellAliases = { - "systemctl" = "systemctl --no-ager -l"; - "journalctl" = "journalctl --no-pager -l"; + home-manager.users.root = { + programs.fish.enable = true; + home = { + shellAliases = { + "systemctl" = "systemctl --no-pager -l"; + "journalctl" = "journalctl --no-pager -l"; + }; + stateVersion = "24.11"; }; - stateVersion = "24.11"; }; }