thegeneralist01/config-new
1
Fork 0
Code Issues Pull requests Activity

feat: set up cache

Browse source
This commit is contained in:
TheGeneralist 2025-06-30 21:00:51 +02:00
parent 4c899bbfc6
commit 56cc86052f
Signed by: thegeneralist01
SSH key fingerprint: SHA256:pp9qddbCNmVNoSjevdvQvM5z0DHN7LTa8qBMbcMq/R4
6 changed files with 51 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

27
hosts/thegeneralist-central/cache/default.nix vendored Normal file
View file

@ -0,0 +1,27 @@
{ pkgs, config, ... }: let
domain = "cache.thegeneralist01.com";
ssl = {
quic = true;
useACMEHost = "thegeneralist01.com";
};
in {
age.secrets.cacheSigningKey.file = ./key.age;
services.nix-serve = {
enable = true;
package = pkgs.nix-serve-ng;
secretKeyFile = config.age.secrets.cacheSigningKey.path;
port = 1337;
openFirewall = false;
};
services.nginx.virtualHosts.${domain} = ssl // {
locations."/".proxyPass = "http://127.0.0.1:1337";
locations."= /".return = "301 https://thegeneralist01.com/404";
extraConfig = /* nginx */ ''
proxy_intercept_errors on;
error_page 404 = thegeneralist01.com/404.html;
'';
};
}

7
hosts/thegeneralist-central/cache/key.age vendored Normal file
View file

@ -0,0 +1,7 @@
age-encryption.org/v1
-> ssh-ed25519 pp9qdQ 7QBh40bF+3U+uQaQiZNMVsIWX2ZX162OKbuzgNwIR3A
Fj2ACjgfeswbIt+ril51zlNaacqgMzkl8p3CQpiUGFo
--- yVZxFaEnzft0ovxvy0CbdIZso0qVMyFPGocBRiONTQM
b²Q^ 4öø4ƒy!Rq9+AE6î²ÓòÅåW&ÃÇÃt[Ñç.ƒ…â/<2F>ª„ª™J¼<4A>#Bu„zwIïêÖ/ÊGCo¼xÕn©™0Ö1·J¡ckJv/¸p¤qwÿûz B/ßíëÖy<C396>$,¥;IÀ3©wˆYÙ»üòSÔ
ë³ÑP2‡
_ ƒÀ”Á_µõDPž

2
hosts/thegeneralist-central/configuration.nix
View file

@ -5,7 +5,7 @@
{ self, config, pkgs, lib, inputs, ... }: { self, config, pkgs, lib, inputs, ... }:
{ {
imports = [ ./hardware-configuration.nix ./site.nix ]; imports = [ ./hardware-configuration.nix ./site.nix ./cache ];
users.users.thegeneralist = { users.users.thegeneralist = {
isNormalUser = true; isNormalUser = true;

1
hosts/thegeneralist-central/site.nix
View file

@ -66,6 +66,7 @@ in {
ingress = { ingress = {
"thegeneralist01.com" = "http://localhost:80"; "thegeneralist01.com" = "http://localhost:80";
"www.thegeneralist01.com" = "http://localhost:80"; "www.thegeneralist01.com" = "http://localhost:80";
"cache.thegeneralist01.com" = "http://localhost:80";
}; };
default = "http_status:404"; default = "http_status:404";

21
modules/common/nix.nix
View file

@ -1,17 +1,24 @@
{ pkgs, lib, ...}: { { pkgs, lib, ...}: {
# todo: gc # todo: gc
# todo: cache
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
nh nh
]; ];
lib.debug.traceVal = pkgs.nh; nix.settings = {
experimental-features = [
"flakes"
"nix-command"
"pipe-operators"
];
nix.settings.experimental-features = [ extra-substituters = [
"flakes" "https://cache.thegeneralist01.com/"
"nix-command" ];
"pipe-operators"
]; extra-trusted-public-keys = [
"etc.thegeneralist01.com:BIhIf7HJ5xjFX+2e0WrGDQ4LdHeEEyQrtWBB1li2Ve8="
];
};
home-manager.sharedModules = [{ home-manager.sharedModules = [{
programs.nh = { programs.nh = {

1
secrets.nix
View file

@ -7,6 +7,7 @@ in {
"hosts/thegeneralist-central/acme/acmeEnvironment.age".publicKeys = [ thegeneralist ]; "hosts/thegeneralist-central/acme/acmeEnvironment.age".publicKeys = [ thegeneralist ];
"hosts/thegeneralist-central/cert.pem.age".publicKeys = [ thegeneralist ]; "hosts/thegeneralist-central/cert.pem.age".publicKeys = [ thegeneralist ];
"hosts/thegeneralist-central/credentials.age".publicKeys = [ thegeneralist ]; "hosts/thegeneralist-central/credentials.age".publicKeys = [ thegeneralist ];
"hosts/thegeneralist-central/cache/key.age".publicKeys = [ thegeneralist ];
"modules/linux/tailscale-marshall.age".publicKeys = [ thegeneralist ]; "modules/linux/tailscale-marshall.age".publicKeys = [ thegeneralist ];
} }