tuxcord/tuxcord.nix
8
2
Fork 1
Code Issues 13 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Compare commits

base: tuxcord/tuxcord.nix:385693cd3538941cb0bb831216ebaadf25ee6623
Branches Tags
tuxcord/tuxcord.nix:main tuxcord/tuxcord.nix:staging tuxcord/tuxcord.nix:styling/forgejo tuxcord/tuxcord.nix:auth/authelia tuxcord/tuxcord.nix:auth/authentik
..
compare: tuxcord/tuxcord.nix:b32e506f549a19db744841973e9f2d5ef36f7c86
Branches Tags
tuxcord/tuxcord.nix:staging tuxcord/tuxcord.nix:styling/forgejo tuxcord/tuxcord.nix:auth/authelia tuxcord/tuxcord.nix:auth/authentik tuxcord/tuxcord.nix:main

24 Commits
385693cd35 .. b32e506f54

Author SHA1 Message Date
ErrorNoInternet b32e506f54 npins: update website
Check / Nix flake (push) Failing after 9s
Details
Lint / Nix expressions (push) Failing after 11s
Details
2026-05-04 00:45:23 -04:00
ErrorNoInternet 91733ce19f nixos/hosts: declare fileSystems for testing hosts 2026-05-04 00:45:23 -04:00
ErrorNoInternet bb97397e6b nixos/services/openssh: enable X11 forwarding 2026-05-04 00:45:22 -04:00
javalsai a02d935fd0 nixos/hosts: add autologin for testing hosts 2026-05-04 00:45:22 -04:00
javalsai 62b9a39599 nixos/services: add default website on nginx 2026-05-04 00:45:22 -04:00
javalsai ee17ef91ed nixos/services: disable nginx proxy buffering 2026-05-04 00:45:22 -04:00
ErrorNoInternet a2065702a4 nixos/impermanence: remove ssh host key persistence 
The SSH host key files are already defined in the OpenSSH module, so
there is no need to persist them with impermanence.nix.
 2026-05-04 00:45:22 -04:00
ErrorNoInternet 869fc59c6f shells: remove neovim 
Some users may be using self-contained Neovim executables.
 2026-05-04 00:45:22 -04:00
ErrorNoInternet 8824b565ba agenix: import initial user dns keys 2026-05-04 00:45:22 -04:00
ErrorNoInternet 9b7453b0b4 treewide: create global user list 2026-05-04 00:45:22 -04:00
javalsai fb9526fec2 docs: add sections and fix typos/errors 2026-05-04 00:45:22 -04:00
ErrorNoInternet 0692e680b8 treewide: initialize npins 2026-05-04 00:45:22 -04:00
ErrorNoInternet 3a940586d5 treewide: refactor code 2026-05-04 00:45:21 -04:00
javalsai 7e7097f457 nixos/security: add acme through dns challenge 
few side refactors of this:
- no more `dns.domain`, it all must rely on `fqdn`, prevents
  inconsistencies.
- also added an specific host `tuxcord-acmetest` that uses the key zone
  for `nix.tuxcord.net` to test certificate pulling.
 2026-05-04 00:45:21 -04:00
javalsai 22b3a95bf8 docs: document installation, secrets, and setup steps 2026-05-04 00:45:21 -04:00
javalsai de4b8833bd nixos/services: make dns configuration easier 2026-05-04 00:45:21 -04:00
javalsai ac9b80573f nixos/service: add dns (bind named server) 2026-05-04 00:45:21 -04:00
javalsai 66a15a5d19 nixos/programs: add bind utils 2026-05-04 00:45:21 -04:00
javalsai 7e331f5e1a nixos/services: add gitea server 2026-05-04 00:45:21 -04:00
javalsai a8374e231f nixos/services: add nginx base configuration 2026-05-04 00:45:21 -04:00
javalsai 27b861d5a5 nixos/networking: add own fqdn to extraHosts 2026-05-04 00:45:21 -04:00
javalsai 6a29ac005c nixos/hosts: add tuxcord-vm host configuration 2026-05-04 00:45:21 -04:00
ErrorNoInternet 0b9f76dcb4 nixos: separate openssh firewall port 2026-05-04 00:45:21 -04:00
javalsai cc52b0e6cb lib/ssh: add more ssh keys 2026-05-04 00:41:23 -04:00
4 changed files with 25 additions and 34 deletions
Expand all files Collapse all files
agenix/secrets.nix
+1 -1
View File
@@ -21,5 +21,5 @@ in
map (user: {
name = "dns/tuxcord.net/${user.name}.tuxcord.net.key.age";
value.publicKeys = [ tuxcord-ca ] ++ getSSHKeys user.name;
}) (builtins.filter (user: user.value.options.ddns or false) (attrsToList users))
}) (builtins.filter (user: user.value.ddns or false) (attrsToList users))
)
lib/default.nix
+1 -1
View File
@@ -3,7 +3,7 @@ rec {
adminSSHKeys = builtins.concatLists (
map (user: getSSHKeys user.name) (
builtins.filter (user: user.value.options.admin or false) (attrsToList users)
builtins.filter (user: user.value.admin or false) (attrsToList users)
)
);
lib/users.nix
+1 -5
View File
@@ -1,23 +1,19 @@
{
error = {
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDzdpxex2GlFVf5G2qsh3Ixa/XCMjnbq4JSTmAev7WYJ error.nointernet@gmail.com";
options = {
admin = true;
ddns = true;
};
};
javalsai = {
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDFjavnLqxIzFLIUpUWDOwhlYeoII4Qk1/9e0yWWxD/P";
options = {
admin = true;
ddns = true;
};
};
max = {
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDxVfJhzPDZ108UjB3Vj/akzlzYn27kyAw29AuYAr7gvG5vrqhLUYYmK8t+ZVWVpc1g6cK7OF1oUn2E5Qfmy6wqyZQXftAZ4OcRS0MB71W1bAcRq3rGe6KQDm8RSEeygX+zO+2Z6zQmVWgPr/I+JFQZ8wiWdP8X8djqTRdhqUD+SR3ZgTcnY3aLmeB/I56rcZQ3lKIeg/pEsyQ8weptlV0rTWamna6Z7Nw48VwWNSI+6EqfW2/4/edm0Ue8jMNqNZ0yx+kHJbudPgZgSR1SiR2rqlEEUaiQJQQV3VdY4DhGm7143ZSKUxyKlfTuQ7qR1zSIg6f5V71A37ik9YiSbBlOZO86swR4qHESoMNf608IuqRt2NdALHwozFPUCu16qnhu5JTk8twSAzrAhOk5zWQj1LYMoQEBhcFSmwir/1gE71NSjYtqXGVAdfkVmZ4uqG5+a1D7H3VXWOqu/j839M045O1ZBY6X3lKDsEJ1Z1+LCl/NojWnvPtJUHYI6+SdQ6k=";
options.admin = true;
admin = true;
};
vectorum = {
nixos/users.nix
+2 -7
View File
@@ -11,12 +11,7 @@ let
"wheel"
];
mkUser =
name: uid: options:
let
admin = options.admin or false;
in
{
mkUser = name: uid: admin: {
users.users.${name} = {
inherit uid;
isNormalUser = true;
@@ -39,7 +34,7 @@ lib.recursiveUpdate
(builtins.foldl'
(attrs: user: {
options = lib.recursiveUpdate attrs.options (
mkUser user.name attrs.uid (user.value.options or { })
mkUser user.name attrs.uid (user.value.admin or false)
);
uid = attrs.uid + 1;
})