chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: chris:81e1574023c457f20a7cb40524355164988f1b0c
Branches Tags
chris:main
chris:feature/convex
chris:feature/nix-anywhere
..
compare: chris:6111ec165b69580cd0e6deffb8ec95a25eef722d
Branches Tags
chris:main
chris:feature/convex
chris:feature/nix-anywhere

No commits in common. "81e1574023c457f20a7cb40524355164988f1b0c" and "6111ec165b69580cd0e6deffb8ec95a25eef722d" have entirely different histories.
81e1574023 ... 6111ec165b

5 changed files with 9 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.justfile
View file

@ -1,7 +1,4 @@
try-again: try-again:
nix flake update amarth-customer-portal nix flake update amarth-customer-portal
nix flake check --all-systems --show-trace nix flake check --all-systems --show-trace
update machine:
nixos-rebuild switch --use-remote-sudo --target-host {{ machine }} --flake .#{{ machine }}

8
modules/nixos/services/authentication/zitadel/default.nix
View file

@ -117,12 +117,12 @@ in
enable = true; enable = true;
virtualHosts = { virtualHosts = {
"auth.kruining.eu".extraConfig = '' "auth.kruining.eu".extraConfig = ''
reverse_proxy h2c://::1:9092 reverse_proxy h2c://127.0.0.1:9092
''; '';
}; };
extraConfig = '' extraConfig = ''
(auth) { (auth-z) {
forward_auth h2c://::1:9092 { forward_auth h2c://127.0.0.1:9092 {
uri /api/authz/forward-auth uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
} }
@ -130,8 +130,6 @@ in
''; '';
}; };
}; };
networking.firewall.allowedTCPPorts = [ 80 443 ];
# Secrets # Secrets
sops.secrets."zitadel/masterKey" = { sops.secrets."zitadel/masterKey" = {

2
modules/nixos/services/observability/loki/default.nix
View file

@ -23,7 +23,7 @@ in
common = { common = {
ring = { ring = {
instance_addr = "127.0.0.1"; instance_addr = "127.0.0.1";
kvstore.store = "inmemory"; kvstore.store = "inmmemory";
}; };
replication_factor = 1; replication_factor = 1;
path_prefix = "/tmp/loki"; path_prefix = "/tmp/loki";

8
modules/nixos/services/observability/promtail/default.nix
View file

@ -29,11 +29,9 @@ in
filename = "filename"; filename = "filename";
}; };
clients = [ clients = {
{ url = "http://127.0.0.1:3100/loki/api/v1/push";
url = "http://::1:9003/loki/api/v1/push"; };
}
];
scrape_configs = [ scrape_configs = [
{ {

13
systems/x86_64-linux/ulmo/default.nix
View file

@ -25,20 +25,9 @@
}; };
}; };
# Expose amarht cloud stuff like this until I have a proper solution
services.caddy.virtualHosts = {
"auth.amarth.cloud".extraConfig = ''
reverse_proxy http://192.168.1.223:9092
'';
"amarth.cloud".extraConfig = ''
reverse_proxy http://192.168.1.223:8080
'';
};
sneeuwvlok = { sneeuwvlok = {
services = { services = {
# authentication.authelia.enable = true; authentication.authelia.enable = true;
authentication.zitadel.enable = true; authentication.zitadel.enable = true;
communication.matrix.enable = true; communication.matrix.enable = true;