Add webone, misc changes.
This commit is contained in:
parent
f1216bc9ad
commit
997b93d6ca
5 changed files with 102 additions and 22 deletions
7
flake.lock
generated
7
flake.lock
generated
|
@ -307,17 +307,16 @@
|
|||
"nixpkgs": "nixpkgs_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1752022159,
|
||||
"narHash": "sha256-WFkQ1WA+BRLuwfmh6uMym3IoUSXOu2sSM5XzalsLeUQ=",
|
||||
"lastModified": 1752031448,
|
||||
"narHash": "sha256-5cWr89OO+rt0saYETbLOIsKG0XYQqlgZ33xUMeQ1a1M=",
|
||||
"owner": "firewalkwithm3",
|
||||
"repo": "webone",
|
||||
"rev": "256f5e115ceffb71fd2d61e0c7cb9b6b55c7571a",
|
||||
"rev": "04cbb02463e52fd917944ee3f7174218d6fa42a5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "firewalkwithm3",
|
||||
"repo": "webone",
|
||||
"rev": "256f5e115ceffb71fd2d61e0c7cb9b6b55c7571a",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
|
|
34
flake.nix
34
flake.nix
|
@ -11,11 +11,11 @@
|
|||
url = "git+ssh://git@docker.local:222/fern/secrets?ref=main";
|
||||
flake = false;
|
||||
};
|
||||
|
||||
|
||||
# Packages.
|
||||
fluffychat2.url = "github:NixOS/nixpkgs?ref=pull/419632/head"; # FluffyChat 2.0.0
|
||||
feishin0_17.url = "github:NixOS/nixpkgs?ref=pull/414929/head"; # Feishin 0.17.0
|
||||
webone.url = "github:firewalkwithm3/webone?rev=256f5e115ceffb71fd2d61e0c7cb9b6b55c7571a"; # WebOne HTTP proxy.
|
||||
webone.url = "github:firewalkwithm3/webone"; # WebOne HTTP proxy.
|
||||
};
|
||||
|
||||
outputs =
|
||||
|
@ -27,11 +27,12 @@
|
|||
sops-nix,
|
||||
fluffychat2,
|
||||
feishin0_17,
|
||||
webone,
|
||||
...
|
||||
}:
|
||||
with nixpkgs.lib;
|
||||
let
|
||||
mkHost =
|
||||
with nixpkgs.lib;
|
||||
{
|
||||
hostname,
|
||||
suite,
|
||||
|
@ -43,21 +44,30 @@
|
|||
system = platform;
|
||||
|
||||
specialArgs = {
|
||||
inherit hostname suite platform user; # Inherit variables.
|
||||
secrets = builtins.toString inputs.secrets; # Secrets directory.
|
||||
# Packages
|
||||
userPkgs = {
|
||||
inherit
|
||||
hostname
|
||||
suite
|
||||
platform
|
||||
user
|
||||
; # Inherit variables.
|
||||
|
||||
userPackages = {
|
||||
fluffychat = fluffychat2.legacyPackages.${system}.fluffychat;
|
||||
feishin = feishin0_17.legacyPackages.${system}.feishin;
|
||||
webone = webone.packages.${system}.default;
|
||||
};
|
||||
|
||||
secrets = builtins.toString inputs.secrets; # Secrets directory.
|
||||
};
|
||||
|
||||
modules = [
|
||||
./suites/common.nix
|
||||
./suites/${suite}.nix
|
||||
./hosts/${suite}/${hostname}.nix
|
||||
] ++ extraModules;
|
||||
modules =
|
||||
[
|
||||
./suites/common.nix
|
||||
./suites/${suite}.nix
|
||||
./hosts/${suite}/${hostname}.nix
|
||||
]
|
||||
++ (filesystem.listFilesRecursive ./modules)
|
||||
++ extraModules;
|
||||
};
|
||||
in
|
||||
{
|
||||
|
|
|
@ -21,6 +21,12 @@
|
|||
};
|
||||
};
|
||||
|
||||
# Open ports for DHCP server.
|
||||
networking.firewall.allowedUDPPorts = [ 53 67 ];
|
||||
}
|
||||
# Open ports for DHCP server.
|
||||
networking.firewall.allowedUDPPorts = [
|
||||
53
|
||||
67
|
||||
];
|
||||
|
||||
# Enable WebOne HTTP proxy.
|
||||
services.webone.enable = true;
|
||||
}
|
||||
|
|
65
modules/webone.nix
Normal file
65
modules/webone.nix
Normal file
|
@ -0,0 +1,65 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
userPackages,
|
||||
...
|
||||
}:
|
||||
with lib;
|
||||
let
|
||||
cfg = config.services.webone;
|
||||
in
|
||||
{
|
||||
options.services.webone.enable = mkEnableOption "Enable WebOne HTTP proxy.";
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.groups.webone = { };
|
||||
|
||||
users.users.webone = {
|
||||
createHome = true;
|
||||
isSystemUser = true;
|
||||
home = "/var/lib/webone";
|
||||
group = "webone";
|
||||
};
|
||||
|
||||
systemd.tmpfiles.settings = {
|
||||
"10-webone" = {
|
||||
"/var/log/webone.log" = {
|
||||
f = {
|
||||
group = "webone";
|
||||
mode = "0664";
|
||||
user = "webone";
|
||||
};
|
||||
};
|
||||
"/etc/webone.conf.d" = {
|
||||
d = {
|
||||
group = "webone";
|
||||
mode = "0755";
|
||||
user = "webone";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.webone = {
|
||||
description = "WebOne HTTP Proxy Server";
|
||||
documentation = [ "https://github.com/atauenis/webone/wiki/" ];
|
||||
requires = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
wantedBy = [ "default.target" ];
|
||||
startLimitIntervalSec = 5;
|
||||
startLimitBurst = 3;
|
||||
environment = {
|
||||
OPENSSL_CONF = "${userPackages.webone}/lib/webone/openssl_webone.cnf";
|
||||
};
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
User = "webone";
|
||||
Group = "webone";
|
||||
ExecStart = "${userPackages.webone}/bin/webone";
|
||||
TimeoutStopSec = "10";
|
||||
Restart = "on-failure";
|
||||
RestartSec = "5";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
pkgs,
|
||||
userPkgs,
|
||||
userPackages,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
|
@ -109,7 +109,7 @@ with lib;
|
|||
caligula
|
||||
celluloid
|
||||
discord
|
||||
userPkgs.feishin
|
||||
userPackages.feishin
|
||||
ghostty
|
||||
gimp3
|
||||
glabels-qt
|
||||
|
@ -137,7 +137,7 @@ with lib;
|
|||
})
|
||||
|
||||
# FluffyChat 2.0.0 with fixed desktop item.
|
||||
(userPkgs.fluffychat.overrideAttrs (
|
||||
(userPackages.fluffychat.overrideAttrs (
|
||||
finalAttrs: previousAttrs: {
|
||||
desktopItems = [
|
||||
((builtins.elemAt previousAttrs.desktopItems 0).override { startupWMClass = "fluffychat"; })
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue