diff --git a/flake.lock b/flake.lock index a01da24..6190625 100644 --- a/flake.lock +++ b/flake.lock @@ -155,11 +155,11 @@ ] }, "locked": { - "lastModified": 1727809780, - "narHash": "sha256-7W5HE2IRiZglMBKcn9JtC6bveE6/F7IzQyV2XDanGFA=", + "lastModified": 1727872461, + "narHash": "sha256-4Pw3fVhN6xey5+2gUBm9nQJAjBqivffr+a5ZsXYjzJ8=", "owner": "nix-community", "repo": "disko", - "rev": "6c5ba9ec9d470c1ca29e7735762c9c366e28f7f5", + "rev": "568727a884ae7cd9f266bd19aea655def8cafd78", "type": "github" }, "original": { @@ -326,11 +326,11 @@ ] }, "locked": { - "lastModified": 1726153070, - "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=", + "lastModified": 1727826117, + "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a", + "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", "type": "github" }, "original": { @@ -462,11 +462,11 @@ ] }, "locked": { - "lastModified": 1727514110, - "narHash": "sha256-0YRcOxJG12VGDFH8iS8pJ0aYQQUAgo/r3ZAL+cSh9nk=", + "lastModified": 1727805723, + "narHash": "sha256-b8flytpuc4Ey/g3mcvpS/ICORcD4h56QDZeP5LogevY=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "85f7a7177c678de68224af3402ab8ee1bcee25c8", + "rev": "2f5ae3fc91db865eff2c5a418da85a0fbe6238a3", "type": "github" }, "original": { @@ -521,11 +521,11 @@ ] }, "locked": { - "lastModified": 1727383923, - "narHash": "sha256-4/vacp3CwdGoPf8U4e/N8OsGYtO09WTcQK5FqYfJbKs=", + "lastModified": 1727817100, + "narHash": "sha256-dlyV9/eiWkm/Y/t2+k4CFZ29tBvCANmJogEYaHeAOTw=", "owner": "nix-community", "repo": "home-manager", - "rev": "ffe2d07e771580a005e675108212597e5b367d2d", + "rev": "437ec62009fa8ceb684eb447d455ffba25911cf9", "type": "github" }, "original": { @@ -662,11 +662,11 @@ ] }, "locked": { - "lastModified": 1727507295, - "narHash": "sha256-I/FrX1peu4URoj5T5odfuKR2rm4GjYJJpCGF9c0/lDA=", + "lastModified": 1727707210, + "narHash": "sha256-8XZp5XO2FC6INZEZ2WlwErtvFVpl45ACn8CJ2hfTA0Y=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "f2e1c4aa29fc211947c3a7113cba1dd707433b70", + "rev": "f61d5f2051a387a15817007220e9fb3bbead57b3", "type": "github" }, "original": { @@ -874,11 +874,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1727634051, - "narHash": "sha256-S5kVU7U82LfpEukbn/ihcyNt2+EvG7Z5unsKW9H/yFA=", + "lastModified": 1727802920, + "narHash": "sha256-HP89HZOT0ReIbI7IJZJQoJgxvB2Tn28V6XS3MNKnfLs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "06cf0e1da4208d3766d898b7fdab6513366d45b9", + "rev": "27e30d177e57d912d614c88c622dcfdb2e6e6515", "type": "github" }, "original": { @@ -905,11 +905,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1727645871, - "narHash": "sha256-Os3PAThU5XliKkKa+SHsFyV/EsCHogHcYONmpzb6500=", + "lastModified": 1727871072, + "narHash": "sha256-t+YLQwBB1soQnVjT6d7nQq4Tidaw7tpB8i6Zvpc+Zbs=", "owner": "nix-community", "repo": "nixvim", - "rev": "5f4a4b47597d3b9ac26c41ff4e8da28fa662f200", + "rev": "0ca98d02104f7f0a703787a7a080a570b7f1bedd", "type": "github" }, "original": { @@ -927,11 +927,11 @@ ] }, "locked": { - "lastModified": 1727452028, - "narHash": "sha256-ehl/A4HQFRyqj1Fk7cl+dgSf/2Fb1jLwWJtZaMU6RfU=", + "lastModified": 1727599661, + "narHash": "sha256-0R+1ih0Rfqrz/lcduvpNSnUw3uthUHiaGh0aWPyIqeQ=", "owner": "NuschtOS", "repo": "search", - "rev": "9f7426e532ef8dfc839c4a3fcc567b13a20a70d3", + "rev": "c3c3928b8de7d300c34e9d90fdc19febd1a32062", "type": "github" }, "original": { diff --git a/modules/graphical/nixvim.nix b/modules/graphical/nixvim.nix index 3c1fb10..a947ee4 100644 --- a/modules/graphical/nixvim.nix +++ b/modules/graphical/nixvim.nix @@ -187,7 +187,6 @@ enable = true; sources.diagnostics = { pylint.enable = true; - statix.enable = true; }; sources.formatting = { nixfmt.enable = true; diff --git a/modules/librespeed/default.nix b/modules/librespeed/default.nix index 8183b38..88e1986 100644 --- a/modules/librespeed/default.nix +++ b/modules/librespeed/default.nix @@ -238,33 +238,14 @@ in services.nginx.virtualHosts = lib.mkIf (cfg.frontend.enable && cfg.frontend.useNginx) { ${cfg.domain} = { locations."/".root = librespeedAssets; - locations."/backend/" = { - proxyPass = "http://${cfg.settings.bind_address}:${toString cfg.settings.listen_port}/backend/"; - extraConfig = '' - # add_header Cache-Control 'no-store, no-cache, max-age=0, no-transform'; - # add_header Last-Modified $date_gmt; - if_modified_since off; - expires off; - etag off; - - access_log off; - gzip off; - log_not_found off; - server_tokens off; - tcp_nodelay on; - tcp_nopush on; - sendfile on; - client_max_body_size 50M; - proxy_read_timeout 999; - proxy_buffers 16 128k; - ''; - }; + locations."= /servers.json".return = "200 '${builtins.toJSON cfg.frontend.servers}'"; + locations."/backend/".return = "301 https://$host:${toString cfg.settings.listen_port}$request_uri"; enableACME = true; forceSSL = true; }; }; security.acme.certs = lib.mkIf (cfg.domain != null) { - ${cfg.domain} = lib.mkIf (!cfg.frontend.useNginx) { + ${cfg.domain} = { reloadServices = [ "librespeed.service" ]; webroot = "/var/lib/acme/acme-challenge"; }; @@ -273,7 +254,7 @@ in services.librespeed.frontend.servers = lib.mkIf (cfg.frontend.enable && (cfg.domain != null)) [ { name = cfg.domain; - server = "//${cfg.domain}${lib.optionalString (!cfg.frontend.useNginx) ":${toString cfg.settings.listen_port}"}"; + server = "//${cfg.domain}:${toString cfg.settings.listen_port}"; } ]; @@ -288,7 +269,7 @@ in else pkgs.writeTextDir "index.html" ""; - bind_address = mkDefault "127.0.0.1"; + bind_address = mkDefault "::"; listen_port = mkDefault 8989; base_url = mkDefault "backend"; worker_threads = mkDefault "auto"; @@ -300,17 +281,17 @@ in ipinfo_api_key = mkIf (!cfg.secrets ? "ipinfo_api_key") ""; stats_password = mkIf (!cfg.secrets ? "stats_password") ""; tls_cert_file = - if (cfg.domain != null && !cfg.frontend.useNginx) then + if (cfg.domain != null) then (mkDefault "/run/credentials/librespeed.service/cert.pem") else (mkDefault ""); tls_key_file = - if (cfg.domain != null && !cfg.frontend.useNginx) then + if (cfg.domain != null) then (mkDefault "/run/credentials/librespeed.service/key.pem") else (mkDefault ""); - enable_tls = mkDefault (cfg.domain != null && !cfg.frontend.useNginx); + enable_tls = mkDefault (cfg.domain != null); }; systemd.services = @@ -381,7 +362,7 @@ in DynamicUser = true; - LoadCredential = lib.mkIf (cfg.domain != null && !cfg.frontend.useNginx) [ + LoadCredential = lib.mkIf (cfg.domain != null) [ "cert.pem:${config.security.acme.certs.${cfg.domain}.directory}/cert.pem" "key.pem:${config.security.acme.certs.${cfg.domain}.directory}/key.pem" ];