mirror of
https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git
synced 2026-07-04 17:51:48 +02:00
Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 074d240595 | |||
| 1ce3372683 | |||
| 5f14c15679 |
@@ -46,6 +46,10 @@
|
|||||||
|
|
||||||
system.nixos.tags = lib.optionals (inputs.self.sourceInfo ? dirtyRev) [ "dirty" ];
|
system.nixos.tags = lib.optionals (inputs.self.sourceInfo ? dirtyRev) [ "dirty" ];
|
||||||
|
|
||||||
|
specialisation."auto-upgrade".configuration = {
|
||||||
|
system.nixos.tags = [ "auto" ];
|
||||||
|
};
|
||||||
|
|
||||||
boot.tmp.cleanOnBoot = lib.mkDefault true;
|
boot.tmp.cleanOnBoot = lib.mkDefault true;
|
||||||
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
||||||
|
|
||||||
|
|||||||
@@ -13,6 +13,7 @@ in
|
|||||||
|
|
||||||
"--refresh"
|
"--refresh"
|
||||||
"--no-write-lock-file"
|
"--no-write-lock-file"
|
||||||
|
"--specialisation auto-upgrade"
|
||||||
# --update-input is deprecated since nix 2.22, and removed in lix 2.90
|
# --update-input is deprecated since nix 2.22, and removed in lix 2.90
|
||||||
# as such we instead use --override-input combined with --refresh
|
# as such we instead use --override-input combined with --refresh
|
||||||
# https://git.lix.systems/lix-project/lix/issues/400
|
# https://git.lix.systems/lix-project/lix/issues/400
|
||||||
|
|||||||
@@ -7,6 +7,7 @@
|
|||||||
|
|
||||||
./services/alps.nix
|
./services/alps.nix
|
||||||
./services/bluemap.nix
|
./services/bluemap.nix
|
||||||
|
./services/radicale.nix
|
||||||
./services/idp-simplesamlphp
|
./services/idp-simplesamlphp
|
||||||
./services/kerberos.nix
|
./services/kerberos.nix
|
||||||
./services/mediawiki
|
./services/mediawiki
|
||||||
|
|||||||
@@ -0,0 +1,40 @@
|
|||||||
|
{ config, lib, ... }:
|
||||||
|
let
|
||||||
|
domain = "dav.pvv.ntnu.no";
|
||||||
|
radicalePort = 5232;
|
||||||
|
in {
|
||||||
|
services.radicale = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
server = {
|
||||||
|
hosts = [ "127.0.0.1:${toString radicalePort}" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
auth = {
|
||||||
|
type = "imap";
|
||||||
|
imap_host = "imap.pvv.ntnu.no";
|
||||||
|
imap_security = "tls";
|
||||||
|
};
|
||||||
|
|
||||||
|
storage = {
|
||||||
|
filesystem_folder = "/var/lib/radicale/collections";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."${domain}" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
kTLS = true;
|
||||||
|
|
||||||
|
extraConfig = ''
|
||||||
|
client_max_body_size 128M;
|
||||||
|
'';
|
||||||
|
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:${toString radicalePort}";
|
||||||
|
proxyWebsockets = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
@@ -9,6 +9,12 @@
|
|||||||
|
|
||||||
sops.defaultSopsFile = fp /secrets/lupine/lupine.yaml;
|
sops.defaultSopsFile = fp /secrets/lupine/lupine.yaml;
|
||||||
|
|
||||||
|
boot.binfmt.emulatedSystems = [
|
||||||
|
"aarch64-linux"
|
||||||
|
"armv7l-linux"
|
||||||
|
"i686-linux"
|
||||||
|
];
|
||||||
|
|
||||||
systemd.network.networks."30-enp0s31f6" = values.defaultNetworkConfig // {
|
systemd.network.networks."30-enp0s31f6" = values.defaultNetworkConfig // {
|
||||||
matchConfig.Name = "enp0s31f6";
|
matchConfig.Name = "enp0s31f6";
|
||||||
address = with values.hosts.${lupineName}; [ (ipv4 + "/25") (ipv6 + "/64") ];
|
address = with values.hosts.${lupineName}; [ (ipv4 + "/25") (ipv6 + "/64") ];
|
||||||
|
|||||||
Reference in New Issue
Block a user