Archive of broken or unused modules

2025-01-13 23:38:58 -05:00 · 2025-01-13 23:38:58 -05:00 · 6ff47b3403
commit 6ff47b3403
parent 32a703b4e1
8 changed files with 96 additions and 16 deletions
--- a/common/archive/acme/cloudflare.ini.example
+++ b/common/archive/acme/cloudflare.ini.example
@ -0,0 +1 @@
+CF_DNS_API_TOKEN=
--- a/common/archive/acme/default.nix
+++ b/common/archive/acme/default.nix
@ -0,0 +1,17 @@
+{ config, lib, pkgs, ... }: {
+    
+    # letsencrypt 
+    security.acme = {
+        acceptTerms = true;
+        defaults = {
+            email = "chris@toph.cc";
+            dnsProvider = "cloudflare";
+            environmentFile = ./cloudflare.ini;
+        };
+        certs = {
+            "ryot.foo" = {
+                extraDomainNames = ["*.ryot.foo"];
+            };
+        };
+    };
+}
--- a/common/archive/caddy/default.nix
+++ b/common/archive/caddy/default.nix
@ -0,0 +1,17 @@
+{
+    services.caddy = {
+        enable = true;
+
+        virtualHosts = {
+            "*.ryot.foo" = {
+                useACMEHost = "ryot.foo";
+                extraConfig = builtins.readFile ./ryot.foo.conf;
+            };
+            
+            "ryot.foo" = {
+                useACMEHost = "ryot.foo";
+                extraConfig = builtins.readFile ./ryot.foo.conf;
+            };
+        };
+    };
+}
--- a/common/archive/caddy/ryot.foo.conf
+++ b/common/archive/caddy/ryot.foo.conf
@ -0,0 +1,13 @@
+reverse_proxy http://localhost:8080 {
+    header_up Host {host}
+    header_up X-Real-IP {remote}
+    header_up X-Forwarded-For {remote}
+    header_up X-Forwarded-Proto {scheme}
+}
+
+reverse_proxy https://localhost:4433 {
+    header_up Host {host}
+    header_up X-Real-IP {remote}
+    header_up X-Forwarded-For {remote}
+    header_up X-Forwarded-Proto {scheme}
+}
--- a/common/archive/mailserver/admin.pass
+++ b/common/archive/mailserver/admin.pass
@ -0,0 +1 @@
+$2b$05$RAavFe61.2iBTeGdtCI5EuKmFXxRbh/OL199HjBN74hSBCXzxViqS
--- a/common/archive/mailserver/admin.pass.example
+++ b/common/archive/mailserver/admin.pass.example
@ -0,0 +1 @@
+<HASHED_PASS>
--- a/common/archive/mailserver/default.nix
+++ b/common/archive/mailserver/default.nix
@ -0,0 +1,19 @@
+{ 
+    enable = true;
+    fqdn = "mail.ryot.foo";
+    domains = [ "ryot.foo" ];
+
+    enableImapSsl = true;
+    enableSubmissionSsl = true;
+
+    # A list of all login accounts. To create the password hashes, use
+    # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
+    loginAccounts = {
+        "[REDACTED]" = {
+            hashedPassword = builtins.readFile ./admin.pass;
+            aliases = ["[REDACTED]"];
+        };
+    };
+
+    certificateScheme = "acme";
+}
--- a/host/proxy/default.nix
+++ b/host/proxy/default.nix
@ -1,4 +1,10 @@
-{ modulesPath, config, pkgs, hostName, ... }:
+{
+  modulesPath,
+  config,
+  pkgs,
+  hostName,
+  ...
+}:
 {
  ## MODULES & IMPORTS ##
  imports = [
@ -19,7 +25,12 @@

  ## NETWORKING ##
  networking.firewall = {
-    allowedTCPPorts = [ 22 80 443 14333 ];
+    allowedTCPPorts = [
+      22
+      80
+      443
+      14333
+    ];
    allowedUDPPorts = [ 53 ];
    interfaces.podman1 = {
      # so that containers find eachother's names
				`@ -0,0 +1 @@`
				`$2b$05$RAavFe61.2iBTeGdtCI5EuKmFXxRbh/OL199HjBN74hSBCXzxViqS`