Update to NixOs 21.11 and add dokuwiki

dns.tf

@@ -38,6 +38,20 @@ resource "hetznerdns_record" "jellyfin_a" {
   type    = "A"
   ttl     = 600
 }
+resource "hetznerdns_record" "anderia_a" {
+  zone_id = data.hetznerdns_zone.banditlair_zone.id
+  name    = "anderia"
+  value   = data.hcloud_floating_ip.main_ip.ip_address
+  type    = "A"
+  ttl     = 600
+}
+resource "hetznerdns_record" "arkadia_a" {
+  zone_id = data.hetznerdns_zone.banditlair_zone.id
+  name    = "arkadia"
+  value   = data.hcloud_floating_ip.main_ip.ip_address
+  type    = "A"
+  ttl     = 600
+}
 resource "hetznerdns_record" "db1_a" {
   zone_id = data.hetznerdns_zone.banditlair_zone.id
   name    = "db1"

flake.lock

@@ -70,16 +70,16 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1637875414,
+        "lastModified": 1638587357,
-        "narHash": "sha256-Ica++SXFuLyxX9Q7YxhfZulUif6/gwM8AEQYlUxqSgE=",
+        "narHash": "sha256-2ySMW3QARG8BsRPmwe7clTbdCuaObromOKewykP+UJc=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "3bea86e918d8b54aa49780505d2d4cd9261413be",
+        "rev": "e34c5379866833f41e2a36f309912fa675d687c7",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-21.05",
+        "ref": "nixos-21.11",
         "repo": "nixpkgs",
         "type": "github"
       }

flake.nix

@@ -1,6 +1,6 @@
 {
   inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-21.05";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-21.11";
     nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
     sops-nix.url = "github:Mic92/sops-nix";
     sops-nix.inputs.nixpkgs.follows = "nixpkgs";

modules/dokuwiki.nix

@@ -0,0 +1,19 @@
+{ config, lib, pkgs, ... }:
+let
+  configureWiki = name: {
+    services.dokuwiki.sites = {
+      "${name}.${config.networking.domain}" = {
+        enable = true;
+        stateDir = "/nix/var/data/dokuwiki/${name}/data";
+      };
+    };
+
+    services.phpfpm.pools."dokuwiki-${name}.${config.networking.domain}".phpPackage = lib.mkOverride 10 pkgs.php74;
+
+    services.nginx.virtualHosts."${name}.${config.networking.domain}" = {
+      forceSSL = true;
+      enableACME = true;
+    };
+  };
+in
+configureWiki "anderia" // configureWiki "arkadia"

modules/synapse.nix

@@ -28,7 +28,7 @@ in
       "${config.networking.domain}" = {
         enableACME = true;
         forceSSL = true;
-        acmeFallbackHost = "storage1.banditlair.com";
+        # acmeFallbackHost = "storage1.banditlair.com";
 
         locations."= /.well-known/matrix/server".extraConfig =
           let

profiles/backend.nix

@@ -9,6 +9,7 @@
     ../modules/synapse.nix
     ../modules/nextcloud.nix
     ../modules/custom-backup-job.nix
+    ../modules/dokuwiki.nix
   ];
 
   sops.secrets = {
@@ -26,7 +27,18 @@
     sshKey = config.sops.secrets.borgPassphrase.path;
   };
 
-  networking.localCommands = "ip addr add 95.216.177.3/32 dev enp1s0";
+  networking.interfaces.enp1s0 = {
+    useDHCP = true;
+    ipv4 = {
+      addresses = [
+        {
+          address = "95.216.177.3";
+          prefixLength = 32;
+        }
+      ];
+    };
+  };
+
   networking.firewall.allowedTCPPorts = [ 80 443 64738 ];
   networking.firewall.allowedUDPPorts = [ 64738 ];
 
@@ -45,6 +57,4 @@
         start = "${pkgs.systemd}/bin/systemctl start nextcloud-data-sshfs.service"
     '';
   };
-
-  networking.firewall.interfaces."ens10".allowedTCPPorts = [ 80 ];
 }