move radicale to vps

2024-01-02 15:20:19 -06:00 · 2024-01-02 15:20:19 -06:00 · 50ea65da10
parent 543171202c
commit 50ea65da10
3 changed files with 25 additions and 14 deletions
--- a/boxes/mainsail.nix
+++ b/boxes/mainsail.nix
@ -33,6 +33,7 @@
    ports = [2222];
  };

+<<<<<<< Updated upstream
  services.radicale = {
    enable = true;
    settings = {
@ -44,6 +45,8 @@
    };
  };

+=======
+>>>>>>> Stashed changes
  systemd.targets.sleep.enable = false;
  systemd.targets.suspend.enable = false;
  systemd.targets.hibernate.enable = false;
@ -90,19 +93,6 @@
    };
  };

-  systemd.services.radicale-web-bridge = {
-    script = ''
-      ${pkgs.openssh}/bin/ssh -v -NR 5232:localhost:5232 -oExitOnForwardFailure=yes -p 55555 useracc@beepboop.systems
-    '';
-    wantedBy = [ "multi-user.target" ];
-    after = [ "network.target" "ankisyncd.service" ];
-    serviceConfig = {
-      Restart = "on-failure";
-      StartLimitBurst = 10000;
-      RestartSec = "0s";
-    };
-  };
-
  systemd.services.internal-ssh-bridge = {
    script = ''
      ${pkgs.openssh}/bin/ssh -v -NR 2222:localhost:2222 -oExitOnForwardFailure=yes -p 55555 useracc@beepboop.systems
--- a/boxes/netbox.nix
+++ b/boxes/netbox.nix
@ -12,6 +12,16 @@

  networking.hostName = "netbox";

+  services.radicale = {
+    enable = true;
+    config = ''
+      [auth]
+      type = htpasswd
+      htpasswd_filename = radicale-passwd
+      htpasswd_encryption = plain
+    '';
+  };
+
  services.rss2email = {
    enable = true;
    to = "ryan@beepboop.systems";
@ -100,7 +110,8 @@
  services.vaultwarden.enable = true;
  services.vaultwarden.config = {
  	DOMAIN = "https://bitwarden.beepboop.systems";
-	SIGNUPS_ALLOWED = false;
+#	SIGNUPS_ALLOWED = false;
+	ADMIN_TOKEN = "an_amazing_token_xd";
  };

  networking.usePredictableInterfaceNames = false;
@ -141,6 +152,12 @@
    root = "/var/www/beepboop.systems";
  };

+  services.nginx.virtualHosts."webhooks.beepboop.systems" = {
+    forceSSL = true;
+    enableACME = true;
+    root = "/var/www/webhooks.beepboop.systems";
+  };
+
  services.nginx.virtualHosts."git.beepboop.systems" = {
    forceSSL = true;
    enableACME = true;
--- a/modules/mail.nix
+++ b/modules/mail.nix
@ -35,6 +35,10 @@ in {
          # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' > /hashed/password/file/location
          hashedPasswordFile = "/etc/ryan-beepboop-systemsuser-pass";
        };
+        "discord9412@beepboop.systems" = {
+          # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' > /hashed/password/file/location
+          hashedPasswordFile = "/etc/ryan-beepboop-systemsuser-pass";
+        };
      };
      certificateScheme = "acme-nginx";
    };