From 42eb8656da247e8b2eec38e016049a1d01a30c2a Mon Sep 17 00:00:00 2001 From: ashelyn vi Date: Mon, 8 Apr 2024 19:57:15 -0400 Subject: [PATCH] fix pounce --- flake.lock | 16 +++++----- hosts/nyx/include/irc.nix | 63 ++++++++++++--------------------------- 2 files changed, 27 insertions(+), 52 deletions(-) diff --git a/flake.lock b/flake.lock index 7120069..3287ae8 100644 --- a/flake.lock +++ b/flake.lock @@ -566,11 +566,11 @@ "utils": "utils_6" }, "locked": { - "lastModified": 1707981351, - "narHash": "sha256-tewij7frJj3QRpxzfzxAI05cDs3U5tnS5eodEeGaikc=", + "lastModified": 1712619172, + "narHash": "sha256-Ycf9jsvMshCOHLUAT8uDiZyDLG9UQT9OAZ9mThUjSSc=", "ref": "refs/heads/main", - "rev": "f23acb65f1399e8a990a73b2d94131a31c9075ac", - "revCount": 8, + "rev": "45ae9514abc3a9eb45bd4bc55cdf8bd8cbcc1dcc", + "revCount": 10, "type": "git", "url": "http://git.tempest.dev/ashe/nixos-wrapper-pounce" }, @@ -585,11 +585,11 @@ "utils": "utils_7" }, "locked": { - "lastModified": 1711177915, - "narHash": "sha256-F9sNekMrRbLzN8Q7V7oH5VBC6jQX1oLE05IJ1ZFe0uY=", + "lastModified": 1712620040, + "narHash": "sha256-jgVPh3FvCDdB2dcVL6jh5kzQshTFDClD5QA9O7f1098=", "ref": "refs/heads/main", - "rev": "62c18034fcc19fd05f0dc5f26eaab324bc34c0b5", - "revCount": 25, + "rev": "b8d3a83b4630d6b1c9cdfb0fd587e964af0a5dcb", + "revCount": 26, "type": "git", "url": "ssh://git@git.tempest.dev/ashe/nixos-config-private" }, diff --git a/hosts/nyx/include/irc.nix b/hosts/nyx/include/irc.nix index d32a818..b72daef 100644 --- a/hosts/nyx/include/irc.nix +++ b/hosts/nyx/include/irc.nix @@ -1,54 +1,29 @@ { config, lib, pkgs, ...}: { - config.systemd.services.copy-pounce-certs = { - description = "Create certificate directories for Pounce IRC bouncer"; - - wantedBy = [ "pounce-libera.service" "pounce-tilde.service" ]; - after = [ "network.target" ]; - - serviceConfig.Type = "oneshot"; - - script = '' - if [ -d "/var/lib/pounce/" ]; then - rm -r /var/lib/pounce/ - fi - - mkdir -p /var/lib/pounce/certs/ - mkdir -p /var/lib/pounce/certs/libera.irc.tempest.dev - mkdir -p /var/lib/pounce/certs/tilde.irc.tempest.dev - chown -R pounce:pounce /var/lib/pounce/ - chmod -R 640 /var/lib/pounce/ - - CHAIN=/var/lib/acme/wildcard-irc.tempest.dev/fullchain.pem - PRIVKEY=/var/lib/acme/wildcard-irc.tempest.dev/key.pem - CERTS=/var/lib/pounce/certs - - ln -s $CHAIN $CERTS/libera.irc.tempest.dev/fullchain.pem - ln -s $PRIVKEY $CERTS/libera.irc.tempest.dev/privkey.pem - ln -s $CHAIN $CERTS/tilde.irc.tempest.dev/fullchain.pem - ln -s $PRIVKEY $CERTS/tilde.irc.tempest.dev/privkey.pem - - exit 0 - ''; - }; - config.services.pounce = { enable = true; - generateCerts = false; - externalHost = "irc.tempest.dev"; networks = { - libera.config = { - host = "irc.libera.chat"; - nick = "tempest"; - user = "ashe"; - real = "Ashelyn [they/them]"; + "libera.irc.tempest.dev" = { + fullChain = "/var/lib/acme/wildcard-irc.tempest.dev/fullchain.pem"; + privKey = "/var/lib/acme/wildcard-irc.tempest.dev/key.pem"; + config = { + host = "irc.libera.chat"; + nick = "tempest"; + user = "ashe"; + real = "Ashelyn [they/them]"; + }; }; - tilde.config = { - host = "irc.tilde.chat"; - nick = "ashe"; - user = "ashe"; - real = "Ashelyn [they/them]"; + + "tilde.irc.tempest.dev" = { + fullChain = "/var/lib/acme/wildcard-irc.tempest.dev/fullchain.pem"; + privKey = "/var/lib/acme/wildcard-irc.tempest.dev/key.pem"; + config = { + host = "irc.tilde.chat"; + nick = "ashe"; + user = "ashe"; + real = "Ashelyn [they/them]"; + }; }; }; };