kat/nixfiles
1
0
Fork 0
mirror of https://github.com/kittywitch/nixfiles.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity

feat: o3o

Browse source
This commit is contained in:
Kat Inskip 2025-12-06 22:21:38 -08:00
parent c7c0140508
commit 15ac9bfa2b
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
9 changed files with 169 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
TODO.md
View file

@ -12,7 +12,7 @@
- [ ] Jellyfin - [ ] Jellyfin
- [ ] Immich - [ ] Immich
- [ ] Prosody - [ ] Prosody
- [ ] continuwuation or tuwunnel - [x] continuwuation
## Migrations ## Migrations

1
home/profiles/graphical/packages.nix
View file

@ -10,6 +10,7 @@
# Chat # Chat
telegram-desktop # Telegram telegram-desktop # Telegram
signal-desktop signal-desktop
fluffychat
mumble mumble
keymapp keymapp
# Archivery # Archivery

17
nixos/servers/continuwuity/continuwuity.nix Normal file
View file

@ -0,0 +1,17 @@
{config, ...}: {
sops.secrets.registrationToken = {
sopsFile = ./secrets.yaml;
owner = "continuwuity";
group = "continuwuity";
};
services.matrix-continuwuity = {
enable = true;
settings = {
global = {
allow_registration = true;
server_name = "kittywit.ch";
registration_token_file = config.sops.secrets.registrationToken.path;
};
};
};
}

19
nixos/servers/continuwuity/nginx.nix Normal file
View file

@ -0,0 +1,19 @@
_: {
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
};
services.nginx.virtualHosts."rinnosuke.inskip.me" = {
enableACME = true;
forceSSL = true;
locations = {
"/_matrix" = {
proxyPass = "http://127.0.0.1:6167$request_uri";
proxyWebsockets = true;
};
};
};
}

128
nixos/servers/continuwuity/secrets.yaml Normal file
View file

@ -0,0 +1,128 @@
registrationToken: ENC[AES256_GCM,data:oJG91q+73OijYmDXC6U=,iv:8Nf/s+CbnQiM1xIqzUmSUaEnHn/f/wlo36xD+J26hgw=,tag:KXtVJIlbD3w8cuqAf2BRIA==,type:str]
sops:
shamir_threshold: 1
age:
- recipient: age1n4kdchmkk3rfkaknxhveqr2ftprdpgwckutt23y6u8639lazzuks77tgav
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxQnpZRFFUUWhBQVRtVmJR
Uy93ZC8rdTd3a0JJY1o4Wm1jY1RycWFpa3lNCmJuM1BKK2FRNkRBWmp6eFBNbklR
L3BheU13SWZoVnVPVjQ3V1E1ajVhNG8KLS0tIE4xK0FBYTFFMXBjSjhueXEzSnRY
QXdXRTNsMUc0b2k4T1dlcHJFTnpEZW8K0R58QmNMDrxMCFLjgumnrVT9xMsHDweG
VnUV2BxaIsT34bIr4Vnup38uBzom/gAzv8HvUXKRHeXOEaFl5dlNEQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1cnu37d5fqyahh9vvc4hj6z6k8ur9ksuefln7sr6g3emmn927eutqxdawuh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXQnlMdnBYSXNtaFFaWGtj
aUxhY01pV1QreVY5TTJnS242cDFkSGtPdkFnCmxlSWhKbDl0K2M2bmFIRzMyWjd3
L2dMWnFBcmcxS2s2NzcwRU43c2FtV00KLS0tIFp0Y25IUU5JR0xqSDR2TGdqV3k3
a1pnbWp3elVaVDJOeVpPY2hZN3R6YjQKwosd75NQpHY93mSpOyXwN3VcsC4g4fyw
3sZ7QHeiqEC12TsPairkll3Z32zWybfCF5RJYGhWyXSWBso9Z5ZoKQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1a0m73qr8hhuz8xemv4vymf4wmpghm2hst8wgrn3pn65ext5mf4ksk0vsdm
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvRndOQ2tmV1FuakpWMVd1
N0trSWFkdFdBMDNxT0FjbFJUdEE2cTZDZFdnCnovTFhCV1crZkFrblR3UlBNZ1Z4
TWduaVNHemdBKzlFaDhCUjBEem50eVkKLS0tIDg3Z1VHUVVkdTg4aHBFYU5iSHVV
UzF4UEt1ZzMrcWsrZWVaV2ZtTDFKUjQKWw89qeBwLEC/zIbJQJ6aTewvQr5/PAAq
JF0rJoaY8NrMbnJAupU4lcD/icLybPokQaaf+rJRm92362AYU1IuAQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age18hpxz0ghvswv9k30cle73prvnzrsuczqh87jjdk9fl50j3ddndmq9xae0n
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsZGNDNFNZMmxUaVlnQlhi
dkw5SFBZQWppeWQyTUpYMHV5R1E1ellreXljCjB5eTJTZzhjYjJ2RlYrKzRwVFBD
TEdsckVBaXdKVHVsbkt4aEgrS3A5bGMKLS0tIHFGbWhqSnYwRTN1Ris4d1h1eitJ
RWJ4aDZ6Y2xZV2ZJZjAzYTJLajN0MzQKGoSQQcaQW8htwtDTllBbOMRq0CGGIvxc
eYj9FAr7jcKtP4n19c5Xpl2tc5s76gdvt4UH0Hfa88fW2pz+qcxJPg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1xgy03g3vjydsxcl0qpdgm8rahjcjq95ucxfwlgr22zwjx3p7jf2s9jk6u5
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGYjBSUjhpdktpYzZuc2xI
S0ZmcHVsclpMZWR4Ti8yT2tNcXV2c25NVXgwCk9xenpwVFJHN1Babml5NUl6VG5R
Nk8vSG1mZUkwNlNRajB1a2R6UFVNaUEKLS0tIGM4Q0JvSnhNRjV2SGhHY3JJaFIz
NDdVR1hYRTRQVkJZTTFvSkc1RlVmOEEKqFbdon24Ar6eyf4fTKEjof2s22AypQ3p
jvZHa73+dBoSAuIpcrBZSGC7R68cybJ4KiBri8+I7GlFDl7UbSK3iQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1fv5dafs4n3r5n83qm2hfz7xmnflsz0xf9r3saralrptpgf8mvuxq4t8k3u
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXdWU3V0x3cWEvQzIrMkNV
UDY0VEFPcE90MzNxYzFOQVVqRG80cUZBc240CmxOU0tsRCt1b3dpL3FiWVlMSHZN
QVZFU2MwT2trUERiZHc4SVVZSWxNVjgKLS0tIG5tbzhnODM2R0g3Z1NrdWJVMFJP
MVBYZld4VU5KT0pvR2dIdDBodjJHOWcKzgWak18tFAeph2pRUDqThYNj7v52jwkv
UQuu0m3MbvyNXKKjykH25wOY+Mor8oaqEW80LO7DXgiNZh1dag/upA==
-----END AGE ENCRYPTED FILE-----
- recipient: age120530yclr75k6nrzp6k5jjftj8j4q9v3533guupzk4ct86mjxszqg9e5t5
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5eC9qaWhjdzZ6VEtOVU8w
TXRSYUV3cGI4UFhOQ1NFQ28rLzFYU1FGelRjCks1TDR5MkwzQnNzVzNxN00xODFr
M0tHaHZGc2MrWkpwVm56R21kSTMxbmMKLS0tIFNIRFBOV2xKQUVzS1ZBRENzd2gw
aHhTVno4NkZ3Vkg1NDNoa0FEUktYSUkKccIGwZyAuzO5IQiz2tFiyWA9xFVsb0Ay
jGHTaAByb9goBq+s4Ho27uHnSRTZ3EQpH0tn6dILorvNZEzUQA7/Sg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1rt0ngkum32wt6l2wnyr40hmwd9ulmzqfarg5vk62zqp0uvj4lyuqd2atgq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEQ3pFRUQrby9tdnRiWU1h
UFlxS2xSaW5lT2RPV0VmRkpiak8wOWJyRG1FCnZvY1Q4aTM1ZGNPaFErNEQrTWhO
Wm9qSXZTbk5vWGw3d0psMFZSbk91VkEKLS0tIG9BRHN4eUpuZmhvUDQyK2JOdnhW
TzNOaW5UR29FWFZITk45d3BpVWc4dUUKemYfJX6PQo4TxAtuncE7d6h4+nU8lvte
SjWtG5jnbAl1VUkCuVsS+ghn2lYNCoXpi5xVGt02a6Py1pYVtHBvmg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1c4atxfp05u7zm875s6q8p82ve96rqqpq9smktxlur8pk2yc3qvgql46dp9
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSSFdkL0F6NHRPRkVUUDJy
aDQ5WjNLN242emNWd3NPblR5Nk50RERMUmtVCmFEdEZQL0hDa1VNbTR6L0JQZWcr
MXk3eGtNcitZdWJRS28yTFg4ZVZhYmsKLS0tIHI0YzE4WGZXeXV1aDNvWEVTTmpC
aWl1NVcyNWFoTGk4RmpxanBsNlVDUHcKQCY0trNZ2JkU6zmcEErWsOPt/Xk6o7pT
1ewhnXSBmaafaSXM2Us43UsljmPPIUKAmLE116x7Wie5MNGnEmxwiA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1rjldv3fn3q686647exmcukthr32gmp6s3axs0lhyenvru9ajp9rs24ukvz
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaUll2UzNEdFgwY0pwR2pF
TDZUUkUydE5XUlVRL01NM2xQd1cvUXF1MWg4CmlyenhXTEdBU0xkcG40ZHZYNG5L
OTZVbzB1SFo3Ym5HTUxQbEVkTU9CMHMKLS0tIHJsZnlGRlBlRHR2dXBxU29UQlBO
VnJUa0lGNGt5TktCTGVzdFBNVkVNMG8KtUhNK8r+Z1vYS3yrgqiHEndbbd1DMsCT
LvuDqOWyYx0uCem2m7ZUgEXv2NyI+Cva2p6vFsKl8P7JcgA5Vfud+A==
-----END AGE ENCRYPTED FILE-----
- recipient: age1p9v6xaujkdat2tsc2mc4gxpg9hjr4suvwryuat95z2c53xhsyfxq0gf594
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhNVNnZ1JtbGhWemJPNjI4
Tlo0cHltNFV5ZHFsdk41YU16Mm9oVWV4UjBFCmpGVDdiTGNZcktFd0xtWHM3S3pW
aURaSEVVTllaZTM5eTNKL2grUE80cEUKLS0tIFp0TEs5YzV3WER5V2JYQU1uNXBr
aVBucDkzM04wdFd5TjB5YmowYVNxZGcK7l+KssCEdsLjKEECvFop49qT7IsJxbzf
kpJ2uK6sc0t1ZjS3gBObYv2Xw6QBhEwLbZ0ZWdN1xPqXnWfPrhoHNw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-12-07T05:56:46Z"
mac: ENC[AES256_GCM,data:QikWC6PeQmm03B3yj21rbk8+dWVjEEYPFR8HtJ3g7xrtjWMJIyH50Wo4sbmLlpV0jXWM4Yd6qawR1vXcdaR+ErGM6400GvuI0+B6FE2Xrs6x2Tf+ZjTPXv/8RC2w17Xs4r2KhcBoAFy0uiwBAFNznjeUlC3HpvreDj/pIgq7ZYw=,iv:NaICM+pPCdhu5wYHwA3SWDRNKVb8Mwc28A4zaEAcRvE=,tag:rglzT24N4vZP6sj++Wj1nA==,type:str]
pgp:
- created_at: "2025-12-07T05:35:42Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA82M54yws73UARAAr0CwMypwtBXDHP5SloS7zO7QxrsWEckqwXTwI0zHgcF1
xellqvku25wwbH+tf4FJVTbEutyG7yHrwsl3rSPD18xQj6RTozp3G6lJLYLuYvE9
7/1WOJCRsxlz7xLwJkldc/7fCG6tyUD1UQfk61gaCTawDV48AEREpoqQHb/5Edum
1jLULWtp0Y56r6OnmlsDHKNJL6zQB/m/eX5ckR0Nq+OLRCyimu7Do1/zR92uXUPJ
BmS1/Twun4wfK3TRRw4KBBhBDwm+p3bs8g6KzlQW1qiPnUsxxPuIbmWXYVdHC2jg
qqVVgzjdLEMn2IUuZP3w7TqtFDuxJVFHudEbrs16dX02IdGgp02MVsUJKyI124ro
62XoPf1M85Dx+J/SpE2mZ3IPXm0fqY8ftQiJ+VulAN80Vcgo9VSW5CueFBJS5roG
xWjrk3VZCKqCbM4MUD0anSSL1hXJnAWWP3VNFbgM15p/s18ck5wxIia4IwN7h2Jl
9gttMDB8zUcesArTynvke2/ZW8yHq7pEuv92eRREl6tKmsoobKIV3ADcT08DUTlf
PXA8fD+tSM5TVMAa4gMwMswudL0SC4I+yK+sB6ch1dMfRQ1DjblzEZpcfcKIQMvp
MfWiHpLp1rxhCJOefsTdAWuBPYm7W7r1txx9RzVri5nX9Du7hwOA8HZ0QD6Nri3S
XgEHyTBTJxpUp04fc2Bap6PwKbCWhSPp908IdO+s/YmjzUk8t0edMF5gGU4UghaP
Bja+/yiSJhBMa6WBos1B6/8w/R0ZCPV5Gh99N9tZzwwcFPCem7q8s1ML9/t7Fss=
=i4hE
-----END PGP MESSAGE-----
fp: CD8CE78CB0B3BDD4
unencrypted_suffix: _unencrypted
version: 3.11.0

1
nixos/servers/web/acme.nix
View file

@ -2,7 +2,6 @@
security.acme = { security.acme = {
defaults = { defaults = {
dnsProvider = "cloudflare"; dnsProvider = "cloudflare";
email = "acme@inskip.me";
credentialsFile = config.sops.secrets.acme_credentials.path; credentialsFile = config.sops.secrets.acme_credentials.path;
}; };
acceptTerms = true; acceptTerms = true;

1
systems/daiyousei.nix
View file

@ -53,6 +53,7 @@ _: let
# }; # };
#}; #};
security.acme.defaults.email = "acme@inskip.me";
system.stateVersion = "23.11"; system.stateVersion = "23.11";
}; };
in { in {

1
systems/rinnosuke.nix
View file

@ -14,6 +14,7 @@ _: let
]) ])
++ (with tree.nixos.servers; [ ++ (with tree.nixos.servers; [
mail mail
continuwuity
]); ]);
boot = { boot = {

2
tf/terraform.tfstate
View file

File diff suppressed because one or more lines are too long