kommode/gitea: take a dump weekly

kommode/gitea: increase timeouts
kommode/gitea: fix eval
2025-12-15 06:37:14 +01:00 · 2025-03-23 17:08:58 +01:00 · 2025-03-23 00:39:06 +01:00 · 2025-03-23 00:36:24 +01:00 · 2025-03-19 01:49:12 +01:00 · 2025-03-19 01:40:56 +01:00
6 changed files with 32 additions and 27 deletions
--- a/base/default.nix
+++ b/base/default.nix
@@ -50,6 +50,18 @@
    kitty.terminfo
  ];

+  # .bash_profile already works, but lets also use .bashrc like literally every other distro
+  # https://man.archlinux.org/man/core/bash/bash.1.en#INVOCATION
+  # home-manager usually handles this for you: https://github.com/nix-community/home-manager/blob/22a36aa709de7dd42b562a433b9cefecf104a6ee/modules/programs/bash.nix#L203-L209
+  # btw, programs.bash.shellInit just goes into environment.shellInit which in turn goes into /etc/profile, spooky shit
+  programs.bash.shellInit = ''
+   if [ -n "''${BASH_VERSION:-}" ]; then
+     if [[ ! -f ~/.bash_profile && ! -f ~/.bash_login ]]; then
+      [[ -f ~/.bashrc ]] && . ~/.bashrc
+     fi
+   fi
+  '';
+
  programs.zsh.enable = true;

  security.lockKernelModules = true;
--- a/hosts/bekkalokk/services/website/default.nix
+++ b/hosts/bekkalokk/services/website/default.nix
@@ -67,7 +67,12 @@ in {
        ADMIN_NAME = "PVV Drift";
        ADMIN_EMAIL = "drift@pvv.ntnu.no";
        ADMIN_PASSWORD = includeFromSops "simplesamlphp/admin_password";
-        TRUSTED_DOMAINS = [ cfg.domainName ];
+        TRUSTED_DOMAINS = [
+          "www.pvv.ntnu.no"
+          "pvv.ntnu.no"
+          "www.pvv.org"
+          "pvv.org"
+        ];
      };
    };
  };
--- a/hosts/kommode/services/gitea/customization/labels/projects.json
+++ b/hosts/kommode/services/gitea/customization/labels/projects.json
--- a/hosts/kommode/services/gitea/default.nix
+++ b/hosts/kommode/services/gitea/default.nix
@@ -49,6 +49,10 @@ in {
        START_LFS_SERVER = true;
        LANDING_PAGE = "explore";
      };
+      "git.timeout" = {
+        MIGRATE = 3600;
+        MIRROR = 1800;
+      };
      mailer = {
        ENABLED = true;
        FROM = "gitea@pvv.ntnu.no";
@@ -136,6 +140,7 @@ in {

    dump = {
      enable = true;
+      interval = "weekly";
      type = "tar.gz";
    };
  };
--- a/modules/grzegorz.nix
+++ b/modules/grzegorz.nix
@@ -1,4 +1,4 @@
-{config, lib, pkgs, values, ...}:
+{config, lib, pkgs, ...}:
 let
  grg = config.services.greg-ng;
  grgw = config.services.grzegorz-webui;
@@ -37,12 +37,8 @@ in {
        "${machine}.pvv.org"
      ];
      extraConfig = ''
-        # pvv
-        allow ${values.ipv4-space}
-        allow ${values.ipv6-space}
-        # ntnu
-        allow ${values.ntnu.ipv4-space}
-        allow ${values.ntnu.ipv6-space}
+        allow 129.241.210.128/25;
+        allow 2001:700:300:1900::/64;
        deny all;
      '';
    };
@@ -55,12 +51,8 @@ in {
        "${machine}-backend.pvv.org"
      ];
      extraConfig = ''
-        # pvv
-        allow ${values.ipv4-space}
-        allow ${values.ipv6-space}
-        # ntnu
-        allow ${values.ntnu.ipv4-space}
-        allow ${values.ntnu.ipv6-space}
+        allow 129.241.210.128/25;
+        allow 2001:700:300:1900::/64;
        deny all;
      '';

@@ -78,12 +70,8 @@ in {
        "${machine}-old.pvv.org"
      ];
      extraConfig = ''
-        # pvv
-        allow ${values.ipv4-space}
-        allow ${values.ipv6-space}
-        # ntnu
-        allow ${values.ntnu.ipv4-space}
-        allow ${values.ntnu.ipv6-space}
+        allow 129.241.210.128/25;
+        allow 2001:700:300:1900::/64;
        deny all;
      '';

--- a/values.nix
+++ b/values.nix
@@ -1,13 +1,8 @@
 # Feel free to change the structure of this file
 let
-  ntnu-ipv4 = suffix: "129.241.${toString suffix}";
-  ntnu-ipv6 = suffix: "2001:700:300:${toString suffix}";
-  pvv-ipv4 = suffix: ntnu-ipv4 "210.${toString suffix}";
-  pvv-ipv6 = suffix: ntnu-ipv6 "1900::${toString suffix}";
+  pvv-ipv4 = suffix: "129.241.210.${toString suffix}";
+  pvv-ipv6 = suffix: "2001:700:300:1900::${toString suffix}";
 in rec {
-  ntnu.ipv4-space = ntnu-ipv4 "0.0/16"; # https://ipinfo.io/ips/129.241.0.0/16
-  ntnu.ipv6-space = ntnu-ipv6 ":/48"; # https://ipinfo.io/2001:700:300::
-
  ipv4-space = pvv-ipv4 "128/25";
  ipv6-space = pvv-ipv6 "/64";
Author	SHA1	Message	Date
h7x4	41e7f09c8b	kommode/gitea: take a dump weekly	2025-03-23 17:08:58 +01:00
h7x4	30bedecd72	kommode/gitea: increase timeouts	2025-03-23 00:39:06 +01:00
h7x4	29ad65bfef	kommode/gitea: fix eval	2025-03-23 00:36:24 +01:00
h7x4	b5a95eac90	bekkalokk/website/sp: trust all domain variants	2025-03-19 01:49:12 +01:00
Oystein Kristoffer Tveit	b2adb38a8b	Merge pull request 'base: source ~/.bashrc' (!100 ) from bashrc into main Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/100 Reviewed-by: Oystein Kristoffer Tveit <oysteikt@pvv.ntnu.no>	2025-03-19 01:40:56 +01:00
Peder Bergebakken Sundt	3a707b00d3	base: source ~/.bashrc Now by default we source .bashrc and .profile unless the user has actually read the manual. Tested in vm	2025-03-18 22:57:18 +01:00