summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/home-manager/bat.nix1
-rw-r--r--modules/nixos/cgit.nix33
-rw-r--r--modules/nixos/headscale.nix2
-rw-r--r--modules/users/defin.nix4
4 files changed, 39 insertions, 1 deletions
diff --git a/modules/home-manager/bat.nix b/modules/home-manager/bat.nix
index 13e8e6d..b54677f 100644
--- a/modules/home-manager/bat.nix
+++ b/modules/home-manager/bat.nix
@@ -4,6 +4,7 @@
enable = true;
config = {
pager = "less -FR";
+ theme = "Solarized (dark)";
# theme = "catppuccin-mocha";
};
# themes = {
diff --git a/modules/nixos/cgit.nix b/modules/nixos/cgit.nix
new file mode 100644
index 0000000..177158a
--- /dev/null
+++ b/modules/nixos/cgit.nix
@@ -0,0 +1,33 @@
+{ config, ... } : { # This is for hosting on bosco
+ services.cgit = {
+ "git.myrmexia.xyz" = {
+ enable = true;
+ nginx.location = "/git/";
+ # nginx.virtualHost = "git.myrmexia.xyz";
+ settings = {
+ enable-commit-graph = 1;
+ enable-http-clone = 0;
+ };
+ repos = {
+ nixos-flake = {
+ desc = "A public repo for viewing my nixos config.";
+ path = "/srv/git/.flake.git";
+ };
+ };
+ };
+ };
+ # services.nginx.virtualHosts."git.myrmexia.xyz".listen.port = 8081;
+ # listen.port = 8081;
+ # };
+
+ # this solution is extremely hacky as it changes nginx system defaults instead of virtual host default
+ #TODO: fix
+ services.nginx.defaultHTTPListenPort = 8081;
+ # caddy = {
+ # enable = true;
+ # email = "devin.finlinson@pm.me";
+ # virtualhosts."git.myrmexia.xyz".extraConfig = ''
+ # reverse_proxy http://localhost:${toString config.services.cgit.port} ''
+ # };
+ networking.firewall.allowedTCPPorts = [8081];
+}
diff --git a/modules/nixos/headscale.nix b/modules/nixos/headscale.nix
index 261dd52..d56785f 100644
--- a/modules/nixos/headscale.nix
+++ b/modules/nixos/headscale.nix
@@ -1,4 +1,4 @@
-{config, pkgs, ...}:
+{config, ...}:
let
domain = "myrmexia.xyz";
subDomain = "bosco.${domain}";
diff --git a/modules/users/defin.nix b/modules/users/defin.nix
index 139845f..9d38f7b 100644
--- a/modules/users/defin.nix
+++ b/modules/users/defin.nix
@@ -22,10 +22,14 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXrt3+N4+ahtXZCUn11evQsVGsGgAohGwafC29/a4fk defin@Radahn"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkGcmYIYCe6GHsZZvnXqsedF0wn+AhGSr+RPJtUO/kl defin@khad"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEaMYXO9ghATyUPzyE7aD/XVVmK9UAexueoGEYAqPT4L defin@kebab"
+ # keys for remote build
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLx3RgUgbE7THS7hRZypyudEKffj0ppwQfQuxIpPf8H root@zenbook"
];
};
};
+ nix.settings.trusted-users = [ "@builders" ];
+ security.pam.enableSSHAgentAuth = true;
# I can't think of a better spot to put this rn.
services.openssh = {
ports = [ 22 2200 ]; # needed because isp blocks ssh over 22
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-08 14:20:25 +0000