ashe
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add pounce

Browse Source
main
Ashelyn Dawn 6 months ago
parent c4b180a7f0
commit 9b952beec8
No known key found for this signature in database
GPG Key ID: D1980B8C6F349BC1
4 changed files with 172 additions and 43 deletions
Show Stats Download Patch File Download Diff File

153
flake.lock
Unescape Escape View File

@ -119,7 +119,7 @@
},
"naersk": {
"inputs": {
"nixpkgs": "nixpkgs_11"
"nixpkgs": "nixpkgs_12"
},
"locked": {
"lastModified": 1679567394,
@ -257,6 +257,22 @@
}
},
"nixpkgs_10": {
"locked": {
"lastModified": 1686979235,
"narHash": "sha256-gBlBtk+KrezFkfMrZw6uwTuA7YWtbFciiS14mEoTCo0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7cc30fd5372ddafb3373c318507d9932bd74aafe",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_11": {
"locked": {
"lastModified": 1685005470,
"narHash": "sha256-Nw+4uivzCwyZcEB71YH58zYk4N5UgcNeqb+D52bjlhI=",
@ -272,7 +288,7 @@
"type": "github"
}
},
"nixpkgs_11": {
"nixpkgs_12": {
"locked": {
"lastModified": 1684759798,
"narHash": "sha256-Kpbf5yKvKcj/yPqE1zYC6gju4JwTsYxTIZEvOII0jr4=",
@ -286,7 +302,7 @@
"type": "indirect"
}
},
"nixpkgs_12": {
"nixpkgs_13": {
"locked": {
"lastModified": 1684759798,
"narHash": "sha256-Kpbf5yKvKcj/yPqE1zYC6gju4JwTsYxTIZEvOII0jr4=",
@ -368,11 +384,11 @@
},
"nixpkgs_6": {
"locked": {
"lastModified": 1685394864,
"narHash": "sha256-kkWyAz7pFXn5g28vUjBTFOZafT0oCLr5s5Z/B13aPEI=",
"lastModified": 1701034145,
"narHash": "sha256-ZwNrKJvEJg7UOKAl+oPIAsbA/yFVuCkhwziFAEQ1tB0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5dd9667abdf6ebf314fe57d895d397784f72ae40",
"rev": "ddf0003c57fb5cbb4a9754f2f6d5ebe9cdae5151",
"type": "github"
},
"original": {
@ -384,11 +400,11 @@
},
"nixpkgs_7": {
"locked": {
"lastModified": 1694928810,
"narHash": "sha256-M/3+pRQmM+FeBeSKRp0b01pncbNiiC2ggJE4Wpi7c1Q=",
"lastModified": 1685394864,
"narHash": "sha256-kkWyAz7pFXn5g28vUjBTFOZafT0oCLr5s5Z/B13aPEI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "948e8754755a9f27587d5bd109af2cfad313add8",
"rev": "5dd9667abdf6ebf314fe57d895d397784f72ae40",
"type": "github"
},
"original": {
@ -400,11 +416,11 @@
},
"nixpkgs_8": {
"locked": {
"lastModified": 1687026603,
"narHash": "sha256-4uVirBZbSgpVtkoRXD4IxTe9UXRcIKhxT4CUK+3Bby8=",
"lastModified": 1694928810,
"narHash": "sha256-M/3+pRQmM+FeBeSKRp0b01pncbNiiC2ggJE4Wpi7c1Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bbce166d72307eda55c9a62b9d70e1f42d887ec8",
"rev": "948e8754755a9f27587d5bd109af2cfad313add8",
"type": "github"
},
"original": {
@ -416,11 +432,11 @@
},
"nixpkgs_9": {
"locked": {
"lastModified": 1686979235,
"narHash": "sha256-gBlBtk+KrezFkfMrZw6uwTuA7YWtbFciiS14mEoTCo0=",
"lastModified": 1687026603,
"narHash": "sha256-4uVirBZbSgpVtkoRXD4IxTe9UXRcIKhxT4CUK+3Bby8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7cc30fd5372ddafb3373c318507d9932bd74aafe",
"rev": "bbce166d72307eda55c9a62b9d70e1f42d887ec8",
"type": "github"
},
"original": {
@ -430,17 +446,36 @@
"type": "github"
}
},
"private": {
"pounce": {
"inputs": {
"nixpkgs": "nixpkgs_6",
"utils": "utils_5"
},
"locked": {
"lastModified": 1699856138,
"narHash": "sha256-EdVHNKl6cSdnpviq4pxhhteCscIYo+WRgOtOVHlbW48=",
"lastModified": 1701043062,
"narHash": "sha256-rcsFtop++W71GmCyuAv44DTm7hKDgMjzarnmPBSRmQQ=",
"ref": "refs/heads/main",
"rev": "f94001e3c3de717851b3bd7f03fed931b1e1801a",
"revCount": 16,
"rev": "2241526e1513c490cd184ff85b7b4ffb3d190344",
"revCount": 5,
"type": "git",
"url": "http://git.tempest.dev/ashe/nixos-wrapper-pounce"
},
"original": {
"type": "git",
"url": "http://git.tempest.dev/ashe/nixos-wrapper-pounce"
}
},
"private": {
"inputs": {
"nixpkgs": "nixpkgs_7",
"utils": "utils_6"
},
"locked": {
"lastModified": 1701045607,
"narHash": "sha256-lnyPcBbn5X3SQPNtWudJQdltmyciJToUoqpeYHbv8qk=",
"ref": "refs/heads/main",
"rev": "98235e93dfda32853ebad974c7018db4f5f5f8c4",
"revCount": 18,
"type": "git",
"url": "ssh://git@git.tempest.dev/ashe/nixos-config-private"
},
@ -457,6 +492,7 @@
"gotosocial": "gotosocial",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs_5",
"pounce": "pounce",
"private": "private",
"seance": "seance",
"tempest-contact": "tempest-contact",
@ -468,8 +504,8 @@
"seance": {
"inputs": {
"nix-filter": "nix-filter_4",
"nixpkgs": "nixpkgs_7",
"utils": "utils_6"
"nixpkgs": "nixpkgs_8",
"utils": "utils_7"
},
"locked": {
"lastModified": 1694976446,
@ -500,6 +536,21 @@
"type": "github"
}
},
"systems_10": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
@ -623,8 +674,8 @@
"tempest-contact": {
"inputs": {
"nix-filter": "nix-filter_5",
"nixpkgs": "nixpkgs_8",
"utils": "utils_7"
"nixpkgs": "nixpkgs_9",
"utils": "utils_8"
},
"locked": {
"lastModified": 1687029231,
@ -643,8 +694,8 @@
"tempest-secret": {
"inputs": {
"nix-filter": "nix-filter_6",
"nixpkgs": "nixpkgs_9",
"utils": "utils_8"
"nixpkgs": "nixpkgs_10",
"utils": "utils_9"
},
"locked": {
"lastModified": 1685398072,
@ -663,8 +714,8 @@
"tempestdev": {
"inputs": {
"nix-filter": "nix-filter_7",
"nixpkgs": "nixpkgs_10",
"utils": "utils_9"
"nixpkgs": "nixpkgs_11",
"utils": "utils_10"
},
"locked": {
"lastModified": 1700340363,
@ -683,8 +734,8 @@
"tmpfiles": {
"inputs": {
"naersk": "naersk",
"nixpkgs": "nixpkgs_12",
"utils": "utils_10"
"nixpkgs": "nixpkgs_13",
"utils": "utils_11"
},
"locked": {
"lastModified": 1684903753,
@ -736,6 +787,24 @@
"type": "github"
}
},
"utils_11": {
"inputs": {
"systems": "systems_10"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"utils_2": {
"locked": {
"lastModified": 1667395993,
@ -792,11 +861,11 @@
"systems": "systems_4"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
@ -810,11 +879,11 @@
"systems": "systems_5"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
@ -828,11 +897,11 @@
"systems": "systems_6"
},
"locked": {
"lastModified": 1685518550,
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
@ -864,11 +933,11 @@
"systems": "systems_8"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"lastModified": 1685518550,
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
"type": "github"
},
"original": {

6
flake.nix
Unescape Escape View File

@ -13,6 +13,7 @@
ashen-earth.url = "git+ssh://git@git.tempest.dev/ashe/ashen-earth";
drowning.url = "git+http://git.tempest.dev/ashe/drowning-among-stars";
seance.url = "git+ssh://git@git.tempest.dev/ashe/seance";
pounce.url = "git+http://git.tempest.dev/ashe/nixos-wrapper-pounce";
};
outputs = {
@ -28,7 +29,8 @@
gotosocial,
ashen-earth,
drowning,
seance
seance,
pounce,
}: {
nixosConfigurations = {
nyx = nixpkgs.lib.nixosSystem {
@ -46,6 +48,7 @@
gotosocial.nixosModule
drowning.nixosModule
seance.nixosModule
pounce.nixosModule
./hosts/nyx/include/acme.nix
./hosts/nyx/include/nginx.nix
@ -53,6 +56,7 @@
./hosts/nyx/include/services.nix
./hosts/nyx/include/proxy.nix
./hosts/nyx/include/seance.nix
./hosts/nyx/include/pounce.nix
];
};

1
hosts/nyx/include/acme.nix
Unescape Escape View File

@ -3,6 +3,7 @@
security.acme.defaults.email = "acme@tempest.dev";
security.acme.certs."wildcard-irc.tempest.dev" = {
group = "pounce";
domain = "*.irc.tempest.dev";
dnsProvider = "namecheap";
credentialsFile = "/var/lib/secrets/namecheap.env";

55
hosts/nyx/include/pounce.nix
Unescape Escape View File

@ -0,0 +1,55 @@
{ config, lib, pkgs, ...}: {
config.systemd.services.copy-pounce-certs = {
description = "Create certificate directories for Pounce IRC bouncer";
wantedBy = [ "pounce-libera.service" "pounce-tilde.service" ];
after = [ "network.target" ];
serviceConfig.Type = "oneshot";
script = ''
if [ -d "/var/lib/pounce/" ]; then
rm -r /var/lib/pounce/
fi
mkdir -p /var/lib/pounce/certs/
mkdir -p /var/lib/pounce/certs/libera.irc.tempest.dev
mkdir -p /var/lib/pounce/certs/tilde.irc.tempest.dev
chown -R pounce:pounce /var/lib/pounce/
chmod -R 640 /var/lib/pounce/
CHAIN=/var/lib/acme/wildcard-irc.tempest.dev/fullchain.pem
PRIVKEY=/var/lib/acme/wildcard-irc.tempest.dev/key.pem
CERTS=/var/lib/pounce/certs
ln -s $CHAIN $CERTS/libera.irc.tempest.dev/fullchain.pem
ln -s $PRIVKEY $CERTS/libera.irc.tempest.dev/privkey.pem
ln -s $CHAIN $CERTS/tilde.irc.tempest.dev/fullchain.pem
ln -s $PRIVKEY $CERTS/tilde.irc.tempest.dev/privkey.pem
exit 0
'';
};
config.services.pounce = {
enable = true;
generateCerts = false;
externalHost = "irc.tempest.dev";
networks = {
libera.config = {
host = "irc.libera.chat";
nick = "tempest";
user = "ashe";
real = "Ashelyn [they/them]";
};
tilde.config = {
host = "irc.tilde.chat";
nick = "ashe";
user = "ashe";
real = "Ashelyn [they/them]";
};
};
};
}
Write Preview
Loading…
Cancel
Save