diff options
| -rw-r--r-- | flake.lock | 165 | ||||
| -rw-r--r-- | flake.nix | 2 | ||||
| -rw-r--r-- | flake/hosts.nix | 1 | ||||
| -rw-r--r-- | flake/overlays.nix | 1 | ||||
| -rw-r--r-- | infra/tf/cloudflare-dns/records.tf | 9 | ||||
| -rw-r--r-- | machines/nixos/x86_64-linux/do-rproxy/profiles/caddy.nix | 14 | ||||
| -rw-r--r-- | machines/nixos/x86_64-linux/synology-vm/default.nix | 1 | ||||
| -rw-r--r-- | machines/nixos/x86_64-linux/synology-vm/profiles/goget.nix | 7 |
8 files changed, 194 insertions, 6 deletions
@@ -123,6 +123,22 @@ "type": "github" } }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -164,9 +180,49 @@ "type": "github" } }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "gitignore": { "inputs": { "nixpkgs": [ + "my-go-tools", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_2": { + "inputs": { + "nixpkgs": [ "pre-commit-hooks", "nixpkgs" ] @@ -227,13 +283,34 @@ "type": "github" } }, + "my-go-tools": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "pre-commit-hooks": "pre-commit-hooks", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1756073189, + "narHash": "sha256-McYkeIxo1LGu6SHNeKaX91BsUr1T+OZ7gHry8wul0GI=", + "ref": "refs/heads/main", + "rev": "1072ca15a6357623b5260f951cec323635cb73e4", + "revCount": 7, + "type": "git", + "url": "https://code.fcuny.net/fcuny/x" + }, + "original": { + "type": "git", + "url": "https://code.fcuny.net/fcuny/x" + } + }, "nixpkgs": { "locked": { - "lastModified": 1754689972, - "narHash": "sha256-eogqv6FqZXHgqrbZzHnq43GalnRbLTkbBbFtEfm1RSc=", + "lastModified": 1755274400, + "narHash": "sha256-rTInmnp/xYrfcMZyFMH3kc8oko5zYfxsowaLv1LVobY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fc756aa6f5d3e2e5666efcf865d190701fef150a", + "rev": "ad7196ae55c295f53a7d1ec39e4a06d922f3b899", "type": "github" }, "original": { @@ -275,6 +352,22 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1754689972, + "narHash": "sha256-eogqv6FqZXHgqrbZzHnq43GalnRbLTkbBbFtEfm1RSc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "fc756aa6f5d3e2e5666efcf865d190701fef150a", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, "nur": { "inputs": { "flake-parts": "flake-parts_2", @@ -301,6 +394,29 @@ "flake-compat": "flake-compat", "gitignore": "gitignore", "nixpkgs": [ + "my-go-tools", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1755446520, + "narHash": "sha256-I0Ok1OGDwc1jPd8cs2VvAYZsHriUVFGIUqW+7uSsOUM=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "4b04db83821b819bbbe32ed0a025b31e7971f22e", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "pre-commit-hooks_2": { + "inputs": { + "flake-compat": "flake-compat_2", + "gitignore": "gitignore_2", + "nixpkgs": [ "nixpkgs" ] }, @@ -326,11 +442,12 @@ "emacs-overlay": "emacs-overlay", "flake-parts": "flake-parts", "home-manager": "home-manager_2", - "nixpkgs": "nixpkgs", + "my-go-tools": "my-go-tools", + "nixpkgs": "nixpkgs_2", "nixpkgsUnstable": "nixpkgsUnstable", "nur": "nur", - "pre-commit-hooks": "pre-commit-hooks", - "treefmt-nix": "treefmt-nix" + "pre-commit-hooks": "pre-commit-hooks_2", + "treefmt-nix": "treefmt-nix_2" } }, "systems": { @@ -348,9 +465,45 @@ "type": "github" } }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "treefmt-nix": { "inputs": { "nixpkgs": [ + "my-go-tools", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1754847726, + "narHash": "sha256-2vX8QjO5lRsDbNYvN9hVHXLU6oMl+V/PsmIiJREG4rE=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "7d81f6fb2e19bf84f1c65135d1060d829fae2408", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt-nix_2": { + "inputs": { + "nixpkgs": [ "nixpkgs" ] }, @@ -50,6 +50,8 @@ url = "github:hercules-ci/flake-parts"; inputs.nixpkgs-lib.follows = "nixpkgs"; }; + + my-go-tools.url = "git+https://code.fcuny.net/fcuny/x"; }; outputs = diff --git a/flake/hosts.nix b/flake/hosts.nix index f053c88..3ae840e 100644 --- a/flake/hosts.nix +++ b/flake/hosts.nix @@ -159,6 +159,7 @@ let ++ defaultModules ++ [ hostconf + inputs.my-go-tools.nixosModules.default ]; } ); diff --git a/flake/overlays.nix b/flake/overlays.nix index 504fdfd..1eecfcf 100644 --- a/flake/overlays.nix +++ b/flake/overlays.nix @@ -16,6 +16,7 @@ inputs.agenix.overlays.default inputs.emacs-overlay.overlay inputs.nur.overlays.default + inputs.my-go-tools.overlays.default self.overlays.default ]; }; diff --git a/infra/tf/cloudflare-dns/records.tf b/infra/tf/cloudflare-dns/records.tf index 737fec8..a282e2f 100644 --- a/infra/tf/cloudflare-dns/records.tf +++ b/infra/tf/cloudflare-dns/records.tf @@ -43,6 +43,15 @@ resource "cloudflare_dns_record" "cname_code" { zone_id = var.zone_id } +resource "cloudflare_dns_record" "cname_go" { + content = "165.232.158.110" + name = "go.fcuny.net" + proxied = false + ttl = 1 + type = "A" + zone_id = var.zone_id +} + resource "cloudflare_dns_record" "cname_id" { content = "165.232.158.110" name = "id.fcuny.net" diff --git a/machines/nixos/x86_64-linux/do-rproxy/profiles/caddy.nix b/machines/nixos/x86_64-linux/do-rproxy/profiles/caddy.nix index d426a53..c39a1ec 100644 --- a/machines/nixos/x86_64-linux/do-rproxy/profiles/caddy.nix +++ b/machines/nixos/x86_64-linux/do-rproxy/profiles/caddy.nix @@ -16,6 +16,13 @@ reloadServices = [ "caddy.service" ]; credentialFiles.CF_DNS_API_TOKEN_FILE = config.age.secrets."cloudflare-caddy".path; }; + "go.fcuny.net" = { + domain = "go.fcuny.net"; + dnsProvider = "cloudflare"; + dnsResolver = "1.1.1.1"; + reloadServices = [ "caddy.service" ]; + credentialFiles.CF_DNS_API_TOKEN_FILE = config.age.secrets."cloudflare-caddy".path; + }; "id.fcuny.net" = { domain = "id.fcuny.net"; dnsProvider = "cloudflare"; @@ -46,6 +53,13 @@ reverse_proxy 10.100.0.40:3000 ''; }; + go = { + hostName = "go.fcuny.net"; + useACMEHost = "go.fcuny.net"; + extraConfig = '' + reverse_proxy 10.100.0.40:8070 + ''; + }; auth = { hostName = "id.fcuny.net"; useACMEHost = "id.fcuny.net"; diff --git a/machines/nixos/x86_64-linux/synology-vm/default.nix b/machines/nixos/x86_64-linux/synology-vm/default.nix index de0f5e9..9316432 100644 --- a/machines/nixos/x86_64-linux/synology-vm/default.nix +++ b/machines/nixos/x86_64-linux/synology-vm/default.nix @@ -30,6 +30,7 @@ "${self}/profiles/programs/fish.nix" ./profiles/forgejo.nix ./profiles/keycloak.nix + ./profiles/goget.nix ]; boot.loader.efi.canTouchEfiVariables = true; diff --git a/machines/nixos/x86_64-linux/synology-vm/profiles/goget.nix b/machines/nixos/x86_64-linux/synology-vm/profiles/goget.nix new file mode 100644 index 0000000..ac32e62 --- /dev/null +++ b/machines/nixos/x86_64-linux/synology-vm/profiles/goget.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + services.goget = { + enable = true; + openFirewall = true; + }; +} |