tuxcord/tuxcord.nix
8
2
Fork 1
Code Issues 13 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Compare commits

base: tuxcord/tuxcord.nix:931ee4f8624c709966c159f3248f8a3591a48fa8
Branches Tags
tuxcord/tuxcord.nix:main tuxcord/tuxcord.nix:staging tuxcord/tuxcord.nix:styling/forgejo tuxcord/tuxcord.nix:auth/authelia tuxcord/tuxcord.nix:auth/authentik
..
compare: tuxcord/tuxcord.nix:8d6be9fcf0e8376b7e5bdeffce95a342efa38842
Branches Tags
tuxcord/tuxcord.nix:staging tuxcord/tuxcord.nix:styling/forgejo tuxcord/tuxcord.nix:auth/authelia tuxcord/tuxcord.nix:auth/authentik tuxcord/tuxcord.nix:main

16 Commits
931ee4f862 .. 8d6be9fcf0

Author SHA1 Message Date
javalsai 8d6be9fcf0 docs: add sections and fix typos/errors
Check / Nix flake (push) Failing after 9s
Details
Lint / Nix expressions (push) Failing after 11s
Details
2026-05-04 02:00:47 +02:00
ErrorNoInternet 4c52994bf8 treewide: initialize npins 2026-05-04 02:00:47 +02:00
ErrorNoInternet b964fe3e89 treewide: refactor code 2026-05-04 02:00:47 +02:00
javalsai 9008f6fdb9 nixos/security: add acme through dns challenge 
few side refactors of this:
- no more `dns.domain`, it all must rely on `fqdn`, prevents
  inconsistencies.
- also added an specific host `tuxcord-acmetest` that uses the key zone
  for `nix.tuxcord.net` to test certificate pulling.
 2026-05-04 02:00:47 +02:00
javalsai 701a477d42 docs: document installation, secrets and setup steps 2026-05-04 02:00:47 +02:00
javalsai b491abe065 nixos/services: make dns configuration easier 2026-05-04 02:00:47 +02:00
javalsai ddb136f971 nixos/service: add dns (bind named server) 2026-05-04 02:00:47 +02:00
javalsai d8a90697e9 nixos/programs: add bind utils 2026-05-04 02:00:47 +02:00
javalsai 433645f459 lib/ssh: add more ssh keys 2026-05-04 02:00:44 +02:00
javalsai dd7ad60710 nixos/services: add gitea server
Check / Nix flake (push) Failing after 9s
Details
Lint / Nix expressions (push) Failing after 10s
Details
2026-05-04 01:56:34 +02:00
javalsai fd18ae4a78 nixos/services: add nginx base configuration 2026-05-04 01:56:34 +02:00
javalsai d7deaa187c nixos/networking: add own fqdn to extraHosts 2026-05-04 01:56:34 +02:00
javalsai c6d66902bb nixos/hosts: add tuxcord-vm host configuration 2026-05-04 01:56:34 +02:00
ErrorNoInternet 4704a887fa nixos: separate openssh firewall port 2026-05-04 01:56:34 +02:00
javalsai eaaffcc289 lib/ssh: add more ssh keys 2026-05-04 01:56:32 +02:00
javalsai d4d560c30f nixos/vm: enable qemu network bridge 2026-05-04 01:55:29 +02:00
3 changed files with 28 additions and 2 deletions
Expand all files Collapse all files
nixos/openssh.nix
+8
View File
@@ -10,6 +10,14 @@
PermitRootLogin = "no";
};
};
<<<<<<< HEAD
networking.firewall.allowedTCPPorts = [ 22 ];
||||||| parent of 1c2f11d (lib/ssh: add more ssh keys)
users.users.root.openssh.authorizedKeys.keys = builtins.attrValues {
inherit (import "${self}/lib/ssh/keys.nix") error javalsai;
};
=======
>>>>>>> 1c2f11d (lib/ssh: add more ssh keys)
}
nixos/vm.nix
+2 -2
View File
@@ -7,8 +7,8 @@
memorySize = 4096;
qemu.networkingOptions = lib.mkForce [
"-net nic,netdev=user.0,model=virtio"
"-netdev user,id=user.0,\${QEMU_NET_OPTS:+,$QEMU_NET_OPTS}"
"-nic bridge,br=virbr0,id=hn0,model=virt-net-pci,helper=\${QEMU_BRIDGE_HELPER_PATH}"
"-device virtio-net-pci,netdev=hn0,id=nic1,\${QEMU_NET_OPTS:+,$QEMU_NET_OPTS}"
];
};
}
shells/default.nix
+18
View File
@@ -5,6 +5,24 @@
{
devShells.default = pkgs.mkShell {
name = "configuration.nix";
shellHook = ''
for path in \
/usr/lib/qemu/qemu-bridge-helper \
/run/wrappers/bin/qemu-bridge-helper
do
if [ -x "$path" ]; then
export QEMU_BRIDGE_HELPER_PATH="$path"
break
fi
done
if [ -z "$QEMU_BRIDGE_HELPER_PATH" ]; then
printf "\033[1;33m%s\033[0m\n" \
"WARN: 'qemu-bridge-helper' not found, make sure it is installed and the nix shell hook is looking for it" >&2
fi
'';
packages = with pkgs; [
bat
cachix