From a44510ee09e843d3f597b521053d57b54d68ac71 Mon Sep 17 00:00:00 2001
From: TheGeneralist <180094941+thegeneralist01@users.noreply.github.com>
Date: Fri, 27 Jun 2025 04:02:02 +0200
Subject: [PATCH] site: finish setup

---
 hosts/thegeneralist-central/cert.pem.age      |   6 ++++
 hosts/thegeneralist-central/cftoken.age       |   6 ++++
 hosts/thegeneralist-central/configuration.nix |   3 +-
 hosts/thegeneralist-central/credentials.age   | Bin 0 -> 388 bytes
 hosts/thegeneralist-central/site.nix          |  33 ++++++++++++++++++
 modules/common/home-manager.nix               |   4 +++
 secrets.nix                                   |   3 ++
 7 files changed, 53 insertions(+), 2 deletions(-)
 create mode 100644 hosts/thegeneralist-central/cert.pem.age
 create mode 100644 hosts/thegeneralist-central/cftoken.age
 create mode 100644 hosts/thegeneralist-central/credentials.age
 create mode 100644 hosts/thegeneralist-central/site.nix

diff --git a/hosts/thegeneralist-central/cert.pem.age b/hosts/thegeneralist-central/cert.pem.age
new file mode 100644
index 0000000..ee2225e
--- /dev/null
+++ b/hosts/thegeneralist-central/cert.pem.age
@@ -0,0 +1,6 @@
+age-encryption.org/v1
+-> ssh-ed25519 pp9qdQ 2WgjmfKlFjtkMRuA1pHNaGDoGKUozBBjYosmfSNL8EA
+dbFwrLcgWUaxKkHPGsGF7OaOXb3xf5nsCdGhnkbkzPU
+--- yCk7ScptYN12uv1aCqyqfqRHvxl8QiAaFRXd3KgJbdE
+èn­gDÊÎ~ÿ·GÛ÷¦¢èþ‚âât%ó­uá÷÷©¦—1ãg UÖ¥zLÖY|ÓŸ¾añr¹o\©èBs8@kê~Ar†To£þ÷%zžÀ²—yƒ¨ë|"ÿ™‡`CÁjw·ºõŠ¨ñ5±>‡lû¼ÂeèºFœyÃfEìÁ·éZÉó½ÃªUÃÅ:|H Š“¸=è¨u¥ñˆÂÑ© þ(ÈÀ^qÙ‡Œoï˜ô=‰ûïq3Œ×bI­	äìA¹ð›ýn¹`HÓksGj
+:…ÐM¨¥˜X·`ßolÄçéÙ‡etddÁoÊÉö¬ÍÑóPíüFï§~‡ôƒÕ¥Úÿ#9*M,hþÑ­Zjo›”Øo|ª"­Ïe$©ÏÙ0ºV
\ No newline at end of file
diff --git a/hosts/thegeneralist-central/cftoken.age b/hosts/thegeneralist-central/cftoken.age
new file mode 100644
index 0000000..1c43e7e
--- /dev/null
+++ b/hosts/thegeneralist-central/cftoken.age
@@ -0,0 +1,6 @@
+age-encryption.org/v1
+-> ssh-ed25519 pp9qdQ OrqCuVIzHaavNZxpOXYlIcnrHJe5GOjtcIhmaw+8wHI
+TQCYrhgm4O52QPodgSmFMvyw0Ln7n/+vFlGnONctPKk
+--- jOnFOfG4YRnpvtmmoEVfbh3mAXtfcJiTjzja46xTKMk
+Ï÷r_z'Dx’y2Ô—ÿƒG½8¹hë}=è‡EàK«[wÀßÆìöaðÿBÞ
+÷þH Ä§ÿHîÆbE–ÿì9{´YS‚ÑÎ–JÞL>²ö¨êPÈÒ“m£ÿDšn¤BQQšš2êÕ¸·çW&uÒ‡X…¼òf»FUoj6Q3e4¡X¸*‚Ý*ó*xÚÓÖ½©ç Cî±ÏýpÇ’}”ÛVµ9~=û`ô ½¦’AÓI<.÷’GEÀ¨2­L1BM‡x›ÿW…½IlŸ–†Ü}2&±âïÖ
\ No newline at end of file
diff --git a/hosts/thegeneralist-central/configuration.nix b/hosts/thegeneralist-central/configuration.nix
index 17f1256..714ccc3 100644
--- a/hosts/thegeneralist-central/configuration.nix
+++ b/hosts/thegeneralist-central/configuration.nix
@@ -5,7 +5,7 @@
 { self, config, pkgs, lib, inputs, ... }:
 
 {
-  imports = [ ./hardware-configuration.nix ];
+  imports = [ ./hardware-configuration.nix ./site.nix ];
 
   users.users.thegeneralist = {
     isNormalUser = true;
@@ -18,7 +18,6 @@
     in [ thegeneralist ];
   };
 
-  programs.home-manager.enable = true;
   home-manager = {
     backupFileExtension = "home.bak";
     extraSpecialArgs = { inherit inputs; };
diff --git a/hosts/thegeneralist-central/credentials.age b/hosts/thegeneralist-central/credentials.age
new file mode 100644
index 0000000000000000000000000000000000000000..857de1938a4a4a0138493c0c15b6eb6aaffbfca5
GIT binary patch
literal 388
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSHD6lL{2~>zoOLYu4
z2(nDk4i7dg(DyNL_RcW(El&<~(bo?0N-QufNeRpKE-}rG2<3_>&Q8xY({`+IN-DPS
z$#M@eFf8{hOe!qM_4m~e&Mh_!a?SV82rsV+i{#SP)m11?@pdz;aQ6u<3=GM1kMb@J
z@JUTB3N7?-H*j*#^)fQ7@HB8P^$9Ka^W@6>bhEQv`Oxb#K7aUHGB3RP5_KzBWX^)T
z>-)akRDEKf>iq9m^V&6>e}s<m1b(&bpSeNdfK%(KuC+~yQnUVXt#;8X`SdfP*LB9%
zyMGj9`;NA}wn)4+opaOfGYhW#@svzycmDe8;f2VbKRXwG{?DRu^U}r#89$p#-FPMW
zr5Wo&UiR}n{qa)Q^rc2#4nuuxRs~P_+AHQaYR&E*o)NaPAub?qp3Xk|B#XYs(z;)r
qeV;sXlrUIwm%sYogbzN792;7Gy;3}0c=v+h5}v|*dC!yDF>3%bqo<+(

literal 0
HcmV?d00001

diff --git a/hosts/thegeneralist-central/site.nix b/hosts/thegeneralist-central/site.nix
new file mode 100644
index 0000000..89d16d1
--- /dev/null
+++ b/hosts/thegeneralist-central/site.nix
@@ -0,0 +1,33 @@
+{ config, pkgs, ... }: let
+  domain = "thegeneralist01.com";
+in {
+  environment.systemPackages = [ pkgs.cloudflared ];
+
+  services.nginx = {
+    enable = true;
+
+    virtualHosts = {
+      "${domain}" = {
+        root = "/var/www/${domain}";
+        locations."/".tryFiles = "$uri $uri/ $uri/index.html";
+      };
+    };
+  };
+
+  age.secrets.cftcert.file = ./cert.pem.age;
+  age.secrets.cftcredentials.file = ./credentials.age;
+
+  services.cloudflared = {
+    enable = true;
+    certificateFile = config.age.secrets.cftcert.path;
+    tunnels."site" = {
+      ingress = {
+        "thegeneralist01.com" = "http://localhost:80";
+        "www.thegeneralist01.com" = "http://localhost:80";
+      };
+      default = "http_status:404";
+      credentialsFile = config.age.secrets.cftcredentials.path;
+      certificateFile = config.age.secrets.cftcert.path;
+    };
+  };
+}
diff --git a/modules/common/home-manager.nix b/modules/common/home-manager.nix
index 3eca196..76b3871 100644
--- a/modules/common/home-manager.nix
+++ b/modules/common/home-manager.nix
@@ -3,4 +3,8 @@
     useGlobalPkgs   = true;
     useUserPackages = true;
   };
+
+  home-manager.sharedModules = [{
+    programs.home-manager.enable = true;
+  }];
 }
diff --git a/secrets.nix b/secrets.nix
index d5e0c37..3bd4512 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -4,5 +4,8 @@ in {
   "hosts/thegeneralist/hostkey.age".publicKeys = [ thegeneralist ];
   "hosts/thegeneralist-central/hostkey.age".publicKeys = [ thegeneralist ];
 
+  "hosts/thegeneralist-central/cert.pem.age".publicKeys = [ thegeneralist ];
+  "hosts/thegeneralist-central/credentials.age".publicKeys = [ thegeneralist ];
+
   "modules/linux/tailscale-marshall.age".publicKeys = [ thegeneralist ];
 }