diff --git a/home/default.nix b/home/default.nix index 94f6ce6..3b2efc6 100644 --- a/home/default.nix +++ b/home/default.nix @@ -119,7 +119,7 @@ in ''; home.file.".jjconfig.toml".source = ./jjconfig.toml; - home.file.".config/halloy/config.toml".source = ./halloy.toml; + #home.file.".config/halloy/config.toml".source = ./halloy.toml; systemd.user.timers."backup-keepassxc" = { Unit.Description = "Backup password DB"; diff --git a/home/halloy.toml b/home/halloy.toml deleted file mode 100644 index 81a82bb..0000000 --- a/home/halloy.toml +++ /dev/null @@ -1,10 +0,0 @@ -# Halloy config. -# -# For a complete list of available options, -# please visit https://halloy.squidowl.org/configuration/index.html - -[servers.liberachat] -nickname = "dadada" -server = "irc.libera.chat" -channels = ["#stratum0"] -sasl.external.cert = "/home/dadada/.config/halloy/libera.pem" diff --git a/nixos/configurations.nix b/nixos/configurations.nix index 877c6a9..248c4c4 100644 --- a/nixos/configurations.nix +++ b/nixos/configurations.nix @@ -21,6 +21,8 @@ let "brgenml1lpr" "saleae-logic-2" "spotify" + "steam" + "steam-unwrapped" ]; }; nixosSystem = nixpkgs.lib.nixosSystem; diff --git a/nixos/modules/element.nix b/nixos/modules/element.nix index 2fcefec..63bf02c 100644 --- a/nixos/modules/element.nix +++ b/nixos/modules/element.nix @@ -13,7 +13,7 @@ in }; config = lib.mkIf cfg.enable { services.nginx.virtualHosts."element.${config.networking.domain}" = { - enableACME = true; + useACMEHost = "dadada.li"; forceSSL = true; serverAliases = [ "element.${config.networking.domain}" diff --git a/nixos/modules/gitea.nix b/nixos/modules/gitea.nix index 783bf6f..fe03ff3 100644 --- a/nixos/modules/gitea.nix +++ b/nixos/modules/gitea.nix @@ -82,7 +82,7 @@ in }; services.nginx.virtualHosts."git.${config.networking.domain}" = { - enableACME = true; + useACMEHost = "dadada.li"; forceSSL = true; locations."/".extraConfig = '' diff --git a/nixos/modules/homepage.nix b/nixos/modules/homepage.nix index 193e71e..2d9a337 100644 --- a/nixos/modules/homepage.nix +++ b/nixos/modules/homepage.nix @@ -19,7 +19,7 @@ with lib; services.nginx.enable = true; services.nginx.virtualHosts."dadada.li" = { - enableACME = true; + useACMEHost = "dadada.li"; forceSSL = true; root = "${cfg.package}"; }; diff --git a/nixos/modules/miniflux.nix b/nixos/modules/miniflux.nix index 6898f34..685c355 100644 --- a/nixos/modules/miniflux.nix +++ b/nixos/modules/miniflux.nix @@ -21,7 +21,7 @@ in }; services.nginx.virtualHosts.${domain} = { - enableACME = true; + useACMEHost = "dadada.li"; forceSSL = true; locations."/".extraConfig = '' diff --git a/nixos/modules/share.nix b/nixos/modules/share.nix index 7c7410b..c7dcedc 100644 --- a/nixos/modules/share.nix +++ b/nixos/modules/share.nix @@ -16,7 +16,7 @@ in services.nginx.enable = true; services.nginx.virtualHosts."share.dadada.li" = { - enableACME = true; + useACMEHost = "dadada.li"; forceSSL = true; root = "/var/lib/share"; diff --git a/nixos/modules/steam.nix b/nixos/modules/steam.nix index e14add3..2d2963f 100644 --- a/nixos/modules/steam.nix +++ b/nixos/modules/steam.nix @@ -15,11 +15,11 @@ in }; }; config = mkIf cfg.enable { + programs.steam.enable = true; hardware.graphics = { enable = true; extraPackages32 = with pkgs.pkgsi686Linux; [ libva ]; }; - - hardware.pulseaudio.support32Bit = true; + services.pulseaudio.support32Bit = true; }; } diff --git a/nixos/modules/weechat.nix b/nixos/modules/weechat.nix index 6ff0106..2353651 100644 --- a/nixos/modules/weechat.nix +++ b/nixos/modules/weechat.nix @@ -21,7 +21,7 @@ in services.nginx.enable = true; services.nginx.virtualHosts."webchat.dadada.li" = { - enableACME = true; + useACMEHost = "dadada.li"; forceSSL = true; root = pkgs.glowing-bear; @@ -36,7 +36,7 @@ in }; }; services.nginx.virtualHosts."weechat.dadada.li" = { - enableACME = true; + useACMEHost = "dadada.li"; forceSSL = true; root = "${pkgs.nginx}/html"; diff --git a/nixos/stolas/default.nix b/nixos/stolas/default.nix index 1c5cc9b..28819f1 100644 --- a/nixos/stolas/default.nix +++ b/nixos/stolas/default.nix @@ -94,6 +94,7 @@ enable = true; repo = "u355513-sub5@u355513-sub5.your-storagebox.de:/home/backup"; }; + steam.enable = true; }; programs = { diff --git a/nixos/surgat/configuration.nix b/nixos/surgat/configuration.nix index 5ddef7f..0faf5ce 100644 --- a/nixos/surgat/configuration.nix +++ b/nixos/surgat/configuration.nix @@ -27,7 +27,7 @@ in }; services.nginx.virtualHosts."hydra.${config.networking.domain}" = { - enableACME = true; + useACMEHost = "dadada.li"; forceSSL = true; root = "${pkgs.nginx}/html"; @@ -135,6 +135,7 @@ in 22 # SSH 80 443 # HTTPS + 1667 ]; allowedUDPPorts = [ 51234 # Wireguard @@ -173,5 +174,49 @@ in ''; }; + services.soju = { + enable = true; + listen = [ "unix:///run/soju/irc.sock" ]; + acceptProxyIP = [ "localhost" ]; + }; + + # For owning the socket the right group + systemd.services.soju.serviceConfig.Group = "nginx"; + + services.nginx.streamConfig = '' + server { + listen 1667 ssl; + proxy_pass unix:/run/soju/irc.sock; + proxy_protocol on; + proxy_connect_timeout 1s; + ssl_certificate /var/lib/acme/dadada.li/fullchain.pem; + ssl_certificate_key /var/lib/acme/dadada.li/key.pem; + ssl_trusted_certificate /var/lib/acme/dadada.li/chain.pem; + } + ''; + + services.nginx.virtualHosts."soju.dadada.li" = { + useACMEHost = "dadada.li"; + forceSSL = true; + }; + + users.groups.acme.members = [ + "nginx" + ]; + + security.acme.certs = { + "dadada.li" = { + webroot = "/var/lib/acme/acme-challenge"; + extraDomainNames = [ + "element.dadada.li" + "hydra.dadada.li" + "git.dadada.li" + "miniflux.dadada.li" + "share.dadada.li" + "soju.dadada.li" + ]; + }; + }; + system.stateVersion = "23.05"; }