configuration: extract nixos config into more files

kdeconect: update config
gnome: update autologin config
2024-05-28 00:38:37 -03:00 · 2024-05-28 00:38:37 -03:00 · 2024-05-28 00:38:37 -03:00 · 2024-05-28 00:38:37 -03:00 · 2024-05-28 00:38:37 -03:00 · 2024-05-28 00:38:37 -03:00
14 changed files with 75 additions and 44 deletions
--- a/hosts/phantom/default.nix
+++ b/hosts/phantom/default.nix
@ -10,12 +10,11 @@
    ./syncthing.nix
    ./users.nix
    ./writefreely.nix
-    ./renawiki.nix
    ./email.nix
    ./forgejo.nix
  ];

-  services.nginx.virtualHosts."lelgenio.xyz" = {
+  services.nginx.virtualHosts."lelgenio.com" = {
    enableACME = true;
    forceSSL = true;
    root = pkgs.runCommand "www-dir" { } ''
@ -51,7 +50,7 @@
    dates = "04:40";
    operation = "switch";
    flags = [ "--update-input" "nixpkgs" "--no-write-lock-file" "-L" ];
-    flake = "git+https://git.lelgenio.xyz/lelgenio/nixos-config#phantom";
+    flake = "git+https://git.lelgenio.com/lelgenio/nixos-config#phantom";
  };

  system.stateVersion = "23.05"; # Never change this
--- a/hosts/phantom/email.nix
+++ b/hosts/phantom/email.nix
@ -1,4 +1,4 @@
-{ pkgs, inputs, ... }: {
+{ pkgs, inputs, config, ... }: {
  # It's important to let Digital Ocean set the hostname so we get rDNS to work
  networking.hostName = "";

@ -8,32 +8,47 @@

  mailserver = {
    enable = true;
-    fqdn = "lelgenio.xyz";
+    fqdn = "lelgenio.com";
    domains = [
      "lelgenio.xyz"
      "git.lelgenio.xyz"
+      "lelgenio.com"
+      "git.lelgenio.com"
+      "social.lelgenio.com"
    ];
    certificateScheme = "acme-nginx";
    # Create passwords with
    # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
    loginAccounts = {
+      "lelgenio@lelgenio.com" = {
+        hashedPassword = "$2y$05$z5s7QCXcs5uTFsfyYpwNJeWzb3RmzgWxNgcPCr0zjSytkLFF/qZmS";
+        aliases = [ "postmaster@lelgenio.com" ];
+      };
      "lelgenio@lelgenio.xyz" = {
        hashedPassword = "$2y$05$z5s7QCXcs5uTFsfyYpwNJeWzb3RmzgWxNgcPCr0zjSytkLFF/qZmS";
        aliases = [ "postmaster@lelgenio.xyz" ];
      };
-      "noreply@git.lelgenio.xyz" = {
+      "noreply@git.lelgenio.com" = {
        hashedPassword = "$2b$05$TmR1R7ZwXfec7yrOfeBL7u3ZtyXf0up5dEO6uMWSvb/O7LPEm.j0.";
      };
+      "noreply@social.lelgenio.com" = {
+        hashedPassword = "$2b$05$DcA9xMdvHqqQMZw2.zybI.vfKsQAJtaQ/JB.t9AHu6psstWq97m2C";
+      };
    };
  };

+  # Prefer ipv4 and use main ipv6 to avoid reverse DNS issues
+  services.postfix.extraConfig = ''
+    smtp_address_preference = ipv4
+  '';
+
  # Webmail
-  services.roundcube = rec {
+  services.roundcube = {
    enable = true;
    package = pkgs.roundcube.withPlugins (p: [ p.carddav ]);
-    hostName = "mail.lelgenio.xyz";
+    hostName = "mail.lelgenio.com";
    extraConfig = ''
-      $config['smtp_host'] = "tls://${hostName}:587";
+      $config['smtp_host'] = "tls://${config.mailserver.fqdn}:587";
      $config['smtp_user'] = "%u";
      $config['smtp_pass'] = "%p";
      $config['plugins'] = [ "carddav", "archive" ];
--- a/hosts/phantom/forgejo.nix
+++ b/hosts/phantom/forgejo.nix
@ -26,15 +26,15 @@ in
        DEFAULT_ACTIONS_URL = "github";
      };
      server = {
-        DOMAIN = "git.lelgenio.xyz";
+        DOMAIN = "git.lelgenio.com";
        HTTP_PORT = 3000;
        ROOT_URL = "https://${srv.DOMAIN}/";
      };
      mailer = {
        ENABLED = true;
-        SMTP_ADDR = "mail.lelgenio.xyz";
-        FROM = "noreply@git.lelgenio.xyz";
-        USER = "noreply@git.lelgenio.xyz";
+        SMTP_ADDR = "mail.lelgenio.com";
+        FROM = "noreply@git.lelgenio.com";
+        USER = "noreply@git.lelgenio.com";
      };
    };
    mailerPasswordFile = config.age.secrets.phantom-forgejo-mailer-password.path;
--- a/hosts/phantom/mastodon.nix
+++ b/hosts/phantom/mastodon.nix
@ -2,10 +2,22 @@
  services.mastodon = {
    enable = true;
    configureNginx = true;
-    localDomain = "social.lelgenio.xyz";
-    smtp.fromAddress = "lelgenio@disroot.org";
+    localDomain = "social.lelgenio.com";
+    smtp = {
+      authenticate = true;
+      host = "lelgenio.com";
+      fromAddress = "noreply@social.lelgenio.com";
+      user = "noreply@social.lelgenio.com";
+      passwordFile = config.age.secrets.phantom-mastodon-mailer-password.path;
+    };
    streamingProcesses = 2;
    extraConfig.SINGLE_USER_MODE = "true";
    mediaAutoRemove.olderThanDays = 10;
  };
+
+  age.secrets.phantom-mastodon-mailer-password = {
+    file = ../../secrets/phantom-mastodon-mailer-password.age;
+    mode = "400";
+    owner = "mastodon";
+  };
 }
--- a/hosts/phantom/nextcloud.nix
+++ b/hosts/phantom/nextcloud.nix
@ -2,7 +2,7 @@
  services.nextcloud = {
    enable = true;
    package = pkgs.nextcloud27;
-    hostName = "cloud.lelgenio.xyz";
+    hostName = "cloud.lelgenio.com";
    https = true;
    config = {
      adminpassFile = config.age.secrets.phantom-nextcloud.path;
--- a/hosts/phantom/nginx.nix
+++ b/hosts/phantom/nginx.nix
@ -1,10 +1,23 @@
-{ config, pkgs, inputs, ... }: {
+{ config, pkgs, lib, ... }: {
  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
+    recommendedOptimisation = true;
+    recommendedGzipSettings = true;
  };

+  # Redirect *lelgenio.xyz -> *lelgenio.com
+  services.nginx.virtualHosts = lib.mapAttrs'
+    (key: value: lib.nameValuePair "${key}lelgenio.xyz" value)
+    (
+      lib.genAttrs [ "" "social." "blog." "cloud." "mail." "git." "syncthing." ] (name: {
+        enableACME = true;
+        forceSSL = true;
+        locations."/".return = "301 $scheme://${name}lelgenio.com$request_uri";
+      })
+    );
+
  security.acme = {
    acceptTerms = true;
    defaults.email = "lelgenio@disroot.org";
--- a/hosts/phantom/renawiki.nix
+++ b/hosts/phantom/renawiki.nix
@ -1,23 +0,0 @@
-{ config, pkgs, inputs, ... }: {
-  services.mediawiki = {
-    enable = true;
-    name = "Rena Wiki";
-
-    webserver = "nginx";
-    nginx.hostName = "renawiki.lelgenio.xyz";
-    passwordFile = config.age.secrets.phantom-renawiki.path;
-
-    extensions.VisualEditor = null;
-  };
-  services.nginx.virtualHosts."renawiki.lelgenio.xyz" = {
-    enableACME = true;
-    forceSSL = true;
-  };
-
-  age.secrets.phantom-renawiki = {
-    file = ../../secrets/phantom-renawiki.age;
-    mode = "400";
-    owner = "mediawiki";
-  };
-}
-
--- a/hosts/phantom/syncthing.nix
+++ b/hosts/phantom/syncthing.nix
@ -7,7 +7,7 @@
    openDefaultPorts = true;
  };

-  services.nginx.virtualHosts."syncthing.lelgenio.xyz" = {
+  services.nginx.virtualHosts."syncthing.lelgenio.com" = {
    enableACME = true;
    forceSSL = true;
    locations."/" = {
--- a/hosts/phantom/writefreely.nix
+++ b/hosts/phantom/writefreely.nix
@ -4,7 +4,7 @@
    acme.enable = true;
    nginx.enable = true;
    nginx.forceSSL = true;
-    host = "blog.lelgenio.xyz";
+    host = "blog.lelgenio.com";
    admin.name = "lelgenio";
    admin.initialPasswordFile = config.age.secrets.phantom-writefreely.path;
    settings.app = {
--- a/secrets/phantom-mastodon-mailer-password.age
+++ b/secrets/phantom-mastodon-mailer-password.age
@ -0,0 +1,13 @@
+age-encryption.org/v1
+-> ssh-rsa BwwxHg
+Mnc+/tJ0QqxHkg2nl9gEkz5Oj1RgxtOZnD5gRv66ISUOqZhNm1+F+xVEdKn843/q
+/WzH0f1cTF9NXP8vIaEo//bMmp50obJAd+JNovJxV+0gb9L55Nu7ayvK+eyk6j5n
+eb8TxUnwh5BPkEyc6akDh/O49GXzLlVoFD6Ik/0f3YCqUDNAYOl2bsssXtevCeK/
+WEPoCFGhZfNUrOo/0eAhiujZZ5zVb0CWNqXi8VTe2eWOE20VJULcN13TEyO3ZePx
+bAPBmDfS5GgGlV4INWxVLaIMDrzlm0tYozbBNNUbdLFFOhIOrgvay9RWxdk0u2hJ
+MPKoKsJ96EFxrbZJdS0W7a+aZk/Q3A3Civ2rtPx+5UANhmlY8e1lUHa26e1vA4K7
+ApoMtDyCbuZ9FbLurwl9zO64wWP68aKzuyKOIw+wpy41NQ/PcViSY8KNG9Pt7A2N
+CcOkByx+rwz+JdNHbOF8O4FFG4fNSWn7SvVtu5ymGgVi1bOd8PdJpjDR+6Is0SX7
+
+--- DHNyITb7ZseEV58MOD/zHeH5vff0hhlbKg27rlYECGk
+ÆJ…¨Úãè·<hUs/¿ïš}ó´Zi`ˆ‘ 'ÂJŸ°z5ùÃgõãŸ%€ì‡`¤º%/˜‚±<01>ˆ„á-Î<x—íõÉ’|
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -12,4 +12,5 @@ in
  "phantom-writefreely.age".publicKeys = [ main_ssh_public_key ];
  "phantom-renawiki.age".publicKeys = [ main_ssh_public_key ];
  "phantom-forgejo-mailer-password.age".publicKeys = [ main_ssh_public_key ];
+  "phantom-mastodon-mailer-password.age".publicKeys = [ main_ssh_public_key ];
 }
--- a/2
+++ b/2
@ -2,7 +2,7 @@

 nix fmt

-git diff
+git --no-pager diff

 nixos-rebuild switch --flake .#phantom \
  --update-input nixpkgs \
--- a/system/greetd.nix
+++ b/system/greetd.nix
@ -17,6 +17,7 @@ in
    # enable sway window manager
    programs.sway = {
      enable = true;
+      package = pkgs.mySway;
      wrapperFeatures.gtk = true;
    };

--- a/user/kakoune/hooks.kak
+++ b/user/kakoune/hooks.kak
@ -47,7 +47,7 @@ hook global BufOpenFile .*/COMMIT_EDITMSG %{
 hook global RegisterModified '"' %{ nop %sh{ {
    printf %s "$kak_reg_dquote" | wl-copy -n
    printf %s "$kak_reg_dquote" | xclip -i -selection clipboard
-} > /dev/null 2>&1 < /dev/null & }}
+} > /dev/null 2>&1 < /dev/null & }} -group sync-clipboard

 # Trim trailing whitespace
 hook global BufWritePre .* %{ try %{
Author	SHA1	Message	Date
Leonardo Eugênio	056899d344	configuration: extract nixos config into more files	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	276658b73c	kdeconect: update config	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	884e2dcf89	gnome: update autologin config	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	82e5246293	scripts: add pass export script	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	ae6354806e	qutebrowser: don't install if not the default browser	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	337df8cc99	monolith: disable virtualbox while it's borked	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	6c34b71580	flake: update to 24.05	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	7a5f26cca5	Revert "sshd: disable until xz is secure" This reverts commit `b0d1b2fbff`.	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	29e5b92702	sway: don't require rebuilding sway dependencies	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	d795d1fc6b	sway: set godot windows to floating	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	7232b41cf6	sway: autostart corectrl	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	518f075e79	git: enable lfs	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	92d4323155	update: pass arguments to ./switch	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	952b367f22	monolith: add gpu crash work-around	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	405bbee2bf	sway: enable adaptive sync	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	9632aba595	forgejo-runner: update runner token and url	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	a7f5a40a43	firefox: add i dont care about cookies	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	56e0f9230e	ssh: update hostnames	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	e8a24dcbe7	sway: make gaming windows floating by default	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	12d91be692	update	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	b2354df152	firefox: add substitoot extension	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	02f6f2c5d9	monolith: enable all features of corectrl	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	4f29961c4c	monolith: add forgejo runner	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	a2d3fc0667	sshd: disable until xz is secure	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	fc60ae8fed	sway: add more env vars to dbus activation	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	42b554c87f	flake: update lockfile	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	85ec5290d0	syncthing: way for tray	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	9740163109	kdenlive: fix theme	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	01a3efdd1d	theme: improve qt theming	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	f6d8c5e76b	syncthing: enable tray icon	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	07d7f551f9	mangohud: install patch to fix keybind crash	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	51524ccd8a	gpg: simplify config	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	c26cea6183	update	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	2433d75e85	lsp: replace rnix-lsp with nil	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	ea25b5d28e	update	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	5c5bff3a65	btop: enable gpu monitoring	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	45448b8102	update	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	80e84121dd	kak-lsp: update config to new format	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	13f31c1b8e	alacritty: update config	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	fad53f2613	update renamed xkb config	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	bffb3a75cc	update	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	5975c82fd8	update	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	7aa4ccbc7e	update	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	6d08d7b0f1	sway: disable adaptive sync	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	83a7ce70b5	update	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	487adbf911	update	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	12cfafeb3e	switch to nixpkgs unstable	2024-05-28 00:38:37 -03:00
Leonardo Eugênio	0397a4e166	nginx: redirect syncthing. to .com	2024-05-16 11:19:02 -03:00
lelgenio	f8e48e7fa0	nginx: redirect git. to .com	2024-05-15 15:54:04 -03:00
Leonardo Eugênio	c40cbf74f3	nginx: add .xyz -> .com redirect	2024-05-14 16:56:09 -03:00
Leonardo Eugênio	2516836026	mastodon: configure noreply email	2024-05-11 22:21:35 -03:00
Leonardo Eugênio	0f10937be8	phantom: move from .xyz to .com	2024-05-11 18:32:26 -03:00
Leonardo Eugênio	de26e20ed4	phandom: remove wiki	2024-05-11 18:32:26 -03:00
lelgenio	30ea33079a	kak: name clipboard sync hook	2024-05-08 16:28:59 -03:00
Leonardo Eugênio	4f54c31dc5	email: disable ipv6 smtp	2024-05-03 12:32:45 -03:00
Leonardo Eugênio	3c8caa0a17	fixup! switch: don't show git diff pager	2024-05-03 12:32:38 -03:00