From ba305864438ba6c4523494daeed97ce0556fe58d Mon Sep 17 00:00:00 2001 From: ooks-io Date: Fri, 1 Nov 2024 12:43:24 +1100 Subject: [PATCH] home: add ooknet.org forgejo ssh configuration --- flake.lock | 88 ++++++++++++++++++++++++++++- flake.nix | 4 ++ modules/home/console/tools/ssh.nix | 6 ++ outputs/hosts/servers.nix | 3 +- outputs/lib/builders.nix | 3 +- secrets/ooknet_org.age | Bin 0 -> 1259 bytes secrets/secrets.nix | 1 + 7 files changed, 101 insertions(+), 4 deletions(-) create mode 100644 secrets/ooknet_org.age diff --git a/flake.lock b/flake.lock index bc1eb89..3c92d63 100644 --- a/flake.lock +++ b/flake.lock @@ -166,6 +166,24 @@ "type": "github" } }, + "flake-parts_3": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_3" + }, + "locked": { + "lastModified": 1726153070, + "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-utils": { "locked": { "lastModified": 1629284811, @@ -201,7 +219,7 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems_6" + "systems": "systems_7" }, "locked": { "lastModified": 1726560853, @@ -679,6 +697,21 @@ "type": "github" } }, + "nix-filter": { + "locked": { + "lastModified": 1710156097, + "narHash": "sha256-1Wvk8UP7PXdf8bCCaEoMnOT1qe5/Duqgj+rL8sRQsSM=", + "owner": "numtide", + "repo": "nix-filter", + "rev": "3342559a24e85fc164b295c3444e8a139924675b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "nix-filter", + "type": "github" + } + }, "nix-index-db": { "inputs": { "nixpkgs": [ @@ -739,6 +772,18 @@ "url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz" } }, + "nixpkgs-lib_3": { + "locked": { + "lastModified": 1725233747, + "narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" + } + }, "nixpkgs-stable": { "locked": { "lastModified": 1720386169, @@ -985,6 +1030,29 @@ "type": "github" } }, + "ooknet-website": { + "inputs": { + "flake-parts": "flake-parts_3", + "nix-filter": "nix-filter", + "nixpkgs": [ + "nixpkgs" + ], + "systems": "systems_5" + }, + "locked": { + "lastModified": 1728305902, + "narHash": "sha256-761elKy4m30bx9+3QTlc2MGlRbESek/klbufIP75UqI=", + "ref": "refs/heads/master", + "rev": "b0ed4617e28b40e43cc286c9cd50d75d0e204668", + "revCount": 4, + "type": "git", + "url": "ssh://git@github.com/ooks-io/website" + }, + "original": { + "type": "git", + "url": "ssh://git@github.com/ooks-io/website" + } + }, "ooks-scripts": { "inputs": { "nixpkgs": [ @@ -2793,8 +2861,9 @@ "nix-index-db": "nix-index-db", "nixpkgs": "nixpkgs_3", "nvf": "nvf", + "ooknet-website": "ooknet-website", "ooks-scripts": "ooks-scripts", - "systems": "systems_5", + "systems": "systems_6", "zjstatus": "zjstatus" } }, @@ -2922,6 +2991,21 @@ } }, "systems_6": { + "locked": { + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "owner": "nix-systems", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-linux", + "type": "github" + } + }, + "systems_7": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", diff --git a/flake.nix b/flake.nix index f3deb21..4b9c24c 100644 --- a/flake.nix +++ b/flake.nix @@ -30,6 +30,10 @@ url = "git+ssh://git@github.com/ooks-io/scripts"; inputs.nixpkgs.follows = "nixpkgs"; }; + ooknet-website = { + url = "git+ssh://git@github.com/ooks-io/website"; + inputs.nixpkgs.follows = "nixpkgs"; + }; nvf.url = "github:notashelf/nvf/v0.7"; diff --git a/modules/home/console/tools/ssh.nix b/modules/home/console/tools/ssh.nix index 0e5c0d9..e13e177 100644 --- a/modules/home/console/tools/ssh.nix +++ b/modules/home/console/tools/ssh.nix @@ -17,6 +17,12 @@ in { hostname = "github.com"; identityFile = "${osConfig.age.secrets.github_key.path}"; }; + "git.ooknet.org" = { + user = "forgejo"; + port = 2222; + hostname = "git.ooknet.org"; + identityFile = "${osConfig.age.secrets.ooknet_org.path}"; + }; }; }; }; diff --git a/outputs/hosts/servers.nix b/outputs/hosts/servers.nix index a9e1649..70af570 100644 --- a/outputs/hosts/servers.nix +++ b/outputs/hosts/servers.nix @@ -10,9 +10,10 @@ in { inherit withSystem; system = "x86_64-linux"; hostname = "ooknode"; + domain = "ooknet.org"; type = "vm"; profile = "linode"; - services = ["website"]; + services = ["website" "forgejo"]; }; }; } diff --git a/outputs/lib/builders.nix b/outputs/lib/builders.nix index e73a5a6..f088b69 100644 --- a/outputs/lib/builders.nix +++ b/outputs/lib/builders.nix @@ -89,6 +89,7 @@ type, profile, services, + domain ? "", additionalModules ? [], specialArgs ? {}, }: @@ -98,7 +99,7 @@ additionalModules = concatLists [ (singleton { ooknet.server = { - inherit services; + inherit domain services; }; }) core diff --git a/secrets/ooknet_org.age b/secrets/ooknet_org.age new file mode 100644 index 0000000000000000000000000000000000000000..e957cac827c9731cfceeb3c380ab8b9ed2ad5ad8 GIT binary patch literal 1259 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCTyNcG4IbyTQu&+yFf z(GT%Wa>+<9(+=^r3@-EVO)@D>w=hqM$Z?BGGs-A-DGV?T59RVSNl#5rG4^ox$n?(+ zFVA%`&(1SWvdjo7DNMV zBtO+4u{_z$u`<}u%d8~d(BG?~G{D`z$Sv47J)bKoG|{EfNk2^6-NMm8JJ&hK(Y4Ij zG9ol5-O?yDSvxet*frJFFx0%TG!)%7W0!JwlX8WO%uqu!Z~bHwW50mPz>q|jV8f6w z*ZfkSRPXd+%fuwNl7fOnN1w7n_du>l*CLmKken3%z{>Q@ET1gz3~#UEe3wGM$RbC- z^z!1wjB?+^GIKY5i*$6`{PHZqD;yQFQamlaf-`f|0+Pytj7w9B-P3ZT3_Jn@y+fm_ zObtCF9n&fb3cQPba(ubc%FJ_&JoJ52L(9yJ%ah78Q^LygBD9UFd_tVHJqo;Ca!iZN z^S!gRvoUOQPtmq4NLL8;Fmwt^FO4cN%kWApF->wz^K{R3HFq+rs`PdAPD&3CO>r!X z^fR?c59Eq4&MF9V&Wj2(35!fDEK2p!&koB9E=lny4b3x(@`}ocNXsjT%5yCAEl2lT zs&AIISGq!KwrhS)RknXrse77>N3LFz}(N!jk9iMi$#+Ky=+ZdnxtNja5)g+WCw`XR3FNv>SFy1EK}h3Tewe#NF~UQUVW zuEmw9IaLN(p^;u8M&`an{%+>QhLIJah9;gB-ho^Tq{~%1w6^+7vH$-6Q|?);NC{UH zv!{vVv(x3=$^mz_SUa4%^ZClBne&>$oHuR@5S&zf=)w${XP0j;DbraRwRz!zg=>sA zduPSF?oHgymCVxVa!Bx?Q*VQg8E2d46RiVsNjm!fUiNL=ov~gwW%t|AklU@Za;7J( zWawVjzyDp)b(TPh+jc#3bzFDOOSoxsFZ|_vPn%6Fob3@;I(EMMvaEvTiqPs88&+nX zc=W0`TgO>_?(=}wJ9QowA!&>GQ#HPw)QwYL$!Vml!O@!ZY}Kr0hBB55i5Jq=_Hr{d;iul~ySh`VwBKXCl~BaTn{X0t3D z8YKkUb&HQiW-=Yy^SgP|nK0>PlLA_pE6XE3rpsFKuFY;z*b^7FqHTTl!AUD8E;;o3 z*}||!J;TJNF77`SDQhIo)?Ig!o%H9);tjnkBrHz<<1ckKHHu1W^_jfm_3B#_3XArA zQM+xm?`xHJUX#Ffk3*JUowgTtWqRm!-mT&4KIl*|aTU|n66H%>A6ch)?3*R<`kH=v I{;T&o00NKPF8}}l literal 0 HcmV?d00001 diff --git a/secrets/secrets.nix b/secrets/secrets.nix index c0acbe8..10c1d7c 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -5,4 +5,5 @@ in { "tailscale-auth.age".publicKeys = [users.ooks] ++ workstations; "github_key.age".publicKeys = [users.ooks] ++ workstations; "spotify_key.age".publicKeys = [users.ooks] ++ workstations; + "ooknet_org.age".publicKeys = [users.ooks] ++ workstations; }