Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: web change site handling, add php to scana11y, add ssh deploy key for gitea

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2025-09-09 10:39:00 +02:00
parent 536fc2b463
commit 8ad0c4d336
4 changed files with 109 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
hosts/web-arm/configuration.nix
View File

@@ -33,39 +33,7 @@
./modules/web/typo3.nix
./modules/web/stack.nix
./sites/autoconfig.cloonar.com.nix
./sites/feeds.cloonar.com.nix
./sites/webmail.cloonar.com.nix
./sites/vcard.cloonar.dev.nix
./sites/vcard.cloonar.com.nix
./sites/cloonar.com.nix
./sites/gbv-aktuell.at.nix
./sites/matomo.cloonar.com.nix
./sites/support.cloonar.dev.nix
./sites/stage.cloonar-technologies.at.nix
./sites/stage.scana11y.com.nix
./sites/scana11y.com.nix
./sites/cloonar.dev.nix
./sites/paraclub.at.nix
./sites/api.paraclub.at.nix
./sites/module.paraclub.at.nix
./sites/tandem.paraclub.at.nix
./sites/paraclub.cloonar.dev.nix
./sites/api.paraclub.cloonar.dev.nix
./sites/tandem.paraclub.cloonar.dev.nix
./sites/module.paraclub.cloonar.dev.nix
./sites/gbv-aktuell.cloonar.dev.nix
./sites/stage.myhidden.life.nix
./sites/stage.korean-skin.care.nix
./sites/feeds.jordanrannells.com.nix
./sites/dialog-relations.cloonar.dev.nix
./sites/dialog-relations.at.nix
./sites/lena-schilling.cloonar.dev.nix
./sites/lena-schilling.at.nix
./sites
];
nixpkgs.overlays = [
@@ -108,6 +76,32 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRQuPqH5fdX3KEw7DXzWEdO3AlUn1oSmtJtHB71ICoH Generated By Termius"
];
systemd.tmpfiles.rules = [
"d /var/lib/nix-ssh-keys 0700 root root -"
];
sops.secrets.gitea-ssh-key = {
path = "/var/lib/nix-ssh-keys/gitea_ed25519";
owner = "root";
group = "root";
mode = "0600";
};
programs.ssh = {
knownHosts = {
"git.cloonar.com" = {
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDlUj7eEfS/4+z/3IhFhOTXAfpGEpNv6UWuYSL5OAhus";
};
};
extraConfig = ''
Host gitea-internal
HostName git.cloonar.com
User gitea
Port 22
IdentitiesOnly yes
IdentityFile /var/lib/nix-ssh-keys/gitea_ed25519
StrictHostKeyChecking yes
'';
};
# backups
borgbackup.repo = "u149513-sub8@u149513-sub8.your-backup.de:borg";