motiejus/config
1
Fork 0
Code Packages Releases Activity

move to 23.05-small

Browse Source
This commit is contained in:
Motiejus Jakštys 2023-05-30 10:22:35 +03:00
parent ba65a7ffdf
commit 247910a2f0
1 changed files with 15 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
configuration.nix
View File

@ -68,21 +68,6 @@ in {
./zfs.nix ./zfs.nix
]; ];
nixpkgs.overlays = [
(self: super: {
systemd = super.systemd.overrideAttrs (old: {
patches =
(old.patches or [])
++ [
(super.fetchpatch {
url = "https://github.com/systemd/systemd/commit/e7f64b896201da4a11da158c35865604cf02062f.patch";
sha256 = "sha256-AvBkrD9n5ux1o167yKg1eJK8C300vBS/ks3Gbvy5vjw=";
})
];
});
})
];
boot.initrd.network = { boot.initrd.network = {
enable = true; enable = true;
ssh = { ssh = {
@ -208,8 +193,10 @@ in {
openssh = { openssh = {
enable = true; enable = true;
passwordAuthentication = false; settings = {
permitRootLogin = "no"; PermitRootLogin = "no";
PasswordAuthentication = false;
};
extraConfig = '' extraConfig = ''
AcceptEnv GIT_PROTOCOL AcceptEnv GIT_PROTOCOL
''; '';
@ -277,23 +264,23 @@ in {
headscale = { headscale = {
enable = true; enable = true;
serverUrl = "https://vpn.jakstys.lt";
openIdConnect = {
issuer = "https://git.jakstys.lt/";
clientId = "1c5fe796-452c-458d-b295-71a9967642fc";
clientSecretFile = "/var/lib/headscale/oidc_client_secret"; # https://github.com/juanfont/headscale/pull/1127
};
logLevel = "warn";
settings = { settings = {
server_url = "https://vpn.jakstys.lt";
ip_prefixes = [ ip_prefixes = [
tailscale_subnet.cidr tailscale_subnet.cidr
"fd7a:115c:a1e0:59b0::/64" "fd7a:115c:a1e0:59b0::/64"
]; ];
log.level = "warn";
dns_config = { dns_config = {
nameservers = ["1.1.1.1" "8.8.4.4"]; nameservers = ["1.1.1.1" "8.8.4.4"];
magic_dns = true; magic_dns = true;
base_domain = "jakst"; base_domain = "jakst";
}; };
oidc = {
issuer = "https://git.jakstys.lt/";
client_id = "1c5fe796-452c-458d-b295-71a9967642fc";
client_secret_path = "/var/lib/headscale/oidc_client_secret"; # TODO move to secrets
};
}; };
}; };
@ -301,10 +288,6 @@ in {
enable = true; enable = true;
user = "git"; user = "git";
database.user = "git"; database.user = "git";
domain = "git.jakstys.lt";
rootUrl = "https://git.jakstys.lt";
httpAddress = "127.0.0.1";
httpPort = 3000;
settings = { settings = {
admin.DISABLE_REGULAR_ORG_CREATION = true; admin.DISABLE_REGULAR_ORG_CREATION = true;
api.ENABLE_SWAGGER = false; api.ENABLE_SWAGGER = false;
@ -321,6 +304,10 @@ in {
server = { server = {
ENABLE_GZIP = true; ENABLE_GZIP = true;
LANDING_PAGE = "/motiejus"; LANDING_PAGE = "/motiejus";
ROOT_URL = "https://git.jakstys.lt";
HTTP_ADDR = "127.0.0.1";
HTTP_PORT = 3000;
DOMAIN = "git.jakstys.lt";
}; };
service = { service = {
DISABLE_REGISTRATION = true; DISABLE_REGISTRATION = true;