Price/dots
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: migrate orion-technologies.io -> price-hiller.com

Browse Source
This commit is contained in:
Price Hiller 2024-10-19 16:15:57 -05:00
parent b1fb018db5
commit 3156d0d494
Signed by: Price
GPG Key ID: C3FADDE7A8534BEB
8 changed files with 27 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.org
View File

@ -1,5 +1,5 @@
* Price Hiller's Dots
This is a mirror from my Git server over [[https://git.orion-technologies.io/Price/dots][here]].
This is a mirror from my Git server over [[https://git.price-hiller.com/Price/dots][here]].
These are my dot files. All the actual dots can be found under ~users/price/dots/~.

4
flake.nix
View File

@ -35,7 +35,7 @@
inputs.nixpkgs.follows = "nixpkgs";
};
blog = {
url = "git+https://git.orion-technologies.io/blog/blog";
url = "git+https://git.price-hiller.com/blog/blog";
inputs.nixpkgs.follows = "nixpkgs";
};
emacs-overlay = {
@ -252,7 +252,7 @@
in
{
luna = {
hostname = "luna.hosts.orion-technologies.io";
hostname = "luna.hosts.price-hiller.com";
fastConnection = true;
profiles.system = {
sshUser = "price";

4
hosts/luna/modules/monitoring/grafana.nix
View File

@ -1,6 +1,6 @@
{ config, ... }:
let
grafana_host = "grafana.orion-technologies.io";
grafana_host = "grafana.${config.networking.domain}";
in
{
services = {
@ -23,4 +23,4 @@ in
};
};
};
}
}

4
hosts/luna/modules/monitoring/prometheus.nix
View File

@ -1,6 +1,6 @@
{ config, pkgs, ... }:
let
prometheus_host = "prometheus.orion-technologies.io";
prometheus_host = "prometheus.${config.networking.domain}";
in
{
services = {
@ -89,4 +89,4 @@ in
group = "prometheus";
}
];
}
}

109
hosts/luna/modules/networking.nix
View File

@ -1,105 +1,22 @@
{ hostname, ... }:
{ hostname, config, ... }:
let
networks_dhcp_use_dns = "no";
networks_dhcp = "ipv4";
networks_multicast_dns = "no";
networks_ipv6_privacy = "yes";
networks_ipv6_accept_ra = "yes";
networks_network_config = {
DHCP = networks_dhcp;
MulticastDNS = networks_multicast_dns;
IPv6PrivacyExtensions = networks_ipv6_privacy;
IPv6AcceptRA = networks_ipv6_accept_ra;
};
resolved_nameservers = [
"1.1.1.1#cloudflare-dns.com"
"9.9.9.9#dns.quad9.net"
"8.8.8.8#dns.google"
"2606:4700:4700::1111#cloudflare-dns.com"
"2620:fe::9#dns.quad9.net"
"2001:4860:4860::8888#dns.google"
];
resolved_fallback_nameservers = [
"1.1.1.1#one.one.one.one"
"1.0.0.1#one.one.one.one"
];
in
{
systemd.network = {
enable = true;
# HACK: Disable wait-online, check in on https://github.com/NixOS/nixpkgs/pull/258680 &
# https://github.com/NixOS/nixpkgs/issues/247608
wait-online.enable = false;
networks = {
"10-wlan" = {
matchConfig.Name = [ "wl*" ];
networkConfig = networks_network_config;
dhcpV4Config = {
RouteMetric = 600;
UseDNS = networks_dhcp_use_dns;
};
ipv6AcceptRAConfig = {
RouteMetric = 600;
UseDNS = networks_dhcp_use_dns;
};
};
"10-ethernet" = {
matchConfig.Name = [
"en*"
"eth*"
];
networkConfig = networks_network_config;
dhcpV4Config = {
RouteMetric = 100;
UseDNS = networks_dhcp_use_dns;
};
ipv6AcceptRAConfig = {
RouteMetric = 100;
UseDNS = networks_dhcp_use_dns;
};
};
"10-wwan" = {
matchConfig.Name = [ "ww*" ];
networkConfig = networks_network_config;
dhcpV4Config = {
RouteMetric = 700;
UseDNS = networks_dhcp_use_dns;
};
ipv6AcceptRAConfig = {
RouteMetric = 700;
UseDNS = networks_dhcp_use_dns;
};
};
};
};
services.resolved = {
enable = true;
dnssec = "allow-downgrade";
domains = [ "~." ];
fallbackDns = resolved_fallback_nameservers;
llmnr = "resolve";
extraConfig = ''
MulticastDNS=yes
DNSOverTLS=yes
CacheFromLocalhost=no
Cache=yes
'';
dnsovertls = "true";
dnssec = "false";
};
networking = {
hostName = hostname;
domain = "price-hiller.com";
fqdn = "${config.networking.hostname}.hosts.${config.networking.domain}";
nameservers = [
"194.242.2.2#dns.mullvad.net"
"2a07:e340::2#dns.mullvad.net"
"91.239.100.100#anycast.uncensoreddns.org"
"2001:67c:28a4::#anycast.uncensoreddns.org"
];
useNetworkd = true;
enableIPv6 = true;
nameservers = resolved_nameservers;
nftables.enable = true;
firewall = {
enable = true;
allowedTCPPorts = [
80
443
2200
];
};
hostName = "${hostname}";
};
}
}

4
hosts/luna/modules/services/gitea.nix
View File

@ -6,7 +6,7 @@
...
}:
let
gitea_host = "git.orion-technologies.io";
gitea_host = "git.${config.networking.domain}";
# TODO: Move this docker image out to a separate package and NixOS Module
# Huge thank you to https://icewind.nl/entry/gitea-actions-nix/ -- wouldn't have figured this out
# without that post 🙂
@ -157,4 +157,4 @@ in
group = config.services.gitea.group;
}
];
}
}

10
hosts/luna/modules/services/nginx.nix
View File

@ -10,15 +10,11 @@
security.acme = {
acceptTerms = true;
defaults.email = "price@orion-technologies.io";
defaults.email = "price@price-hiller.com";
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.nginx.virtualHosts = {
"blog.orion-technologies.io" = {
forceSSL = true;
enableACME = true;
globalRedirect = "price-hiller.com";
};
"price-hiller.com" = {
forceSSL = true;
enableACME = true;
@ -32,4 +28,4 @@
locations."/".index = "home.html";
};
};
}
}

4
users/price/conf/ssh/default.nix
View File

@ -5,11 +5,11 @@
matchBlocks =
rec {
luna = {
hostname = "luna.hosts.orion-technologies.io";
hostname = "luna.hosts.price-hiller.com";
user = "price";
port = 2200;
};
"luna.hosts.orion-technologies.io" = luna;
"luna.hosts.price-hiller.com" = luna;
asgard = {
hostname = "asgard-eternal.com";
user = "asgard";