noa/nixconf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

host Qubit-Quilt on nuOS

Browse source
This commit is contained in:
Noa Aarts 2025-09-09 08:29:58 +02:00
parent 03de308a9e
commit 506c560315
Signed by: noa
GPG key ID: 1850932741EFF672
6 changed files with 169 additions and 89 deletions
Download patch file Download diff file Expand all files Collapse all files

68
flake.lock generated
View file

@ -216,6 +216,22 @@
"type": "github"
}
},
"booktheme": {
"flake": false,
"locked": {
"lastModified": 1741979577,
"narHash": "sha256-SECuhWk5pDEgERURb78QrzSyKINV62fLXladfPA5q9w=",
"owner": "getzola",
"repo": "book",
"rev": "4ee06ce568e1c9f6d19f53bf521fb267603bc6c4",
"type": "github"
},
"original": {
"owner": "getzola",
"repo": "book",
"type": "github"
}
},
"crane": {
"locked": {
"lastModified": 1748047550,
@ -340,6 +356,18 @@
"type": "github"
}
},
"export_templates": {
"flake": false,
"locked": {
"narHash": "sha256-rtBhRkzwg9imC8WSr4AsuQnMcfv3n/jB8+/mPRPGzzk=",
"type": "file",
"url": "https://github.com/godotengine/godot/releases/download/4.4.1-stable/Godot_v4.4.1-stable_export_templates.tpz"
},
"original": {
"type": "file",
"url": "https://github.com/godotengine/godot/releases/download/4.4.1-stable/Godot_v4.4.1-stable_export_templates.tpz"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
@ -1036,6 +1064,22 @@
}
},
"nixpkgs_10": {
"locked": {
"lastModified": 1756911493,
"narHash": "sha256-6n/n1GZQ/vi+LhFXMSyoseKdNfc2QQaSBXJdgamrbkE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c6a788f552b7b7af703b1a29802a7233c0067908",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_11": {
"locked": {
"lastModified": 1756819007,
"narHash": "sha256-12V64nKG/O/guxSYnr5/nq1EfqwJCdD2+cIGmhz3nrE=",
@ -1289,6 +1333,27 @@
"type": "github"
}
},
"qubit-quilt": {
"inputs": {
"booktheme": "booktheme",
"export_templates": "export_templates",
"nixpkgs": "nixpkgs_10"
},
"locked": {
"lastModified": 1757398682,
"narHash": "sha256-kdvzQkhEpv1Vog+DehW1ZaGC8zlp8fheF7i1BC7Npeg=",
"owner": "itepastra",
"repo": "Quantum-surface-application",
"rev": "375a658a480e6b79b52f05ab5764f4d0cc7c66cc",
"type": "github"
},
"original": {
"owner": "itepastra",
"ref": "init-website",
"repo": "Quantum-surface-application",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
@ -1305,6 +1370,7 @@
"nixcord": "nixcord",
"nixpkgs": "nixpkgs_8",
"nixsg": "nixsg",
"qubit-quilt": "qubit-quilt",
"stylix": "stylix",
"tsunami": "tsunami_2"
}
@ -1339,7 +1405,7 @@
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": "flake-parts_3",
"gnome-shell": "gnome-shell",
"nixpkgs": "nixpkgs_10",
"nixpkgs": "nixpkgs_11",
"nur": "nur",
"systems": "systems_7",
"tinted-foot": "tinted-foot",

3
flake.nix
View file

@ -56,6 +56,9 @@
inputs.nixpkgs.follows = "nixpkgs";
inputs.lix.follows = "lix";
};
qubit-quilt = {
url = "github:itepastra/Quantum-surface-application/init-website";
};
# declarative vencord client
nixcord.url = "github:kaylorben/nixcord";
# for styling apps etc in a consistent theme

1
hosts/lambdaos/configuration.nix
View file

@ -96,6 +96,7 @@
enable = true;
libraries = with pkgs; [
libc
icu
];
};
};

91
hosts/nuos/configuration.nix
View file

@ -10,9 +10,6 @@
config,
...
}:
let
enableFlurry = true;
in
{
imports = [
# Include the results of the hardware scan.
@ -23,6 +20,7 @@ in
(modulesPath + "/profiles/qemu-guest.nix")
./home-assistant.nix
./nginx.nix
../../common
];
@ -216,7 +214,7 @@ in
};
"flurry" = {
enable = enableFlurry;
enable = (import ./toggles.nix).enableFlurry;
description = "Pixelflut server";
serviceConfig = {
ExecStart = "${
@ -337,19 +335,6 @@ in
};
services = {
authentik = {
enable = true;
environmentFile = config.age.secrets."authentik/env".path;
nginx = {
enable = true;
enableACME = true;
host = "auth.itepastra.nl";
};
settings = {
disable_startup_analytics = true;
avatars = "initials";
};
};
factorio = {
enable = false;
# package = pkgs.factorio-headless.override {
@ -404,76 +389,6 @@ in
};
};
};
nginx =
let
extra = ''
client_max_body_size 50000M;
proxy_redirect off;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
send_timeout 600s;'';
proxy = name: url: {
forceSSL = true;
useACMEHost = name;
extraConfig = extra;
locations."/" = {
proxyWebsockets = true;
proxyPass = url;
};
};
in
{
enable = true;
package = pkgs.nginx.override {
modules = [ pkgs.nginxModules.brotli ];
};
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedBrotliSettings = true;
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
virtualHosts = lib.mkMerge [
({
"noa.voorwaarts.nl" = {
forceSSL = true;
enableACME = true;
extraConfig = extra;
locations."/" = {
proxyWebsockets = true;
proxyPass = "http://192.168.42.5:8000";
};
};
"images.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://192.168.42.5:2283/";
"maintenance.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://192.168.42.5:5000/";
"map.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://127.0.0.1:8123/";
"itepastra.nl" = {
forceSSL = true;
enableACME = true;
extraConfig = extra;
locations."/" = {
proxyWebsockets = true;
proxyPass = "http://192.168.42.5:9001/";
};
};
"calendar.itepastra.nl" = proxy "itepastra.nl" "http://[::1]:29341";
# home-assistant proxy
"home.itepastra.nl" = proxy "itepastra.nl" "http://[::1]:8123";
})
(lib.mkIf enableFlurry {
"flurry.itepastra.nl" = proxy "itepastra.nl" "http://127.0.0.1:3000";
})
];
};
};
security.acme = {
@ -491,7 +406,7 @@ in
"home.itepastra.nl"
]
++ [
(lib.mkIf enableFlurry "flurry.itepastra.nl")
(lib.mkIf (import ./toggles.nix).enableFlurry "flurry.itepastra.nl")
];
};
};

91
hosts/nuos/nginx.nix Normal file
View file

@ -0,0 +1,91 @@
{
pkgs,
lib,
inputs,
...
}:
let
enableFlurry = true;
enableQubitQuilt = true;
in
{
services.nginx =
let
extra = ''
client_max_body_size 50000M;
proxy_redirect off;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
send_timeout 600s;'';
proxy = name: url: {
forceSSL = true;
useACMEHost = name;
extraConfig = extra;
locations."/" = {
proxyWebsockets = true;
proxyPass = url;
};
};
in
{
enable = true;
package = pkgs.nginx.override {
modules = [ pkgs.nginxModules.brotli ];
};
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedBrotliSettings = true;
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
virtualHosts = lib.mkMerge [
({
"noa.voorwaarts.nl" = {
forceSSL = true;
enableACME = true;
extraConfig = extra;
locations."/" = {
proxyWebsockets = true;
proxyPass = "http://192.168.42.5:8000";
};
};
"images.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://192.168.42.5:2283/";
"maintenance.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://192.168.42.5:5000/";
"map.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://127.0.0.1:8123/";
"itepastra.nl" = {
forceSSL = true;
enableACME = true;
extraConfig = extra;
locations."/" = {
proxyWebsockets = true;
proxyPass = "http://192.168.42.5:9001/";
};
};
"geenit.nl" = {
forceSSL = true;
enableACME = true;
extraConfig = extra;
locations."/" = {
root = inputs.qubit-quilt.packages."x86_64-linux".default;
};
};
"calendar.itepastra.nl" = proxy "itepastra.nl" "http://[::1]:29341";
# home-assistant proxy
"home.itepastra.nl" = proxy "itepastra.nl" "http://[::1]:8123";
})
(lib.mkIf (import ./toggles.nix).enableFlurry {
"flurry.itepastra.nl" = proxy "itepastra.nl" "http://127.0.0.1:3000";
})
];
};
}

4
hosts/nuos/toggles.nix Normal file
View file

@ -0,0 +1,4 @@
{
enableFlurry = true;
enableQubitQuilt = true;
}