3 files changed, 17 insertions, 5 deletions

diff --git a/flora/services/akkoma.nix b/flora/services/akkoma.nix
index db00bbe..6864a29 100644
--- a/flora/services/akkoma.nix
+++ b/flora/services/akkoma.nix
@@ -45,7 +45,7 @@ in
             ref = "stable";
           };
           admin = {
-            package = pkgs.akkoma-frontends.admin-fe;
+            package = pkgs.akkoma-admin-fe;
             name = "admin-fe";
             ref = "stable";
           };
@@ -59,7 +59,8 @@ in
         config = {
           ":pleroma"."Pleroma.Web.Endpoint" = {
             "url" = { host = "pleroma.stuebinm.eu"; scheme = "https"; port = 443; };
-            "http" = { ip = "::"; port = 4000; };
+            # below uses IPv4; IPv6 breaks the elixir format generator …
+            "http" = { ip = "0.0.0.0"; port = 4000; };
             secret_key_base._secret = "/sops/keyBase";
             signing_salt._secret = "/sops/signingSalt";
           };
@@ -221,7 +222,7 @@ in
     enableACME = true;
 
     locations."/" = {
-      proxyPass = "http://[${config.containers.pleroma.localAddress6}]:4000";
+      proxyPass = "http://${config.containers.pleroma.localAddress}:4000";
       proxyWebsockets = true;
       # these headers are in the example config in the NixOS manual.
       # take some time to figure out what they all do, and if these
diff --git a/flora/services/cgit.nix b/flora/services/cgit.nix
index 1dae737..b846ad4 100644
--- a/flora/services/cgit.nix
+++ b/flora/services/cgit.nix
@@ -105,7 +105,8 @@ in
 
   # user for git repo administration
   users.users.git = {
-    openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
+    openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys
+      ++ [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIbHG2wmMiUyvqb9oUa2KunEgv4Iab3FGCER/i2f2gKL terru@work" ];
     home = "/var/git";
     isNormalUser = true;
     packages = [ pkgs.gitMinimal ];
diff --git a/flora/services/nginx.nix b/flora/services/nginx.nix
index 4a9bf33..c5aa45b 100644
--- a/flora/services/nginx.nix
+++ b/flora/services/nginx.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, inputs, ... }:
 
 {
   networking.firewall.allowedTCPPorts = [ 80 443 ];
@@ -14,11 +14,17 @@
       enableACME = true;
       forceSSL = true;
       locations."/".root = ../../pkgs/nomsing;
+      extraConfig = ''
+        include ${inputs."ai.robots.txt"}/nginx-block-ai-bots.conf;
+      '';
     };
     virtualHosts."meow.noms.ing" = {
       enableACME = true;
       forceSSL = true;
       locations."/".root = ../../pkgs/nomsing;
+      extraConfig = ''
+        include ${inputs."ai.robots.txt"}/nginx-block-ai-bots.conf;
+      '';
     };
     virtualHosts."webring.noms.ing" = {
       enableACME = true;
@@ -29,7 +35,11 @@
         fastcgi_param SCRIPT_FILENAME     ${lib.getExe pkgs.nomsring};
         fastcgi_param PATH_INFO           $1;
       '';
+      extraConfig = ''
+        include ${inputs."ai.robots.txt"}/nginx-block-ai-bots.conf;
+      '';
     };
+
   };
 
   services.fcgiwrap.instances.nomsing = {