From a043edf25d2f3f5fcca4e48fac44ea61364a1c3a Mon Sep 17 00:00:00 2001 From: Paul-Henri Froidmont Date: Tue, 7 Dec 2021 08:34:21 +0100 Subject: [PATCH] Update to NixOs 21.11 and add dokuwiki --- dns.tf | 14 ++++++++++++++ flake.lock | 8 ++++---- flake.nix | 2 +- modules/dokuwiki.nix | 19 +++++++++++++++++++ modules/synapse.nix | 2 +- profiles/backend.nix | 16 +++++++++++++--- 6 files changed, 52 insertions(+), 9 deletions(-) create mode 100644 modules/dokuwiki.nix diff --git a/dns.tf b/dns.tf index 47c9735..53f6b46 100644 --- a/dns.tf +++ b/dns.tf @@ -38,6 +38,20 @@ resource "hetznerdns_record" "jellyfin_a" { type = "A" ttl = 600 } +resource "hetznerdns_record" "anderia_a" { + zone_id = data.hetznerdns_zone.banditlair_zone.id + name = "anderia" + value = data.hcloud_floating_ip.main_ip.ip_address + type = "A" + ttl = 600 +} +resource "hetznerdns_record" "arkadia_a" { + zone_id = data.hetznerdns_zone.banditlair_zone.id + name = "arkadia" + value = data.hcloud_floating_ip.main_ip.ip_address + type = "A" + ttl = 600 +} resource "hetznerdns_record" "db1_a" { zone_id = data.hetznerdns_zone.banditlair_zone.id name = "db1" diff --git a/flake.lock b/flake.lock index 7772817..59f7f22 100644 --- a/flake.lock +++ b/flake.lock @@ -70,16 +70,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1637875414, - "narHash": "sha256-Ica++SXFuLyxX9Q7YxhfZulUif6/gwM8AEQYlUxqSgE=", + "lastModified": 1638587357, + "narHash": "sha256-2ySMW3QARG8BsRPmwe7clTbdCuaObromOKewykP+UJc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3bea86e918d8b54aa49780505d2d4cd9261413be", + "rev": "e34c5379866833f41e2a36f309912fa675d687c7", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-21.05", + "ref": "nixos-21.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index f859251..33469fc 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,6 @@ { inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-21.05"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-21.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; sops-nix.url = "github:Mic92/sops-nix"; sops-nix.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/modules/dokuwiki.nix b/modules/dokuwiki.nix new file mode 100644 index 0000000..4eb2081 --- /dev/null +++ b/modules/dokuwiki.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: +let + configureWiki = name: { + services.dokuwiki.sites = { + "${name}.${config.networking.domain}" = { + enable = true; + stateDir = "/nix/var/data/dokuwiki/${name}/data"; + }; + }; + + services.phpfpm.pools."dokuwiki-${name}.${config.networking.domain}".phpPackage = lib.mkOverride 10 pkgs.php74; + + services.nginx.virtualHosts."${name}.${config.networking.domain}" = { + forceSSL = true; + enableACME = true; + }; + }; +in +configureWiki "anderia" // configureWiki "arkadia" diff --git a/modules/synapse.nix b/modules/synapse.nix index a50a85c..98402dc 100644 --- a/modules/synapse.nix +++ b/modules/synapse.nix @@ -28,7 +28,7 @@ in "${config.networking.domain}" = { enableACME = true; forceSSL = true; - acmeFallbackHost = "storage1.banditlair.com"; + # acmeFallbackHost = "storage1.banditlair.com"; locations."= /.well-known/matrix/server".extraConfig = let diff --git a/profiles/backend.nix b/profiles/backend.nix index e20ecde..3bf2362 100644 --- a/profiles/backend.nix +++ b/profiles/backend.nix @@ -9,6 +9,7 @@ ../modules/synapse.nix ../modules/nextcloud.nix ../modules/custom-backup-job.nix + ../modules/dokuwiki.nix ]; sops.secrets = { @@ -26,7 +27,18 @@ sshKey = config.sops.secrets.borgPassphrase.path; }; - networking.localCommands = "ip addr add 95.216.177.3/32 dev enp1s0"; + networking.interfaces.enp1s0 = { + useDHCP = true; + ipv4 = { + addresses = [ + { + address = "95.216.177.3"; + prefixLength = 32; + } + ]; + }; + }; + networking.firewall.allowedTCPPorts = [ 80 443 64738 ]; networking.firewall.allowedUDPPorts = [ 64738 ]; @@ -45,6 +57,4 @@ start = "${pkgs.systemd}/bin/systemctl start nextcloud-data-sshfs.service" ''; }; - - networking.firewall.interfaces."ens10".allowedTCPPorts = [ 80 ]; }