diff --git a/common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age b/common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age new file mode 100644 index 0000000..2327447 --- /dev/null +++ b/common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age @@ -0,0 +1,15 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB3RkMx +ZStZdnpMT3M2aVloTHNlRnVjcE94UGYxUkpMZWNEMWIwZjEwcWtRClNLekxXa0lw +RHBVandkY2h4akRKMDVNZzdvR2pGVEVrQUo5Q3Y0amZINVUKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIDVKa3VXVXZsK2toL1dUTkNNWnJxcXVFTjlOdXVkUnFjc0JtSEVm +TURPaGMKekV0a1g4R0FEZ0p5RzVhaVR5dkhCRHdOV0JrNE1Ec1p5aU9saGxJcmg1 +MAotPiBzc2gtZWQyNTUxOSA5di8ySEEgeW1SbEpvUTlTcitrUFEwZzhzWjVVT3pT +R3I4eEdJQ1FNYmxUeFQxcXZFbwp1Z0dWOVRDTm5GTk5HZkk1d2hmK1Vzczdyd2la +TkhKdkpFQ0pELzBvQkNnCi0+IEs9WyYtZ3JlYXNlIFRlbQpDWXVCL0p0YzJSRy92 +SFZDcncKLS0tIFNhSEJoREhkNXIxS3FWL0htM0lnV2R1Um8vZ1RvY1U5UFNiZnJp +TWpHeDQKc2D0yWrCV1Q4Bbx7GSCCGKIBj+pXjBaRu9vLP/L+wPdxwsQ1LBTsqHnh +Q9xPd8/T7cDBNO0dC4azdEpTWu1fe15THhkyBR4qkKLBohO7jUrzAg98tx6HkgHS +N888dGejARmrpyDfy3zekeWsSEjv31XpI6MI36ysgpE4aze6EDkKKPlSxC8i8eNI +rGQy5+lNW3pnk3e+yVZWUTpwt/4wjuhkMAHWiw== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/secrets.nix b/common/secrets/secrets/secrets.nix index b402367..502d58c 100644 --- a/common/secrets/secrets/secrets.nix +++ b/common/secrets/secrets/secrets.nix @@ -126,6 +126,9 @@ in "zitadel_master_key.age" = { publicKeys = authorityKey ++ h001; }; + "oauth2_proxy_zitadel_client_secret.age" = { + publicKeys = authorityKey ++ h001; + }; "openwebui_env.age" = { publicKeys = authorityKey ++ h001; }; diff --git a/hosts/h001/mods/default.nix b/hosts/h001/mods/default.nix index 5408430..2332292 100644 --- a/hosts/h001/mods/default.nix +++ b/hosts/h001/mods/default.nix @@ -7,5 +7,7 @@ ./monitoring.nix ./pinchflat.nix ./openwebui.nix + ./trilium.nix + ./oauth2-proxy.nix ]; } diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix new file mode 100644 index 0000000..3e6fc29 --- /dev/null +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -0,0 +1,34 @@ +{ config, ... }: +{ + services.oauth2-proxy = { + enable = true; + httpAddress = "http://127.0.0.1:4180"; + # package = pkgsUnstable.oauth2-proxy; + provider = "oidc"; + reverseProxy = true; + redirectURL = "https://sso-proxy.joshuabell.xyz/oauth2/callback"; + validateURL = "https://sso.joshuabell.xyz/oauth2/"; + oidcIssuerUrl = "https://sso.joshuabell.xyz:443"; + keyFile = config.age.secrets.oauth2_proxy_zitadel_client_secret.path; + nginx.domain = "sso-proxy.joshuabell.xyz"; + # email.domains = [ ]; + # extraConfig = { + # whitelist-domain = ".joshuabell.xyz"; + # cookie-domain = ".joshuabell.xyz"; + # }; + }; + + services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = { + locations = { + "/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:4180"; + extraConfig = '' + proxy_set_header X-Forwarded-Proto https; + ''; + }; + }; + }; + +} diff --git a/hosts/h001/mods/openwebui.nix b/hosts/h001/mods/openwebui.nix index 68a03a4..2d11428 100644 --- a/hosts/h001/mods/openwebui.nix +++ b/hosts/h001/mods/openwebui.nix @@ -17,7 +17,6 @@ options = { }; config = { - services.nginx.virtualHosts."chat.joshuabell.xyz" = { locations = { "/" = { @@ -89,7 +88,7 @@ model_name = "GPT-5"; litellm_params = { model = "azure/gpt-5-2025-08-07"; - api_base = "http://100.64.0.8:9001"; + api_base = "http://100.64.0.8:9010/azure"; api_version = "2025-04-01-preview"; api_key = "na"; }; @@ -98,7 +97,25 @@ model_name = "GPT-5-mini"; litellm_params = { model = "azure/gpt-5-mini-2025-08-07"; - api_base = "http://100.64.0.8:9001"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-5-nano"; + litellm_params = { + model = "azure/gpt-5-nano-2025-08-07"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-5-codex"; + litellm_params = { + model = "azure/gpt-5-codex-2025-09-15"; + api_base = "http://100.64.0.8:9010/azure"; api_version = "2025-04-01-preview"; api_key = "na"; }; @@ -107,7 +124,7 @@ model_name = "GPT-4.1"; litellm_params = { model = "azure/gpt-4.1-2025-04-14"; - api_base = "http://100.64.0.8:9001"; + api_base = "http://100.64.0.8:9010/azure"; api_version = "2025-04-01-preview"; api_key = "na"; }; @@ -116,7 +133,7 @@ model_name = "GPT-4.1-mini"; litellm_params = { model = "azure/gpt-4.1-mini-2025-04-14"; - api_base = "http://100.64.0.8:9001"; + api_base = "http://100.64.0.8:9010/azure"; api_version = "2025-04-01-preview"; api_key = "na"; }; @@ -125,7 +142,16 @@ model_name = "GPT-4o"; litellm_params = { model = "azure/gpt-4o-2024-05-13"; - api_base = "http://100.64.0.8:9001"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "dall-e-3-3.0"; + litellm_params = { + model = "azure/dall-e-3-3.0"; + api_base = "http://100.64.0.8:9010/azure"; api_version = "2025-04-01-preview"; api_key = "na"; }; diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix new file mode 100644 index 0000000..e756d6f --- /dev/null +++ b/hosts/h001/mods/trilium.nix @@ -0,0 +1,49 @@ +{ + ... +}: +{ + config = { + services.trilium-server = { + enable = true; + port = 9111; + host = "127.0.0.1"; + dataDir = "/var/lib/trilium"; + noAuthentication = true; + instanceName = "joshuabell"; + }; + + systemd.services.trilium-server.environment = { + TRILIUM_NO_UPLOAD_LIMIT = "true"; + }; + + services.oauth2-proxy.nginx.virtualHosts."notes.joshuabell.xyz".allowed_groups = [ "notes" ]; + services.nginx.virtualHosts."notes.joshuabell.xyz" = { + locations = { + "/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:9111"; + }; + }; + }; + + # services.nginx = { + # virtualHosts = { + # "trilium" = { + # serverName = "h001.net.joshuabell.xyz"; + # listen = [ + # { + # port = 9111; + # addr = "0.0.0.0"; + # } + # ]; + # locations."/" = { + # proxyWebsockets = true; + # recommendedProxySettings = true; + # proxyPass = "http://127.0.0.1:9111"; + # }; + # }; + # }; + # }; + }; +} diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index 4916043..0aed330 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -78,6 +78,7 @@ vlc upkgs.ladybird google-chrome + trilium-desktop ]; # Also allow this key to work for root user, this will let us use this as a remote builder easier users.users.root.openssh.authorizedKeys.keys = [ diff --git a/hosts/oracle/o001/flake.lock b/hosts/oracle/o001/flake.lock index a4afc77..29986eb 100644 --- a/hosts/oracle/o001/flake.lock +++ b/hosts/oracle/o001/flake.lock @@ -9,7 +9,7 @@ "ragenix", "nixpkgs" ], - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1736955230, @@ -25,21 +25,64 @@ "type": "github" } }, + "aquamarine": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "common", + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1759499898, + "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, "common": { "inputs": { "home-manager": "home-manager", + "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_3", "ragenix": "ragenix" }, "locked": { - "path": "../../../common", - "type": "path" + "lastModified": 1759276943, + "narHash": "sha256-/l8jI6XRejmD01IBA/yI9Kb4bgbqunJUW9EKtLLJMtw=", + "ref": "refs/heads/master", + "rev": "24b716ec9d68866f4c0171ab5b9571e9e014dde1", + "revCount": 673, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../../common", - "type": "path" - }, - "parent": [] + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "crane": { "locked": { @@ -82,8 +125,8 @@ }, "deploy-rs": { "inputs": { - "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs_3", + "flake-compat": "flake-compat_2", + "nixpkgs": "nixpkgs_5", "utils": "utils" }, "locked": { @@ -101,6 +144,22 @@ } }, "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { "flake": false, "locked": { "lastModified": 1733328505, @@ -118,7 +177,7 @@ }, "flake-utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1731533236, @@ -134,6 +193,29 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": "nixpkgs" @@ -176,6 +258,287 @@ "type": "github" } }, + "hyprcursor": { + "inputs": { + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1753964049, + "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", + "owner": "hyprwm", + "repo": "hyprcursor", + "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprcursor", + "type": "github" + } + }, + "hyprgraphics": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1759490292, + "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", + "owner": "hyprwm", + "repo": "hyprgraphics", + "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprgraphics", + "type": "github" + } + }, + "hyprland": { + "inputs": { + "aquamarine": "aquamarine", + "hyprcursor": "hyprcursor", + "hyprgraphics": "hyprgraphics", + "hyprland-protocols": "hyprland-protocols", + "hyprland-qtutils": "hyprland-qtutils", + "hyprlang": "hyprlang", + "hyprutils": "hyprutils", + "hyprwayland-scanner": "hyprwayland-scanner", + "nixpkgs": "nixpkgs_2", + "pre-commit-hooks": "pre-commit-hooks", + "systems": "systems", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1759521131, + "narHash": "sha256-24RveTqV09t0RvTDUHBcrgrQ3D3734DG7XzvNohCV3M=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "b7ef892ecf9c07e742239102056da950ebb42eee", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-protocols": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1749046714, + "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "hyprland-qt-support": { + "inputs": { + "hyprlang": [ + "common", + "hyprland", + "hyprland-qtutils", + "hyprlang" + ], + "nixpkgs": [ + "common", + "hyprland", + "hyprland-qtutils", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "hyprland-qtutils", + "systems" + ] + }, + "locked": { + "lastModified": 1749154592, + "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "type": "github" + } + }, + "hyprland-qtutils": { + "inputs": { + "hyprland-qt-support": "hyprland-qt-support", + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "common", + "hyprland", + "hyprland-qtutils", + "hyprlang", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1759080228, + "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "type": "github" + } + }, + "hyprlang": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1758927902, + "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", + "owner": "hyprwm", + "repo": "hyprlang", + "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprlang", + "type": "github" + } + }, + "hyprutils": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1759490926, + "narHash": "sha256-7IbZGJ5qAAfZsGhBHIsP8MBsfuFYS0hsxYHVkkeDG5Q=", + "owner": "hyprwm", + "repo": "hyprutils", + "rev": "94cce794344538c4d865e38682684ec2bbdb2ef3", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprutils", + "type": "github" + } + }, + "hyprwayland-scanner": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755184602, + "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -209,6 +572,38 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -224,7 +619,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_5": { "locked": { "lastModified": 1743014863, "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=", @@ -240,7 +635,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_6": { "locked": { "lastModified": 1750622754, "narHash": "sha256-kMhs+YzV4vPGfuTpD3mwzibWUE6jotw5Al2wczI0Pv8=", @@ -256,7 +651,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_7": { "locked": { "lastModified": 1750188666, "narHash": "sha256-yAfLvtbCzSigTfbsJeOrvljS7VYLAwi2RZ6F+qd+A5E=", @@ -1167,12 +1562,36 @@ "type": "github" } }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1758108966, + "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "ragenix": { "inputs": { "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_4", "rust-overlay": "rust-overlay" }, "locked": { @@ -1193,13 +1612,13 @@ "inputs": { "common": "common", "deploy-rs": "deploy-rs", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_6", "ros_neovim": "ros_neovim" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_7", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", @@ -1317,16 +1736,16 @@ }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -1360,9 +1779,24 @@ "type": "github" } }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { "inputs": { - "systems": "systems_3" + "systems": "systems_4" }, "locked": { "lastModified": 1731533236, @@ -1377,6 +1811,53 @@ "repo": "flake-utils", "type": "github" } + }, + "xdph": { + "inputs": { + "hyprland-protocols": [ + "common", + "hyprland", + "hyprland-protocols" + ], + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "common", + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755354946, + "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } } }, "root": "root", diff --git a/hosts/oracle/o001/flake.nix b/hosts/oracle/o001/flake.nix index 80c48ff..07f132a 100644 --- a/hosts/oracle/o001/flake.nix +++ b/hosts/oracle/o001/flake.nix @@ -3,8 +3,8 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; deploy-rs.url = "github:serokell/deploy-rs"; - common.url = "path:../../../common"; - # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + # common.url = "path:../../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; diff --git a/hosts/oracle/o001/nginx.nix b/hosts/oracle/o001/nginx.nix index 3866fb5..5c74ace 100644 --- a/hosts/oracle/o001/nginx.nix +++ b/hosts/oracle/o001/nginx.nix @@ -162,6 +162,14 @@ proxyPass = "http://100.64.0.13"; }; }; + "notes.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://100.64.0.13"; + }; + }; "sso.joshuabell.xyz" = { enableACME = true; forceSSL = true; @@ -172,6 +180,16 @@ ''; }; }; + "sso-proxy.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://100.64.0.13"; + extraConfig = '' + proxy_set_header X-Forwarded-Proto https; + ''; + }; + }; # "obsidiansync.joshuabell.xyz" = { # enableACME = true; # forceSSL = true;