xin/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

biotite: move all services to biotite except kanidm

Browse source
This commit is contained in:
xinyangli 2024-12-05 13:28:22 +08:00
parent 7bc5db676d
commit 756357552a
Signed by: xin
SSH key fingerprint: SHA256:UU5pRTl7NiLFJbWJZa+snLylZSXIz5rgHmwjzv8v4oE
13 changed files with 78 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

9
machines/massicot/default.nix
View file

@ -15,18 +15,9 @@
defaultSopsFile = ./secrets.yaml;
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
secrets = {
storage_box_mount = {
owner = "root";
};
gts_env = {
owner = "gotosocial";
};
"miniflux/oauth2_secret" = {
owner = "root";
};
"forgejo/env" = {
owner = "forgejo";
};
};
};

12
machines/massicot/kanidm-provision.nix
View file

@ -1,10 +1,12 @@
{ pkgs, ... }:
{ pkgs, config, ... }:
let
inherit (config.my-lib.settings)
gotosocialUrl
minifluxUrl
hedgedocDomain
forgejoDomain
grafanaUrl
synapseDelegateUrl
;
in
{
@ -200,8 +202,8 @@ in
};
grafana = {
displayName = "Grafana";
originUrl = "https://grafana.xinyang.life/login/generic_oauth";
originLanding = "https://grafana.xinyang.life/";
originUrl = "${grafanaUrl}/login/generic_oauth";
originLanding = "${grafanaUrl}/";
scopeMaps = {
grafana-users = [
"openid"
@ -223,8 +225,8 @@ in
};
synapse = {
displayName = "Synapse";
originUrl = "https://synapse.xiny.li/_synapse/client/oidc/callback";
originLanding = "https://synapse.xiny.li/";
originUrl = "${synapseDelegateUrl}/_synapse/client/oidc/callback";
originLanding = "${synapseDelegateUrl}/";
scopeMaps = {
synapse-users = [
"openid"

7
machines/massicot/services/restic.nix
View file

@ -34,13 +34,6 @@ in
];
};
services.postgresqlBackup = {
enable = true;
compression = "zstd";
compressionLevel = 9;
location = "/backup/postgresql";
};
services.restic.backups.${config.networking.hostName} = {
extraBackupArgs = [
"--limit-upload=1024"