diff options
Diffstat (limited to 'flora/services')
| -rw-r--r-- | flora/services/akkoma.nix | 7 | ||||
| -rw-r--r-- | flora/services/blog.nix | 9 | ||||
| -rw-r--r-- | flora/services/cgit.nix | 3 | ||||
| -rw-r--r-- | flora/services/nginx.nix | 12 |
4 files changed, 25 insertions, 6 deletions
diff --git a/flora/services/akkoma.nix b/flora/services/akkoma.nix index db00bbe..6864a29 100644 --- a/flora/services/akkoma.nix +++ b/flora/services/akkoma.nix @@ -45,7 +45,7 @@ in ref = "stable"; }; admin = { - package = pkgs.akkoma-frontends.admin-fe; + package = pkgs.akkoma-admin-fe; name = "admin-fe"; ref = "stable"; }; @@ -59,7 +59,8 @@ in config = { ":pleroma"."Pleroma.Web.Endpoint" = { "url" = { host = "pleroma.stuebinm.eu"; scheme = "https"; port = 443; }; - "http" = { ip = "::"; port = 4000; }; + # below uses IPv4; IPv6 breaks the elixir format generator … + "http" = { ip = "0.0.0.0"; port = 4000; }; secret_key_base._secret = "/sops/keyBase"; signing_salt._secret = "/sops/signingSalt"; }; @@ -221,7 +222,7 @@ in enableACME = true; locations."/" = { - proxyPass = "http://[${config.containers.pleroma.localAddress6}]:4000"; + proxyPass = "http://${config.containers.pleroma.localAddress}:4000"; proxyWebsockets = true; # these headers are in the example config in the NixOS manual. # take some time to figure out what they all do, and if these diff --git a/flora/services/blog.nix b/flora/services/blog.nix index e8335b1..e77cc7c 100644 --- a/flora/services/blog.nix +++ b/flora/services/blog.nix @@ -39,7 +39,14 @@ in services.nginx.virtualHosts."stuebinm.eu" = { enableACME = true; forceSSL = true; - locations."/".root = import inputs.blog { inherit pkgs; }; + locations."/".root = (import inputs.blog { inherit pkgs; }).overrideAttrs (old: { + buildInputs = old.buildInputs ++ [ pkgs.exiftool pkgs.libxml2 ]; + + doCheck = true; + checkPhase = '' + xmllint _site/rss.xml + ''; + }); locations."/bookshelf/".alias = "${gtfsBooks.outPath}/"; }; } diff --git a/flora/services/cgit.nix b/flora/services/cgit.nix index 1dae737..b846ad4 100644 --- a/flora/services/cgit.nix +++ b/flora/services/cgit.nix @@ -105,7 +105,8 @@ in # user for git repo administration users.users.git = { - openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys; + openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys + ++ [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIbHG2wmMiUyvqb9oUa2KunEgv4Iab3FGCER/i2f2gKL terru@work" ]; home = "/var/git"; isNormalUser = true; packages = [ pkgs.gitMinimal ]; diff --git a/flora/services/nginx.nix b/flora/services/nginx.nix index 4a9bf33..c5aa45b 100644 --- a/flora/services/nginx.nix +++ b/flora/services/nginx.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, inputs, ... }: { networking.firewall.allowedTCPPorts = [ 80 443 ]; @@ -14,11 +14,17 @@ enableACME = true; forceSSL = true; locations."/".root = ../../pkgs/nomsing; + extraConfig = '' + include ${inputs."ai.robots.txt"}/nginx-block-ai-bots.conf; + ''; }; virtualHosts."meow.noms.ing" = { enableACME = true; forceSSL = true; locations."/".root = ../../pkgs/nomsing; + extraConfig = '' + include ${inputs."ai.robots.txt"}/nginx-block-ai-bots.conf; + ''; }; virtualHosts."webring.noms.ing" = { enableACME = true; @@ -29,7 +35,11 @@ fastcgi_param SCRIPT_FILENAME ${lib.getExe pkgs.nomsring}; fastcgi_param PATH_INFO $1; ''; + extraConfig = '' + include ${inputs."ai.robots.txt"}/nginx-block-ai-bots.conf; + ''; }; + }; services.fcgiwrap.instances.nomsing = { |