commit cfbc392be44802bb36103160ca74027072e4c6fe · koi.rip/dotfiles

+1 -1

systems/seber/services/default.nix

··· 3 3 ./website.nix 4 4 ./lebel.nix 5 5 ./vaultwarden.nix 6 - ./ebil-club 6 + ./ebil-club.nix 7 7 ]; 8 8 }

+69

systems/seber/services/ebil-club.nix

··· 1 + { pkgs, ... }: 2 + 3 + let 4 + mkSite = 5 + { name, sshPubkey }: 6 + let 7 + host = "${name}.ebil.club"; 8 + home = "/var/ebil.club/${name}"; 9 + in 10 + { 11 + services.nginx.virtualHosts."${host}" = { 12 + locations."/" = { 13 + root = "${home}/${host}"; 14 + index = "index.html"; 15 + extraConfig = "try_files $uri $uri/ =404;"; 16 + }; 17 + extraConfig = "error_page 404 /404.html;"; 18 + sslCertificate = "/run/agenix/ssl-adamperkowski-cert"; 19 + sslCertificateKey = "/run/agenix/ssl-adamperkowski-key"; 20 + onlySSL = true; 21 + }; 22 + 23 + users = { 24 + groups."${name}" = { }; 25 + users."${name}" = { 26 + inherit home; 27 + isNormalUser = true; 28 + hashedPassword = "!"; 29 + group = name; 30 + openssh.authorizedKeys.keys = [ 31 + ''command="${pkgs.rrsync}/bin/rrsync ~/${host}",restrict,no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ${sshPubkey}'' 32 + ]; 33 + }; 34 + }; 35 + 36 + systemd.tmpfiles.rules = [ 37 + "Z ${home} 0750 ${name} nginx" 38 + "d ${home}/${host} 0750 ${name} nginx -" 39 + ]; 40 + }; 41 + in 42 + { 43 + imports = [ 44 + (mkSite { 45 + name = "seba"; 46 + sshPubkey = "AAAAC3NzaC1lZDI1NTE5AAAAIN7xlBanf8BNQXosqGT5QroBntpFUsy3g12fO/fPE414"; 47 + }) 48 + ]; 49 + 50 + services.nginx.virtualHosts."ebil.club" = { 51 + locations = { 52 + "/" = { 53 + root = "/var/ebil.club/ebil.club"; 54 + index = "index.html"; 55 + extraConfig = "try_files $uri $uri/ =404;"; 56 + }; 57 + "/discord".return = "302 https://discord.gg/mJAQHPJ9Eb"; 58 + }; 59 + extraConfig = "error_page 404 /404.html;"; 60 + onlySSL = true; 61 + sslCertificate = "/run/agenix/ssl-adamperkowski-cert"; 62 + sslCertificateKey = "/run/agenix/ssl-adamperkowski-key"; 63 + }; 64 + 65 + systemd.tmpfiles.rules = [ 66 + "Z /var/ebil.club/ebil.club 0750 adam nginx" 67 + "d /var/ebil.club/ebil.club 0750 adam nginx -" 68 + ]; 69 + }

-23

systems/seber/services/ebil-club/default.nix

··· 1 - { 2 - imports = [ ./seba.nix ]; 3 - 4 - services.nginx.virtualHosts."ebil.club" = { 5 - locations = { 6 - "/" = { 7 - root = "/var/ebil.club/ebil.club"; 8 - index = "index.html"; 9 - extraConfig = "try_files $uri $uri/ =404;"; 10 - }; 11 - "/discord".return = "302 https://discord.gg/mJAQHPJ9Eb"; 12 - }; 13 - extraConfig = "error_page 404 /404.html;"; 14 - onlySSL = true; 15 - sslCertificate = "/run/agenix/ssl-adamperkowski-cert"; 16 - sslCertificateKey = "/run/agenix/ssl-adamperkowski-key"; 17 - }; 18 - 19 - systemd.tmpfiles.rules = [ 20 - "Z /var/ebil.club/ebil.club 0750 adam nginx" 21 - "d /var/ebil.club/ebil.club 0750 adam nginx -" 22 - ]; 23 - }

-35

systems/seber/services/ebil-club/seba.nix

··· 1 - { pkgs, ... }: 2 - 3 - { 4 - environment.systemPackages = [ pkgs.rrsync ]; 5 - 6 - services.nginx.virtualHosts."seba.ebil.club" = { 7 - locations."/" = { 8 - root = "/var/ebil.club/seba/seba.ebil.club"; 9 - index = "index.html"; 10 - extraConfig = "try_files $uri $uri/ =404;"; 11 - }; 12 - extraConfig = "error_page 404 /404.html;"; 13 - onlySSL = true; 14 - sslCertificate = "/run/agenix/ssl-adamperkowski-cert"; 15 - sslCertificateKey = "/run/agenix/ssl-adamperkowski-key"; 16 - }; 17 - 18 - users = { 19 - groups.seba = { }; 20 - users.seba = { 21 - isNormalUser = true; 22 - home = "/var/ebil.club/seba"; 23 - hashedPassword = "!"; 24 - group = "seba"; 25 - openssh.authorizedKeys.keys = [ 26 - ''command="${pkgs.rrsync}/bin/rrsync ~/seba.ebil.club",restrict,no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN7xlBanf8BNQXosqGT5QroBntpFUsy3g12fO/fPE414'' 27 - ]; 28 - }; 29 - }; 30 - 31 - systemd.tmpfiles.rules = [ 32 - "Z /var/ebil.club/seba 0750 seba nginx" 33 - "d /var/ebil.club/seba/seba.ebil.club 0750 seba nginx -" 34 - ]; 35 - }