refactor: migrate orion-technologies.io -> price-hiller.com

This commit is contained in:
Price Hiller 2024-10-19 16:15:57 -05:00
parent b1fb018db5
commit 3156d0d494
Signed by: Price
GPG Key ID: C3FADDE7A8534BEB
8 changed files with 27 additions and 114 deletions

View File

@ -1,5 +1,5 @@
* Price Hiller's Dots * Price Hiller's Dots
This is a mirror from my Git server over [[https://git.orion-technologies.io/Price/dots][here]]. This is a mirror from my Git server over [[https://git.price-hiller.com/Price/dots][here]].
These are my dot files. All the actual dots can be found under ~users/price/dots/~. These are my dot files. All the actual dots can be found under ~users/price/dots/~.

View File

@ -35,7 +35,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
blog = { blog = {
url = "git+https://git.orion-technologies.io/blog/blog"; url = "git+https://git.price-hiller.com/blog/blog";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
emacs-overlay = { emacs-overlay = {
@ -252,7 +252,7 @@
in in
{ {
luna = { luna = {
hostname = "luna.hosts.orion-technologies.io"; hostname = "luna.hosts.price-hiller.com";
fastConnection = true; fastConnection = true;
profiles.system = { profiles.system = {
sshUser = "price"; sshUser = "price";

View File

@ -1,6 +1,6 @@
{ config, ... }: { config, ... }:
let let
grafana_host = "grafana.orion-technologies.io"; grafana_host = "grafana.${config.networking.domain}";
in in
{ {
services = { services = {

View File

@ -1,6 +1,6 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
prometheus_host = "prometheus.orion-technologies.io"; prometheus_host = "prometheus.${config.networking.domain}";
in in
{ {
services = { services = {

View File

@ -1,105 +1,22 @@
{ hostname, ... }: { hostname, config, ... }:
let
networks_dhcp_use_dns = "no";
networks_dhcp = "ipv4";
networks_multicast_dns = "no";
networks_ipv6_privacy = "yes";
networks_ipv6_accept_ra = "yes";
networks_network_config = {
DHCP = networks_dhcp;
MulticastDNS = networks_multicast_dns;
IPv6PrivacyExtensions = networks_ipv6_privacy;
IPv6AcceptRA = networks_ipv6_accept_ra;
};
resolved_nameservers = [
"1.1.1.1#cloudflare-dns.com"
"9.9.9.9#dns.quad9.net"
"8.8.8.8#dns.google"
"2606:4700:4700::1111#cloudflare-dns.com"
"2620:fe::9#dns.quad9.net"
"2001:4860:4860::8888#dns.google"
];
resolved_fallback_nameservers = [
"1.1.1.1#one.one.one.one"
"1.0.0.1#one.one.one.one"
];
in
{ {
systemd.network = {
enable = true;
# HACK: Disable wait-online, check in on https://github.com/NixOS/nixpkgs/pull/258680 &
# https://github.com/NixOS/nixpkgs/issues/247608
wait-online.enable = false;
networks = {
"10-wlan" = {
matchConfig.Name = [ "wl*" ];
networkConfig = networks_network_config;
dhcpV4Config = {
RouteMetric = 600;
UseDNS = networks_dhcp_use_dns;
};
ipv6AcceptRAConfig = {
RouteMetric = 600;
UseDNS = networks_dhcp_use_dns;
};
};
"10-ethernet" = {
matchConfig.Name = [
"en*"
"eth*"
];
networkConfig = networks_network_config;
dhcpV4Config = {
RouteMetric = 100;
UseDNS = networks_dhcp_use_dns;
};
ipv6AcceptRAConfig = {
RouteMetric = 100;
UseDNS = networks_dhcp_use_dns;
};
};
"10-wwan" = {
matchConfig.Name = [ "ww*" ];
networkConfig = networks_network_config;
dhcpV4Config = {
RouteMetric = 700;
UseDNS = networks_dhcp_use_dns;
};
ipv6AcceptRAConfig = {
RouteMetric = 700;
UseDNS = networks_dhcp_use_dns;
};
};
};
};
services.resolved = { services.resolved = {
enable = true; enable = true;
dnssec = "allow-downgrade";
domains = [ "~." ]; domains = [ "~." ];
fallbackDns = resolved_fallback_nameservers; dnsovertls = "true";
llmnr = "resolve"; dnssec = "false";
extraConfig = ''
MulticastDNS=yes
DNSOverTLS=yes
CacheFromLocalhost=no
Cache=yes
'';
}; };
networking = { networking = {
useNetworkd = true; hostName = hostname;
enableIPv6 = true; domain = "price-hiller.com";
nameservers = resolved_nameservers; fqdn = "${config.networking.hostname}.hosts.${config.networking.domain}";
nftables.enable = true; nameservers = [
firewall = { "194.242.2.2#dns.mullvad.net"
enable = true; "2a07:e340::2#dns.mullvad.net"
allowedTCPPorts = [ "91.239.100.100#anycast.uncensoreddns.org"
80 "2001:67c:28a4::#anycast.uncensoreddns.org"
443
2200
]; ];
}; useNetworkd = true;
hostName = "${hostname}";
}; };
} }

View File

@ -6,7 +6,7 @@
... ...
}: }:
let let
gitea_host = "git.orion-technologies.io"; gitea_host = "git.${config.networking.domain}";
# TODO: Move this docker image out to a separate package and NixOS Module # TODO: Move this docker image out to a separate package and NixOS Module
# Huge thank you to https://icewind.nl/entry/gitea-actions-nix/ -- wouldn't have figured this out # Huge thank you to https://icewind.nl/entry/gitea-actions-nix/ -- wouldn't have figured this out
# without that post 🙂 # without that post 🙂

View File

@ -10,15 +10,11 @@
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
defaults.email = "price@orion-technologies.io"; defaults.email = "price@price-hiller.com";
}; };
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"blog.orion-technologies.io" = {
forceSSL = true;
enableACME = true;
globalRedirect = "price-hiller.com";
};
"price-hiller.com" = { "price-hiller.com" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;

View File

@ -5,11 +5,11 @@
matchBlocks = matchBlocks =
rec { rec {
luna = { luna = {
hostname = "luna.hosts.orion-technologies.io"; hostname = "luna.hosts.price-hiller.com";
user = "price"; user = "price";
port = 2200; port = 2200;
}; };
"luna.hosts.orion-technologies.io" = luna; "luna.hosts.price-hiller.com" = luna;
asgard = { asgard = {
hostname = "asgard-eternal.com"; hostname = "asgard-eternal.com";
user = "asgard"; user = "asgard";