Add webone, misc changes.

This commit is contained in:
Fern Garden 2025-07-09 12:02:55 +08:00
parent f1216bc9ad
commit 997b93d6ca
5 changed files with 102 additions and 22 deletions

7
flake.lock generated
View file

@ -307,17 +307,16 @@
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1752022159,
"narHash": "sha256-WFkQ1WA+BRLuwfmh6uMym3IoUSXOu2sSM5XzalsLeUQ=",
"lastModified": 1752031448,
"narHash": "sha256-5cWr89OO+rt0saYETbLOIsKG0XYQqlgZ33xUMeQ1a1M=",
"owner": "firewalkwithm3",
"repo": "webone",
"rev": "256f5e115ceffb71fd2d61e0c7cb9b6b55c7571a",
"rev": "04cbb02463e52fd917944ee3f7174218d6fa42a5",
"type": "github"
},
"original": {
"owner": "firewalkwithm3",
"repo": "webone",
"rev": "256f5e115ceffb71fd2d61e0c7cb9b6b55c7571a",
"type": "github"
}
}

View file

@ -11,11 +11,11 @@
url = "git+ssh://git@docker.local:222/fern/secrets?ref=main";
flake = false;
};
# Packages.
fluffychat2.url = "github:NixOS/nixpkgs?ref=pull/419632/head"; # FluffyChat 2.0.0
feishin0_17.url = "github:NixOS/nixpkgs?ref=pull/414929/head"; # Feishin 0.17.0
webone.url = "github:firewalkwithm3/webone?rev=256f5e115ceffb71fd2d61e0c7cb9b6b55c7571a"; # WebOne HTTP proxy.
webone.url = "github:firewalkwithm3/webone"; # WebOne HTTP proxy.
};
outputs =
@ -27,11 +27,12 @@
sops-nix,
fluffychat2,
feishin0_17,
webone,
...
}:
with nixpkgs.lib;
let
mkHost =
with nixpkgs.lib;
{
hostname,
suite,
@ -43,21 +44,30 @@
system = platform;
specialArgs = {
inherit hostname suite platform user; # Inherit variables.
secrets = builtins.toString inputs.secrets; # Secrets directory.
# Packages
userPkgs = {
inherit
hostname
suite
platform
user
; # Inherit variables.
userPackages = {
fluffychat = fluffychat2.legacyPackages.${system}.fluffychat;
feishin = feishin0_17.legacyPackages.${system}.feishin;
webone = webone.packages.${system}.default;
};
secrets = builtins.toString inputs.secrets; # Secrets directory.
};
modules = [
./suites/common.nix
./suites/${suite}.nix
./hosts/${suite}/${hostname}.nix
] ++ extraModules;
modules =
[
./suites/common.nix
./suites/${suite}.nix
./hosts/${suite}/${hostname}.nix
]
++ (filesystem.listFilesRecursive ./modules)
++ extraModules;
};
in
{

View file

@ -21,6 +21,12 @@
};
};
# Open ports for DHCP server.
networking.firewall.allowedUDPPorts = [ 53 67 ];
}
# Open ports for DHCP server.
networking.firewall.allowedUDPPorts = [
53
67
];
# Enable WebOne HTTP proxy.
services.webone.enable = true;
}

65
modules/webone.nix Normal file
View file

@ -0,0 +1,65 @@
{
config,
lib,
userPackages,
...
}:
with lib;
let
cfg = config.services.webone;
in
{
options.services.webone.enable = mkEnableOption "Enable WebOne HTTP proxy.";
config = mkIf cfg.enable {
users.groups.webone = { };
users.users.webone = {
createHome = true;
isSystemUser = true;
home = "/var/lib/webone";
group = "webone";
};
systemd.tmpfiles.settings = {
"10-webone" = {
"/var/log/webone.log" = {
f = {
group = "webone";
mode = "0664";
user = "webone";
};
};
"/etc/webone.conf.d" = {
d = {
group = "webone";
mode = "0755";
user = "webone";
};
};
};
};
systemd.services.webone = {
description = "WebOne HTTP Proxy Server";
documentation = [ "https://github.com/atauenis/webone/wiki/" ];
requires = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "default.target" ];
startLimitIntervalSec = 5;
startLimitBurst = 3;
environment = {
OPENSSL_CONF = "${userPackages.webone}/lib/webone/openssl_webone.cnf";
};
serviceConfig = {
Type = "simple";
User = "webone";
Group = "webone";
ExecStart = "${userPackages.webone}/bin/webone";
TimeoutStopSec = "10";
Restart = "on-failure";
RestartSec = "5";
};
};
};
}

View file

@ -1,6 +1,6 @@
{
pkgs,
userPkgs,
userPackages,
lib,
...
}:
@ -109,7 +109,7 @@ with lib;
caligula
celluloid
discord
userPkgs.feishin
userPackages.feishin
ghostty
gimp3
glabels-qt
@ -137,7 +137,7 @@ with lib;
})
# FluffyChat 2.0.0 with fixed desktop item.
(userPkgs.fluffychat.overrideAttrs (
(userPackages.fluffychat.overrideAttrs (
finalAttrs: previousAttrs: {
desktopItems = [
((builtins.elemAt previousAttrs.desktopItems 0).override { startupWMClass = "fluffychat"; })