forked from kalipso/infrastructure
[lucia] working certs and mpd
This commit is contained in:
@@ -8,8 +8,19 @@
|
||||
../modules/malobeo_user.nix
|
||||
];
|
||||
|
||||
sops.defaultSopsFile = ./secrets.yaml;
|
||||
sops.secrets.njala_api_key = {};
|
||||
|
||||
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
|
||||
boot.loader.grub.enable = false;
|
||||
boot.loader.raspberryPi.enable = false;
|
||||
boot.loader.raspberryPi.version = 3;
|
||||
boot.loader.raspberryPi.uboot.enable = true;
|
||||
boot.loader.raspberryPi.firmwareConfig = ''
|
||||
dtparam=audio=on
|
||||
hdmi_ignore_edid_audio=1
|
||||
audio_pwm_mode=2
|
||||
'';
|
||||
|
||||
# Enables the generation of /boot/extlinux/extlinux.conf
|
||||
boot.loader.generic-extlinux-compatible.enable = true;
|
||||
@@ -21,6 +32,9 @@
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
# hardware audio support:
|
||||
sound.enable = true;
|
||||
|
||||
services = {
|
||||
dokuwiki.sites."wiki.malobeo.org" = {
|
||||
enable = true;
|
||||
@@ -50,29 +64,69 @@
|
||||
};
|
||||
};
|
||||
|
||||
mpd = {
|
||||
enable = true;
|
||||
musicDirectory = "/var/lib/mpd/music";
|
||||
extraConfig = ''
|
||||
audio_output {
|
||||
type "alsa"
|
||||
name "My ALSA"
|
||||
device "hw:0,0" # optional
|
||||
format "44100:16:2" # optional
|
||||
mixer_type "hardware"
|
||||
mixer_device "default"
|
||||
mixer_control "PCM"
|
||||
}
|
||||
'';
|
||||
|
||||
# Optional:
|
||||
network.listenAddress = "any"; # if you want to allow non-localhost connections
|
||||
startWhenNeeded = true; # systemd feature: only start MPD service upon connection to its socket
|
||||
};
|
||||
|
||||
ympd = {
|
||||
enable = true;
|
||||
mpd = {
|
||||
enable = true;
|
||||
musicDirectory = "/var/lib/mpd/music";
|
||||
extraConfig = ''
|
||||
audio_output {
|
||||
type "alsa"
|
||||
name "My ALSA"
|
||||
device "hw:0,0" # optional
|
||||
format "44100:16:2" # optional
|
||||
mixer_type "hardware"
|
||||
mixer_device "default"
|
||||
mixer_control "PCM"
|
||||
}
|
||||
'';
|
||||
|
||||
# Optional:
|
||||
network.listenAddress = "any"; # if you want to allow non-localhost connections
|
||||
startWhenNeeded = true; # systemd feature: only start MPD service upon connection to its socket
|
||||
};
|
||||
|
||||
ympd = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
defaults.email = "malobeo@systemli.org";
|
||||
defaults = {
|
||||
dnsProvider = "njalla";
|
||||
credentialsFile = config.sops.secrets.njala_api_key.path;
|
||||
dnsPropagationCheck = false;
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."music.malobeo.org" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
acmeRoot = null;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:8080";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 6680 80 443 ];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
vim
|
||||
htop
|
||||
wget
|
||||
git
|
||||
pciutils
|
||||
nix-tree
|
||||
];
|
||||
|
||||
system.stateVersion = "23.05";
|
||||
}
|
||||
|
||||
#mopidy = {
|
||||
# enable = true;
|
||||
# configuration = ''
|
||||
@@ -127,28 +181,3 @@
|
||||
# '';
|
||||
# extensionPackages = with pkgs; [ mopidy-iris mopidy-youtube python3Packages.yt-dlp ];
|
||||
#};
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."music.malobeo.org" = {
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:8080";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 6680 80 ];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
vim
|
||||
htop
|
||||
wget
|
||||
git
|
||||
pciutils
|
||||
nix-tree
|
||||
];
|
||||
|
||||
system.stateVersion = "23.05";
|
||||
}
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
hello: ENC[AES256_GCM,data:3VuyuX7MaLSmor4W22F3FUCGp8SUq4pE6z5nuiZenH07+zEeMAllVCP6g/j1fQ==,iv:A3Oh99AchsmrkMEb4ZRSIigb8Cr+3WlQtsgyZJGpLY8=,tag:TOHF9BaydkRD6cJAndryTg==,type:str]
|
||||
njala_api_key: ENC[AES256_GCM,data:cFngyUfg+hATbqK+nizeKGgzriyhqQ+C2cACgvxYX8mbc5BcXSomiw==,iv:c4W9Ow1yQ3F+MG8QLOSbTCJ55+BadtpAZSsB+eEo8cs=,tag:wTeT+feLbx8rYfUEJgfepA==,type:str]
|
||||
njala_api_key: ENC[AES256_GCM,data:qXGngMJaAOk2Gb8B4nwMTht9Vp/OEhGmKS5vh1kpi0MyqcsmwuwpWuUz+RWD6NDFn2w/35M=,iv:lsZyCrmcT1xJcLjzK4zkcRYmbKUeLUFYZ7oDfCVJV8c=,tag:WK+aF3XGBRDQuvL87Qdusw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2023-10-24T14:43:15Z"
|
||||
mac: ENC[AES256_GCM,data:GginYeOix/N5Y5SfKYJPAWlrRYWNPRaoqwKkSCIiAhtpTSC6GBXUkbx3a465YP60MIb5e43MhQcpxUN9pOd49yt2Jka9zphBUElitHniRj1NPsFRQxtZIM6bRsrFG3frUT0+1YYNd0x+Nbz+scm+MnZmKuk6+ZnQRMYyJvcb1UQ=,iv:kh/zbW2UGpow6QuUp/9juqKKi2uxwAa/kfhu8hmz0+I=,tag:+E/eJhWgvslvzxorq5KyNQ==,type:str]
|
||||
lastmodified: "2023-10-24T15:09:51Z"
|
||||
mac: ENC[AES256_GCM,data:f/wf0EuNmy+ic/k+fHg3IJ8p4I8BftFn6QwGJsXJgTBDspe7Plnwh+kGEqdPg8OEbWy/1niRfCXJa/vKoquWsxL7LUP2lGYT7lj7QYuj2F8fo2WIe2qhCikuxO6Q1asKyBcebYv5KAY/yQlVBYs9X9tcU6Fu4IU2AmJhjYB6m3s=,iv:K3DCEV4/FocdnEulNM9snH4uym8pAZRSmsYbM+rghe4=,tag:429oJE1du0IRl4aDuLzoZA==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-10-24T14:42:18Z"
|
||||
enc: |
|
||||
|
||||
Reference in New Issue
Block a user