Update from update-inputs-2024-06-14-04-20

This commit is contained in:
Update Bot 2024-06-14 04:20:33 +02:00
commit c4b066e30a
No known key found for this signature in database
4 changed files with 33 additions and 19 deletions

View file

@ -21,6 +21,7 @@
SCHEDULE = "@every 24h"; SCHEDULE = "@every 24h";
UPDATE_EXISTING = true; UPDATE_EXISTING = true;
}; };
DEFAULT.APP_NAME = "The Gay Git";
federation.ENABLED = true; federation.ENABLED = true;
log.LEVEL = "Info"; log.LEVEL = "Info";
mailer = { mailer = {
@ -31,6 +32,11 @@
USER = "git@kyouma.net"; USER = "git@kyouma.net";
}; };
mirror.DEFAULT_INTERVAL = "1h"; mirror.DEFAULT_INTERVAL = "1h";
oauth2_client.REGISTER_EMAIL_CONFIRM = false;
openid = {
ENABLE_OPENID_SIGNIN = true;
ENABLE_OPENID_SIGNUP = true;
};
session = { session = {
COOKIE_SECURE = true; COOKIE_SECURE = true;
PROVIDER = "db"; PROVIDER = "db";
@ -40,6 +46,7 @@
STATIC_URL_PREFIX = "/static"; STATIC_URL_PREFIX = "/static";
PROTOCOL = "http+unix"; PROTOCOL = "http+unix";
DOMAIN = "git.kyouma.net"; DOMAIN = "git.kyouma.net";
ROOT_URL = "https://git.kyouma.net";
}; };
security = { security = {
LOGIN_REMEMBER_DAYS = 90; LOGIN_REMEMBER_DAYS = 90;
@ -66,7 +73,7 @@
kyouma.nginx.virtualHosts."git.kyouma.net" = { kyouma.nginx.virtualHosts."git.kyouma.net" = {
locations."/static/".alias = "${pkgs.forgejo.data}/public/"; locations."/static/".alias = "${pkgs.forgejo.data}/public/";
locations."/" = { locations."/" = {
proxyPass = "http://unix:/run/forgejo/forgejo.socket"; proxyPass = "http://unix:/run/forgejo/forgejo.sock";
}; };
}; };
security.acme.certs."git.kyouma.net" = {}; security.acme.certs."git.kyouma.net" = {};

View file

@ -3,17 +3,19 @@
sopsFile = ../../secrets/services/vaultwarden.yaml; sopsFile = ../../secrets/services/vaultwarden.yaml;
owner = "vaultwarden"; owner = "vaultwarden";
}; };
sops.secrets."services/vaultwarden/basicAuth" = {
sopsFile = ../../secrets/services/vaultwarden.yaml;
owner = "vaultwarden";
};
services.vaultwarden = { services.vaultwarden = {
enable = true; enable = true;
environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path; environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path;
backupDir = "/var/backup/bitwarden_rs";
config = { config = {
DATA_FOLDER = "/var/lib/vaultwarden"; DOMAIN = "https://staging.vault.kyouma.net";
DOMAIN = "staging.vault.kyouma.net";
DATABASE_MAX_CONNS = 15; DATABASE_MAX_CONNS = 15;
WEB_VAULT_ENABLED = true; WEB_VAULT_ENABLED = true;
WEBSOCKET_ENABLED = true;
WEBSOCKET_ADDRESS = "::1"; WEBSOCKET_ADDRESS = "::1";
WEBSOCKET_PORT = 3012;
SENDS_ALLOWED = true; SENDS_ALLOWED = true;
ORG_ATTACHMENT_LIMIT = 1048576; ORG_ATTACHMENT_LIMIT = 1048576;
USER_ATTACHMENT_LIMIT = 524288; USER_ATTACHMENT_LIMIT = 524288;
@ -30,15 +32,19 @@
SMTP_USERNAME = "vault@kyouma.net"; SMTP_USERNAME = "vault@kyouma.net";
SMTP_SECURITY = "starttls"; SMTP_SECURITY = "starttls";
SMTP_PORT = 587; SMTP_PORT = 587;
ROCKET_ADDRESS = "unix:/run/vaultwarden/rocket.socket"; ROCKET_ADDRESS = "::1";
ROCKET_PORT = ""; ROCKET_PORT = "8222";
}; };
}; };
kyouma.nginx.virtualHosts."staging.vault.kyouma.net" = { kyouma.nginx.virtualHosts."staging.vault.kyouma.net" = {
locations."/" = { locations."/" = {
proxyPass = "http://unix:/run/vaultwarden/rocket.socket"; proxyPass = "http://[::1]:8222";
proxyWebsockets = true; proxyWebsockets = true;
}; };
locations."/admin" = {
proxyPass = "http://[::1]:8222";
basicAuthFile = config.sops.secrets."services/vaultwarden/basicAuth".path;
};
}; };
security.acme.certs."staging.vault.kyouma.net" = {}; security.acme.certs."staging.vault.kyouma.net" = {};
} }

View file

@ -531,11 +531,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1718207430, "lastModified": 1718265846,
"narHash": "sha256-/eO2NTRvrrdYWMI06plS8ANDGOhTZBA+C3H3KwbBI1w=", "narHash": "sha256-h4MnTID6ciFxtTvtl+ibXMKaG6iLMezCtUvKIfFG7r0=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "9e848e173ca83adf884815c66edc08652ef9ade8", "rev": "d75003136c0fc94ee60e51806c2801ff572d06a6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -644,11 +644,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1718202302, "lastModified": 1718290136,
"narHash": "sha256-urU2mKEhKCaThtRDM54oUj40A+m3wYSnWjfkoxbuhLU=", "narHash": "sha256-BQFspZqwA56LOIQ0ypw54Nal/BLFUpnZTqoXxeiSTNE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixvim", "repo": "nixvim",
"rev": "cc9023fb1d74fad3b7b704a1c161a2ce9f378431", "rev": "80c03843e7ad7fc7deb0dce6d1f6fc45593ed91d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -714,11 +714,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1718122552, "lastModified": 1718292734,
"narHash": "sha256-A+dBkSwp8ssHKV/WyXb9uqIYrHBqHvtSedU24Lq9lqw=", "narHash": "sha256-XAwxzCDfExqIj0PIjEpjt3eOzsosxOCLx6sQWHPSrSg=",
"owner": "danth", "owner": "danth",
"repo": "stylix", "repo": "stylix",
"rev": "e59d2c1725b237c362e4a62f5722f5b268d566c7", "rev": "73c6955b4572346cc10f43a459949fe646efbde0",
"type": "github" "type": "github"
}, },
"original": { "original": {

View file

@ -1,6 +1,7 @@
services: services:
vaultwarden: vaultwarden:
environmentFile: ENC[AES256_GCM,data:qCzqf1xSqKdVin18WMOkFatuL2TTpvOEl1gFQyjBHbVuauDl4IJZ6aL+APrk7ADH78CRx5SntD6hjrI6hWea/IQsvw9feTTZkp+pG5qVvLdgPdl61cnAaZCUNvvzxE2NTFOTPriNLSRxwT8We1meyNe4CAkkKsMMVFInNarY8ZxuEEIEkBr7VfhB/EHCj72FSv1kR2zTw15n9b0gNxFwBC0jkTKTfEBoQNVtU6gmFTfXSNi92cothuTQbPxsYtbALpC3Y/aAJBT6SGODuqEHZ+B+NfYemX6eRYX89pXy3Tb0r2frK2XbWLowq7IP/w0MTGOsMV+ytiAD03wa65qUlYMejkGYFX1Q,iv:F/NXvyegyvIApdYaITAgGZxLUl99yfMbN/WSUOEKDmg=,tag:1MXqbpwPqG3v9h0X57k6kQ==,type:str] environmentFile: ENC[AES256_GCM,data:qCzqf1xSqKdVin18WMOkFatuL2TTpvOEl1gFQyjBHbVuauDl4IJZ6aL+APrk7ADH78CRx5SntD6hjrI6hWea/IQsvw9feTTZkp+pG5qVvLdgPdl61cnAaZCUNvvzxE2NTFOTPriNLSRxwT8We1meyNe4CAkkKsMMVFInNarY8ZxuEEIEkBr7VfhB/EHCj72FSv1kR2zTw15n9b0gNxFwBC0jkTKTfEBoQNVtU6gmFTfXSNi92cothuTQbPxsYtbALpC3Y/aAJBT6SGODuqEHZ+B+NfYemX6eRYX89pXy3Tb0r2frK2XbWLowq7IP/w0MTGOsMV+ytiAD03wa65qUlYMejkGYFX1Q,iv:F/NXvyegyvIApdYaITAgGZxLUl99yfMbN/WSUOEKDmg=,tag:1MXqbpwPqG3v9h0X57k6kQ==,type:str]
basicAuth: ENC[AES256_GCM,data:hMVlWEM59dzp91S3iZB2jhyZE7ys3xhOlEEQSypc8daLOtJLxHTbA5HLNQ==,iv:Z5Wik8xfAV2S7DwLXcoJudB/qAAe6bjOQCV2t0Xk8zw=,tag:EpXw1AJvMFU+Td1sdMP5lQ==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -16,8 +17,8 @@ sops:
MktVZ0VUbEFOY2xkcUhvQlBFdXhtaGMKkZrL4ePjGaV6Xa1zo+6osC6uT3YfYP/A MktVZ0VUbEFOY2xkcUhvQlBFdXhtaGMKkZrL4ePjGaV6Xa1zo+6osC6uT3YfYP/A
Sju9hALA36ACnE3QoIE5Rnhme4KwiIA6+VZlIU4OHAB8YPIewmvCCA== Sju9hALA36ACnE3QoIE5Rnhme4KwiIA6+VZlIU4OHAB8YPIewmvCCA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-05-03T13:05:08Z" lastmodified: "2024-06-13T14:39:40Z"
mac: ENC[AES256_GCM,data:xQtCP1lRVQvr3rY/Cb3eW7tAwUSge8yFMuYSzMRUzbaNz03dHU3lhp/FGFDa1aWvbxT9YdKr4rIY2sUlMAK5ltw5uiiOXo5RA0wiC80A9bRVudnxCpF0cvwzBUZyY4I5ydAKE+peKLf76GRVE9awkZLmCu/B+P/R9AuS0GEZxKA=,iv:G3HF5py8bTnbJZBSWDHPVY6yI/ZlDaTEG0XCq0t+ykY=,tag:bs95sOcYsLn1Pls8TpqzHw==,type:str] mac: ENC[AES256_GCM,data:UXyVowvw23iorkK3GODpAlujHu1W/xhZA7XB5xy/BBIDjBaKeG4Uwr3pHX05Pwy/naHLuGX3fRaEISW+gAecEfe1+fId/FJY12wu0pq2/NRVNzyhRYb1bmSc654KFJVl2hOujwBmAwmdtbbxZQU3B/mqMpol/xzWyn96zu161bo=,iv:iGcdWH/ct3Qsvkt8VQBH+UagxPs2OTArXVSjMqliOy4=,tag:KASdSTPa/tA+SUu7nshU2w==,type:str]
pgp: pgp:
- created_at: "2024-06-12T20:46:24Z" - created_at: "2024-06-12T20:46:24Z"
enc: |- enc: |-