chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: chris:ac0a2d523e7965d0cced677a16cec5ea7c15c8d3
Branches Tags
chris:main
chris:feature/convex
chris:feature/nix-anywhere
..
compare: chris:6111ec165b69580cd0e6deffb8ec95a25eef722d
Branches Tags
chris:main
chris:feature/convex
chris:feature/nix-anywhere

2 commits
ac0a2d523e ... 6111ec165b

Author SHA1 Message Date
Chris Kruining
6111ec165b move zitadel back to kruining.eu
Some checks failed
Test action / kaas (push) Failing after 1s
Details
2025-10-16 12:54:29 +00:00
Chris Kruining
09a004ad9a fix some ulmo config 2025-10-16 12:54:29 +00:00
7 changed files with 31 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

8
modules/nixos/services/authentication/zitadel/default.nix
View file

@ -28,7 +28,7 @@ in
settings = { settings = {
Port = 9092; Port = 9092;
ExternalDomain = "auth.amarth.cloud"; ExternalDomain = "auth.kruining.eu";
ExternalPort = 443; ExternalPort = 443;
ExternalSecure = true; ExternalSecure = true;
@ -60,7 +60,7 @@ in
SMTPConfiguration = { SMTPConfiguration = {
SMTP = { SMTP = {
Host = "black-mail.nl:587"; Host = "black-mail.nl:587";
User = "info@amarth.cloud"; User = "chris@kruining.eu";
Password = "__TODO_USE_SOPS__"; Password = "__TODO_USE_SOPS__";
}; };
FromName = "Amarth Zitadel"; FromName = "Amarth Zitadel";
@ -84,7 +84,7 @@ in
}; };
steps = { steps = {
FirstInstance = { FirstInstance = {
InstanceName = "auth.amarth.cloud"; InstanceName = "auth.kruining.eu";
Org = { Org = {
Name = "Amarth"; Name = "Amarth";
Human = { Human = {
@ -116,7 +116,7 @@ in
caddy = { caddy = {
enable = true; enable = true;
virtualHosts = { virtualHosts = {
"auth.amarth.cloud".extraConfig = '' "auth.kruining.eu".extraConfig = ''
reverse_proxy h2c://127.0.0.1:9092 reverse_proxy h2c://127.0.0.1:9092
''; '';
}; };

4
modules/nixos/services/communication/matrix/default.nix
View file

@ -55,7 +55,7 @@ in
idp_id = "zitadel"; idp_id = "zitadel";
idp_name = "Zitadel"; idp_name = "Zitadel";
issuer = "https://auth.amarth.cloud"; issuer = "https://auth.kruining.eu";
client_id = "337858153251143939"; client_id = "337858153251143939";
client_secret = "ePkf5n8BxGD5DF7t1eNThTL0g6PVBO5A1RC0EqPp61S7VsiyXvDs8aJeczrpCpsH"; client_secret = "ePkf5n8BxGD5DF7t1eNThTL0g6PVBO5A1RC0EqPp61S7VsiyXvDs8aJeczrpCpsH";
scopes = [ "openid" "profile" ]; scopes = [ "openid" "profile" ];
@ -159,7 +159,7 @@ in
}; };
client = { client = {
"m.homeserver".base_url = "https://${fqn}"; "m.homeserver".base_url = "https://${fqn}";
"m.identity_server".base_url = "https://auth.amarth.cloud"; "m.identity_server".base_url = "https://auth.kruining.eu";
}; };
in { in {
"${domain}".extraConfig = '' "${domain}".extraConfig = ''

2
modules/nixos/services/media/homer/default.nix
View file

@ -37,7 +37,7 @@ in
name = "Zitadel"; name = "Zitadel";
logo = "https://cdn.jsdelivr.net/gh/selfhst/icons/svg/zitadel.svg"; logo = "https://cdn.jsdelivr.net/gh/selfhst/icons/svg/zitadel.svg";
tag = "app"; tag = "app";
url = "https://auth.amarth.cloud"; url = "https://auth.kruining.eu";
target = "_blank"; target = "_blank";
} }

6
modules/nixos/services/observability/grafana/default.nix
View file

@ -42,9 +42,9 @@ in
login_attribute_path = "username"; login_attribute_path = "username";
name_attribute_path = "full_name"; name_attribute_path = "full_name";
role_attribute_path = "contains(urn:zitadel:iam:org:project:roles[*], 'owner') && 'GrafanaAdmin' || contains(urn:zitadel:iam:org:project:roles[*], 'contributer') && 'Editor' || 'Viewer'"; role_attribute_path = "contains(urn:zitadel:iam:org:project:roles[*], 'owner') && 'GrafanaAdmin' || contains(urn:zitadel:iam:org:project:roles[*], 'contributer') && 'Editor' || 'Viewer'";
auth_url = "https://auth.amarth.cloud/oauth/v2/authorize"; auth_url = "https://auth.kruining.eu/oauth/v2/authorize";
token_url = "https://auth.amarth.cloud/oauth/v2/token"; token_url = "https://auth.kruining.eu/oauth/v2/token";
api_url = "https://auth.amarth.cloud/oidc/v1/userinfo"; api_url = "https://auth.kruining.eu/oidc/v1/userinfo";
allow_sign_up = true; allow_sign_up = true;
auto_login = true; auto_login = true;
use_pkce = true; use_pkce = true;

6
modules/nixos/services/security/vaultwarden/default.nix
View file

@ -39,7 +39,7 @@ in
SSO_ROLES_ENABLED = true; SSO_ROLES_ENABLED = true;
SSO_ORGANIZATIONS_ENABLED = true; SSO_ORGANIZATIONS_ENABLED = true;
SSO_ORGANIZATIONS_REVOCATION = true; SSO_ORGANIZATIONS_REVOCATION = true;
SSO_AUTHORITY = "https://auth.amarth.cloud/"; SSO_AUTHORITY = "https://auth.kruining.eu/";
SSO_SCOPES = "email profile offline_access"; SSO_SCOPES = "email profile offline_access";
SSO_AUDIENCE_TRUSTED = "^333297815511892227$"; SSO_AUDIENCE_TRUSTED = "^333297815511892227$";
SSO_CLIENT_ID = "335178854421299459"; SSO_CLIENT_ID = "335178854421299459";
@ -52,9 +52,9 @@ in
SMTP_HOST = "black-mail.nl"; SMTP_HOST = "black-mail.nl";
SMTP_PORT = 587; SMTP_PORT = 587;
SMTP_SECURITY = "starttls"; SMTP_SECURITY = "starttls";
SMTP_USERNAME = "info@amarth.cloud"; SMTP_USERNAME = "chris@kruining.eu";
SMTP_PASSWORD = ""; SMTP_PASSWORD = "";
SMTP_FROM = "info@amarth.cloud"; SMTP_FROM = "chris@kruining.eu";
SMTP_FROM_NAME = "Chris' Vaultwarden"; SMTP_FROM_NAME = "Chris' Vaultwarden";
}; };
}; };

24
systems/x86_64-linux/ulmo/default.nix
View file

@ -5,14 +5,24 @@
./hardware.nix ./hardware.nix
]; ];
networking.interfaces.enp2s0 = { networking = {
ipv6.addresses = [ interfaces.enp2s0 = {
{ address = "2a0d:6e00:1dc9:0::dead:beef"; prefixLength = 64; } ipv6.addresses = [
]; { address = "2a0d:6e00:1dc9:0::dead:beef"; prefixLength = 64; }
];
ipv4.addresses = [ useDHCP = true;
{ address = "192.168.1.3"; prefixLength = 16; } };
];
defaultGateway = {
address = "192.168.1.1";
interface = "enp2s0";
};
defaultGateway6 = {
address = "fe80::1";
interface = "enp2s0";
};
}; };
sneeuwvlok = { sneeuwvlok = {

4
systems/x86_64-linux/ulmo/disks.nix
View file

@ -5,9 +5,7 @@ in
{ {
# TODO :: Implement disko at some point # TODO :: Implement disko at some point
swapDevices = [ swapDevices = [];
{ device = "/dev/disk/by-uuid/0ddf001a-5679-482e-b254-04a1b9094794"; }
];
boot.supportedFilesystems = [ "nfs" ]; boot.supportedFilesystems = [ "nfs" ];