chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: chris:6111ec165b69580cd0e6deffb8ec95a25eef722d
Branches Tags
chris:main
chris:feature/convex
chris:feature/nix-anywhere
..
compare: chris:ac0a2d523e7965d0cced677a16cec5ea7c15c8d3
Branches Tags
chris:main
chris:feature/convex
chris:feature/nix-anywhere

No commits in common. "6111ec165b69580cd0e6deffb8ec95a25eef722d" and "ac0a2d523e7965d0cced677a16cec5ea7c15c8d3" have entirely different histories.
6111ec165b ... ac0a2d523e

7 changed files with 23 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

8
modules/nixos/services/authentication/zitadel/default.nix
View file

@ -28,7 +28,7 @@ in
settings = { settings = {
Port = 9092; Port = 9092;
ExternalDomain = "auth.kruining.eu"; ExternalDomain = "auth.amarth.cloud";
ExternalPort = 443; ExternalPort = 443;
ExternalSecure = true; ExternalSecure = true;
@ -60,7 +60,7 @@ in
SMTPConfiguration = { SMTPConfiguration = {
SMTP = { SMTP = {
Host = "black-mail.nl:587"; Host = "black-mail.nl:587";
User = "chris@kruining.eu"; User = "info@amarth.cloud";
Password = "__TODO_USE_SOPS__"; Password = "__TODO_USE_SOPS__";
}; };
FromName = "Amarth Zitadel"; FromName = "Amarth Zitadel";
@ -84,7 +84,7 @@ in
}; };
steps = { steps = {
FirstInstance = { FirstInstance = {
InstanceName = "auth.kruining.eu"; InstanceName = "auth.amarth.cloud";
Org = { Org = {
Name = "Amarth"; Name = "Amarth";
Human = { Human = {
@ -116,7 +116,7 @@ in
caddy = { caddy = {
enable = true; enable = true;
virtualHosts = { virtualHosts = {
"auth.kruining.eu".extraConfig = '' "auth.amarth.cloud".extraConfig = ''
reverse_proxy h2c://127.0.0.1:9092 reverse_proxy h2c://127.0.0.1:9092
''; '';
}; };

4
modules/nixos/services/communication/matrix/default.nix
View file

@ -55,7 +55,7 @@ in
idp_id = "zitadel"; idp_id = "zitadel";
idp_name = "Zitadel"; idp_name = "Zitadel";
issuer = "https://auth.kruining.eu"; issuer = "https://auth.amarth.cloud";
client_id = "337858153251143939"; client_id = "337858153251143939";
client_secret = "ePkf5n8BxGD5DF7t1eNThTL0g6PVBO5A1RC0EqPp61S7VsiyXvDs8aJeczrpCpsH"; client_secret = "ePkf5n8BxGD5DF7t1eNThTL0g6PVBO5A1RC0EqPp61S7VsiyXvDs8aJeczrpCpsH";
scopes = [ "openid" "profile" ]; scopes = [ "openid" "profile" ];
@ -159,7 +159,7 @@ in
}; };
client = { client = {
"m.homeserver".base_url = "https://${fqn}"; "m.homeserver".base_url = "https://${fqn}";
"m.identity_server".base_url = "https://auth.kruining.eu"; "m.identity_server".base_url = "https://auth.amarth.cloud";
}; };
in { in {
"${domain}".extraConfig = '' "${domain}".extraConfig = ''

2
modules/nixos/services/media/homer/default.nix
View file

@ -37,7 +37,7 @@ in
name = "Zitadel"; name = "Zitadel";
logo = "https://cdn.jsdelivr.net/gh/selfhst/icons/svg/zitadel.svg"; logo = "https://cdn.jsdelivr.net/gh/selfhst/icons/svg/zitadel.svg";
tag = "app"; tag = "app";
url = "https://auth.kruining.eu"; url = "https://auth.amarth.cloud";
target = "_blank"; target = "_blank";
} }

6
modules/nixos/services/observability/grafana/default.nix
View file

@ -42,9 +42,9 @@ in
login_attribute_path = "username"; login_attribute_path = "username";
name_attribute_path = "full_name"; name_attribute_path = "full_name";
role_attribute_path = "contains(urn:zitadel:iam:org:project:roles[*], 'owner') && 'GrafanaAdmin' || contains(urn:zitadel:iam:org:project:roles[*], 'contributer') && 'Editor' || 'Viewer'"; role_attribute_path = "contains(urn:zitadel:iam:org:project:roles[*], 'owner') && 'GrafanaAdmin' || contains(urn:zitadel:iam:org:project:roles[*], 'contributer') && 'Editor' || 'Viewer'";
auth_url = "https://auth.kruining.eu/oauth/v2/authorize"; auth_url = "https://auth.amarth.cloud/oauth/v2/authorize";
token_url = "https://auth.kruining.eu/oauth/v2/token"; token_url = "https://auth.amarth.cloud/oauth/v2/token";
api_url = "https://auth.kruining.eu/oidc/v1/userinfo"; api_url = "https://auth.amarth.cloud/oidc/v1/userinfo";
allow_sign_up = true; allow_sign_up = true;
auto_login = true; auto_login = true;
use_pkce = true; use_pkce = true;

6
modules/nixos/services/security/vaultwarden/default.nix
View file

@ -39,7 +39,7 @@ in
SSO_ROLES_ENABLED = true; SSO_ROLES_ENABLED = true;
SSO_ORGANIZATIONS_ENABLED = true; SSO_ORGANIZATIONS_ENABLED = true;
SSO_ORGANIZATIONS_REVOCATION = true; SSO_ORGANIZATIONS_REVOCATION = true;
SSO_AUTHORITY = "https://auth.kruining.eu/"; SSO_AUTHORITY = "https://auth.amarth.cloud/";
SSO_SCOPES = "email profile offline_access"; SSO_SCOPES = "email profile offline_access";
SSO_AUDIENCE_TRUSTED = "^333297815511892227$"; SSO_AUDIENCE_TRUSTED = "^333297815511892227$";
SSO_CLIENT_ID = "335178854421299459"; SSO_CLIENT_ID = "335178854421299459";
@ -52,9 +52,9 @@ in
SMTP_HOST = "black-mail.nl"; SMTP_HOST = "black-mail.nl";
SMTP_PORT = 587; SMTP_PORT = 587;
SMTP_SECURITY = "starttls"; SMTP_SECURITY = "starttls";
SMTP_USERNAME = "chris@kruining.eu"; SMTP_USERNAME = "info@amarth.cloud";
SMTP_PASSWORD = ""; SMTP_PASSWORD = "";
SMTP_FROM = "chris@kruining.eu"; SMTP_FROM = "info@amarth.cloud";
SMTP_FROM_NAME = "Chris' Vaultwarden"; SMTP_FROM_NAME = "Chris' Vaultwarden";
}; };
}; };

24
systems/x86_64-linux/ulmo/default.nix
View file

@ -5,24 +5,14 @@
./hardware.nix ./hardware.nix
]; ];
networking = { networking.interfaces.enp2s0 = {
interfaces.enp2s0 = { ipv6.addresses = [
ipv6.addresses = [ { address = "2a0d:6e00:1dc9:0::dead:beef"; prefixLength = 64; }
{ address = "2a0d:6e00:1dc9:0::dead:beef"; prefixLength = 64; } ];
];
useDHCP = true; ipv4.addresses = [
}; { address = "192.168.1.3"; prefixLength = 16; }
];
defaultGateway = {
address = "192.168.1.1";
interface = "enp2s0";
};
defaultGateway6 = {
address = "fe80::1";
interface = "enp2s0";
};
}; };
sneeuwvlok = { sneeuwvlok = {

4
systems/x86_64-linux/ulmo/disks.nix
View file

@ -5,7 +5,9 @@ in
{ {
# TODO :: Implement disko at some point # TODO :: Implement disko at some point
swapDevices = []; swapDevices = [
{ device = "/dev/disk/by-uuid/0ddf001a-5679-482e-b254-04a1b9094794"; }
];
boot.supportedFilesystems = [ "nfs" ]; boot.supportedFilesystems = [ "nfs" ];