From 45e23683bf3f28132634e0432cebb0a6884e3f5c Mon Sep 17 00:00:00 2001 From: Jurn Wubben Date: Thu, 21 Aug 2025 23:35:46 +0200 Subject: [PATCH] server: disabled matrix; added basic coder setup --- secrets/coder-env.age | Bin 0 -> 896 bytes secrets/default.nix | 6 +++++- secrets/secrets.nix | 1 + system/server/coder.nix | 36 ++++++++++++++++++++++++++++++++++++ system/server/default.nix | 5 +++-- system/server/nextcloud.nix | 2 +- 6 files changed, 46 insertions(+), 4 deletions(-) create mode 100644 secrets/coder-env.age create mode 100644 system/server/coder.nix diff --git a/secrets/coder-env.age b/secrets/coder-env.age new file mode 100644 index 0000000000000000000000000000000000000000..37fdf79547a86c7abbdd965a428a81058842a596 GIT binary patch literal 896 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCT453Gs|cT`9=ED8!S zP4f$hbocSh3r&gePIM0qHVjNQvM5jVNiWST40H2y)Q&K(4CM;S_D)Lj2r9_U_lz-~OE-4H*s5Cax&dRPzt}v;H()V!54=axd4@I}lH!a9K%u%7J&^W^>C`8}5IKw-& z!qcQMG%70~*Vv#aE6cISH#8|L+r%T!CAi$fBb%!-$Rp4q+by!V(x)WH#i%^luqw|b z-6bq2z{4%m&(kZ%#6QP0-O#ftsvO-m?c}nckaUF-?ZPaNiU0$%$lOSmk`R;J3^&&> z4=;b$l%P^aL(it8D)N&{ z^Ycy9y~;8R4I?swgAKS`!vg#*^;4aK!_Bfx{R*-|f-DPCy|R)k+>1h8-NG&1(gG~Y zbM?&({PWRmGuN-mj4W5k&vQw44{%BA6FeI=-+pIjjG{V5$&pR{EBwyb(Jtvz0x$f%-7x5G$}aDs3O?8B;7aM(8eR<`3??#s4-6P8?f|9kmM)W9lve+N|6kMJ1u+VrOkV44h%PUQ2wUAO9PoSRWTzhMh7A==R;dq?7v&Ze zJ?ffa==SVRt#R)y;hL)t7d!nb;P+Qz5$)d?7<}jGnYl;U4#=M9jMXoT{n2nQ^LEJO L+4knMS^ok60iQm2 literal 0 HcmV?d00001 diff --git a/secrets/default.nix b/secrets/default.nix index eb03533..a81b87c 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -44,7 +44,11 @@ in { }; nextcloud-admin-pass = mkIf server { file = ./nextcloud-admin-pass.age; - owner = "nextcloud"; + owner = "nextcloud"; #NOTE: not a clear 'nextcloud.service' or 'services.nextcloud.user'. + }; + coder-env = mkIf server { + file = ./coder-env.age; + owner = abstrServiceUser "coder"; }; }; } diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 72393aa..5b33f48 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -23,4 +23,5 @@ in { "forgejo-mailpass.age".publicKeys = keys; "immich-oidc.age".publicKeys = keys; "nextcloud-admin-pass.age".publicKeys = keys; + "coder-env.age".publicKeys = keys; } diff --git a/system/server/coder.nix b/system/server/coder.nix new file mode 100644 index 0000000..46535b0 --- /dev/null +++ b/system/server/coder.nix @@ -0,0 +1,36 @@ +{ + config, + lib, + pkgs, + ... +}: let + inherit (config.niksos) server; + port = 9005; + host = "coder.jsw.tf"; + httpsHost = "https://" + host; +in { + config = lib.mkIf server { + services = { + caddy.virtualHosts."${host}".extraConfig = '' + reverse_proxy :${port} + ''; + coder = { + enable = true; + listenAddress = "127.0.0.1:${port}"; + wildcardAccessUrl = "*.${host}"; + accessUrl = httpsHost; + environment = { + file = ./file.file; # See format below. + /* + CODER_OIDC_CLIENT_ID="" + CODER_OIDC_CLIENT_SECRET="" + */ + extra = { + CODER_OIDC_ISSUER_URL = "https://z.jsw.tf"; + # CODER_OIDC_EMAIL_DOMAIN="your-domain-1,your-domain-2"; + }; + }; + }; + }; + }; +} diff --git a/system/server/default.nix b/system/server/default.nix index 7319695..8063a22 100644 --- a/system/server/default.nix +++ b/system/server/default.nix @@ -1,16 +1,17 @@ {lib, ...}: { imports = [ + # ./matrix.nix ./bot.nix ./caddy.nix + ./coder.nix ./derekBot.nix ./forgejo.nix ./immich.nix ./index ./mail.nix - ./matrix.nix + ./nextcloud.nix ./temp.nix ./zitadel.nix - ./nextcloud.nix ]; options.niksos.server = lib.mkEnableOption "server servcies (such as caddy)."; #TODO: per service option. } diff --git a/system/server/nextcloud.nix b/system/server/nextcloud.nix index 775f368..8b2876d 100644 --- a/system/server/nextcloud.nix +++ b/system/server/nextcloud.nix @@ -8,7 +8,7 @@ host = "cloud.jsw.tf"; nginxRoot = config.services.nginx.virtualHosts.${host}.root; fpmSocket = config.services.phpfpm.pools.nextcloud.socket; - imaginaryPort = 9005; + imaginaryPort = 9004; in { config = lib.mkIf server { users.groups.nextcloud.members = ["nextcloud" "caddy"];