diff --git a/config/instance-20221213-1915.nix b/config/instance-20221213-1915.nix index 8b8432e7..ff49a155 100644 --- a/config/instance-20221213-1915.nix +++ b/config/instance-20221213-1915.nix @@ -27,7 +27,6 @@ ./services/heisenbridge.nix ./services/uptime-kuma.nix ./services/matrix-sliding-sync.nix - ./services/chir-rs.nix ]; boot.initrd.availableKernelModules = ["xhci_pci" "virtio_pci" "usbhid"]; diff --git a/config/nixos-8gb-fsn1-1.nix b/config/nixos-8gb-fsn1-1.nix index 00dcaaf2..02953c3a 100644 --- a/config/nixos-8gb-fsn1-1.nix +++ b/config/nixos-8gb-fsn1-1.nix @@ -33,7 +33,6 @@ ./services/shitalloverme.nix ./services/wordpress.nix ./services/initrd-ssh.nix - ./services/chir-rs.nix ]; boot.initrd.availableKernelModules = ["ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sd_mod" "sr_mod"]; diff --git a/config/services/chir-rs.nix b/config/services/chir-rs.nix deleted file mode 100644 index cf727a43..00000000 --- a/config/services/chir-rs.nix +++ /dev/null @@ -1,98 +0,0 @@ -{ - lib, - pkgs, - config, - chir-rs, - system, - ... -}: let - staticDir = pkgs.stdenvNoCC.mkDerivation { - name = "static"; - buildPhase = "true"; - src = pkgs.emptyDirectory; - installPhase = '' - mkdir $out - for f in ${chir-rs.packages.${system}.chir-rs-fe}/*; do - ln -sv $f $out - done - ln -sv ${chir-rs.packages.${system}.art-assets} $out/img - ''; - }; - auxCfg = pkgs.writeText "config.dhall" '' - ${./chir-rs.dhall} { - staticDir = "${staticDir}", - connectionString = "postgres://chir_rs:" ++ (${config.sops.secrets."services/chir-rs/database-password".path} as Text) ++ "@nixos-8gb-fsn1-1.int.chir.rs/chir_rs", - signUpKey = ${config.sops.secrets."services/chir-rs/signup-secret".path} as Text, - nodeName = "${config.networking.hostName}" - } - ''; -in { - systemd.services.chir-rs = { - enable = true; - wantedBy = ["multi-user.target"]; - after = ["network.target"]; - serviceConfig = { - Restart = "always"; - PrivateTmp = true; - WorkingDirectory = "/tmp"; - User = "chir-rs"; - CapabilityBoundingSet = [""]; - DeviceAllow = [""]; - LockPersonality = true; - MemoryDenyWriteExecute = true; - NoNewPrivileges = true; - PrivateDevices = true; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHome = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - ProtectSystem = "strict"; - RemoveIPC = true; - RestrictAddressFamilies = ["AF_INET" "AF_INET6"]; - RestrictNamespaces = true; - RestrictRealtime = true; - RestrictSUIDSGID = true; - SystemCallArchitectures = "native"; - UMask = "0077"; - ExecStart = '' - ${chir-rs.packages.${system}.chir-rs}/bin/chir-rs - ''; - }; - environment = { - CHIR_RS_CONFIG = "${auxCfg}"; - }; - }; - sops.secrets."services/chir-rs/database-password".owner = "chir-rs"; - sops.secrets."services/chir-rs/signup-secret".owner = "chir-rs"; - services.postgresql.ensureDatabases = [ - "chir_rs" - ]; - services.postgresql.ensureUsers = [ - { - name = "chir_rs"; - ensurePermissions = { - "DATABASE chir_rs" = "ALL PRIVILEGES"; - }; - } - ]; - services.caddy.virtualHosts."lotte-test.chir.rs" = { - useACMEHost = "chir.rs"; - logFormat = lib.mkForce ""; - extraConfig = '' - import baseConfig - - reverse_proxy http://127.0.0.1:62936 { - trusted_proxies private_ranges - } - ''; - }; - users.users.chir-rs = { - description = "Chir.rs domain server"; - isSystemUser = true; - group = "chir-rs"; - }; - users.groups.chir-rs = {}; -} diff --git a/flake.lock b/flake.lock index d9f62fc3..33bdd181 100644 --- a/flake.lock +++ b/flake.lock @@ -13,11 +13,11 @@ ] }, "locked": { - "lastModified": 1700902142, - "narHash": "sha256-pSmG8+l9L5iUZv8WSVtw8Ff3ArPMfDUYSqYvmDBMFmY=", + "lastModified": 1701089912, + "narHash": "sha256-G3583Fam4rVYFFTfWG6H2RobptP8+Fdm644LgpeRLEs=", "owner": "DarkKirb", "repo": "admin-fe", - "rev": "d5988742572233c071f792b5b80cb1aa61c94f96", + "rev": "bcfc3284e1e34957cc6a2f9e309e7de317ba4861", "type": "github" }, "original": { @@ -65,11 +65,11 @@ ] }, "locked": { - "lastModified": 1700840380, - "narHash": "sha256-B2pvym/XScUk+LPapYCG+PXyMdCTUW5pNTQg2ursxMY=", + "lastModified": 1701092254, + "narHash": "sha256-ulTckbO8c4hmV71fCpRzCrZa8nZ8wZPDAPxSNdsg+pw=", "owner": "DarkKirb", "repo": "akkoma-fe", - "rev": "c0b9762dbfe00b1bf6920a4444172947647f3546", + "rev": "f0570fa191bf10c51832f6ff3c45faf0951e7ed9", "type": "github" }, "original": { @@ -78,42 +78,6 @@ "type": "github" } }, - "chir-rs": { - "inputs": { - "flake-parts": [ - "flake-parts" - ], - "haskell-flake": [ - "haskell-flake" - ], - "microformats2-parser": "microformats2-parser", - "nix-packages": [ - "nix-packages" - ], - "nixpkgs": [ - "nixpkgs" - ], - "systems": [ - "systems" - ], - "treefmt-nix": [ - "treefmt-nix" - ] - }, - "locked": { - "lastModified": 1699254151, - "narHash": "sha256-PeC6rOfXVIgMQ/0eZM9j9tLbS4Xu8/PzPKTpQ4L60Ds=", - "owner": "DarkKirb", - "repo": "chir.rs", - "rev": "c849b0234b38e0105fd0504d4ec379b84e5fbec0", - "type": "github" - }, - "original": { - "owner": "DarkKirb", - "repo": "chir.rs", - "type": "github" - } - }, "colorpickle": { "inputs": { "naersk": [ @@ -127,11 +91,11 @@ ] }, "locked": { - "lastModified": 1696800008, - "narHash": "sha256-dQ2Xf1K5qH18J7h3pzx4ffp6n1nwN+2L8jv6OBXPLzQ=", + "lastModified": 1700940986, + "narHash": "sha256-+7eo8Y0YkuQeGDIHtEGPpoJQNGSxpzkg4UPR63xJiss=", "owner": "AgathaSorceress", "repo": "colorpickle", - "rev": "a1a21aebbc9b9716136ab9cc6f77bf5346f8e7ba", + "rev": "61c77e71b5586412b6deecc2389fc39072e4b60f", "type": "github" }, "original": { @@ -201,11 +165,11 @@ ] }, "locked": { - "lastModified": 1700921177, - "narHash": "sha256-lvAQjymMBphr4jzPuKEDdD9c8a+tG38ben1m0TAPZjU=", + "lastModified": 1701089284, + "narHash": "sha256-WnSjMk47fyEqI+R//26U3nBLctHGjdizEbKQdaNNS6k=", "owner": "DarkKirb", "repo": "element-web", - "rev": "e5dd8b0d735adbf46b49ea6063b9079058507d97", + "rev": "14241cb4b5d6694470608ba3eba73e6af36f39e8", "type": "github" }, "original": { @@ -233,11 +197,11 @@ ] }, "locked": { - "lastModified": 1700914998, - "narHash": "sha256-dr/WR10BufDu+2t2GegT7sYWj8W2msoRog2HhOJHCC8=", + "lastModified": 1701105280, + "narHash": "sha256-eOsKVXs+yCPPIrYEZAjV3wUQY9MnPFG9Boh6sRllE7s=", "owner": "nix-community", "repo": "flake-firefox-nightly", - "rev": "8c3351b2c46d4b7a6b99f884e2f3cc16c8282edd", + "rev": "908f42ca76f61d223028ae29d1a4fc4f3a357ebe", "type": "github" }, "original": { @@ -327,21 +291,6 @@ "type": "github" } }, - "haskell-flake": { - "locked": { - "lastModified": 1700660308, - "narHash": "sha256-bn8c4qYpacgkm3r46dGGcj/uPu0luLPO3nsvfXFVKjQ=", - "owner": "srid", - "repo": "haskell-flake", - "rev": "e1f6540334987310f47d02f7c89a16e3e1343e33", - "type": "github" - }, - "original": { - "owner": "srid", - "repo": "haskell-flake", - "type": "github" - } - }, "home-manager": { "inputs": { "nixpkgs": [ @@ -349,11 +298,11 @@ ] }, "locked": { - "lastModified": 1700847865, - "narHash": "sha256-uWaOIemGl9LF813MW0AEgCBpKwFo2t1Wv3BZc6e5Frw=", + "lastModified": 1701071203, + "narHash": "sha256-lQywA7QU/vzTdZ1apI0PfgCWNyQobXUYghVrR5zuIeM=", "owner": "nix-community", "repo": "home-manager", - "rev": "8cedd63eede4c22deb192f1721dd67e7460e1ebe", + "rev": "db1878f013b52ba5e4034db7c1b63e8d04173a86", "type": "github" }, "original": { @@ -396,11 +345,11 @@ ] }, "locked": { - "lastModified": 1700395747, - "narHash": "sha256-pzLYZGK34vhAFfyAJjcZYX3BK0Ap/QY/rd8B6Q30tHo=", + "lastModified": 1701000511, + "narHash": "sha256-ISihdFB0FlIk5d5tdyqL+61o0by0p1ugA9w5c8qQtFM=", "owner": "nix-community", "repo": "lib-aggregate", - "rev": "474538707da35589543af5a1c8c31f9978841add", + "rev": "565fa4f33c785158e3effe4fee3cd9b143d5761d", "type": "github" }, "original": { @@ -441,11 +390,11 @@ ] }, "locked": { - "lastModified": 1700902201, - "narHash": "sha256-OkXv0MoGmaXarFkVuFBYxaT6XFB8+FosBN+SA9vWzU0=", + "lastModified": 1700985127, + "narHash": "sha256-IlaFiKU7+7XUHPViqVA7pzNJS/Fgfy2TY2wyt3tJOsk=", "owner": "darkkirb", "repo": "matrix-js-sdk", - "rev": "40f5c69ac802599ef6068718c9cae6a5d9937d85", + "rev": "3063981716d4d44674f6584b86a3094f3d6f172d", "type": "github" }, "original": { @@ -474,11 +423,11 @@ ] }, "locked": { - "lastModified": 1700903743, - "narHash": "sha256-JrO5CjNQqANRCKnZwKLpNwOTgmsyMXkUIeh/TwjosGY=", + "lastModified": 1700985209, + "narHash": "sha256-rXwZW0BQpInzQnaVHR/YcK3YC5yhCKC30Y66mKJuo1A=", "owner": "darkkirb", "repo": "matrix-react-sdk", - "rev": "5b3265464e3061d7a8ebfd5441efcbab5b653723", + "rev": "da0fdd84974e3550570eb7b9729a18f909cec1f0", "type": "github" }, "original": { @@ -512,22 +461,6 @@ "type": "github" } }, - "microformats2-parser": { - "flake": false, - "locked": { - "lastModified": 1695821315, - "narHash": "sha256-Et4yYDiIcIeMsEkZI9Y0Unh51fnuMQzScE4dxgXCGzo=", - "owner": "darkkirb", - "repo": "microformats2-parser", - "rev": "4e6b3aac8f5af3306261ef2782f7df990e96f429", - "type": "github" - }, - "original": { - "owner": "darkkirb", - "repo": "microformats2-parser", - "type": "github" - } - }, "mozilla": { "locked": { "lastModified": 1695805681, @@ -595,11 +528,11 @@ ] }, "locked": { - "lastModified": 1700874698, - "narHash": "sha256-45bXCKIc3BZA3q83vAJi2qcd0mdkWp4bG/AmbBx01TA=", + "lastModified": 1700961605, + "narHash": "sha256-nN5m0OhqmD0gxtpXDvXyqCPQux9L/o1Yr1ALKoaOT9o=", "owner": "fufexan", "repo": "nix-gaming", - "rev": "9ed5f7f0e6f14fb8956ddb8c0ed345d6b4aee2c0", + "rev": "076d7864a6c2d02e41325c03ad3200a8a3739763", "type": "github" }, "original": { @@ -644,11 +577,11 @@ ] }, "locked": { - "lastModified": 1700860079, - "narHash": "sha256-NWBvQ1uvT0N/yMyB16yiBH3jvOaljw+wik9w09sFrLY=", + "lastModified": 1701099541, + "narHash": "sha256-lWkSVRyLOXWYHQuLzLyfJ28n7iw0xWLtatOYkwVJPzA=", "owner": "DarkKirb", "repo": "nix-packages", - "rev": "78d1c75ccac33cfc0d993ce4b856e2d35832d376", + "rev": "59a5090f1ee668e3650c5aa8a7c9cbd8072c6ea1", "type": "github" }, "original": { @@ -660,11 +593,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1700559156, - "narHash": "sha256-gL4epO/qf+wo30JjC3g+b5Bs8UrpxzkhNBBsUYxpw2g=", + "lastModified": 1701020860, + "narHash": "sha256-NwnRn04C8s+hH+KdVtGmVB1FFNIG7DtPJmQSCBDaET4=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "c3abafb01cd7045dba522af29b625bd1e170c2fb", + "rev": "b006ec52fce23b1d57f6ab4a42d7400732e9a0a2", "type": "github" }, "original": { @@ -707,11 +640,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1700935647, - "narHash": "sha256-DHXYOrAT4xEpsmNR9ubn6DoF8IhP8CpJdjP2r3jL/GQ=", + "lastModified": 1701107688, + "narHash": "sha256-RP9gjAPfvbdEO9FVT7tgoPoxv/1wzsLaYiwvza2rfXg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bc99f0f4d6ac6efff20367e0c4b348f9e34b2b54", + "rev": "491af1f1cc28df11dfbff049da4134c37d58aee9", "type": "github" }, "original": { @@ -722,11 +655,11 @@ }, "nur": { "locked": { - "lastModified": 1700930741, - "narHash": "sha256-it/l+fZ43hA0tG8oyehuLZeVbmrrjwXxCwcMyqtIhNs=", + "lastModified": 1701107100, + "narHash": "sha256-8rSRheAjcEexKE1Hyf8To0AQeMTrvtBGP1iESX3PN4o=", "owner": "nix-community", "repo": "NUR", - "rev": "24bed8be0a3ffb70bf517ae06b35ebf5c8d2fd16", + "rev": "eab21a5514fd3dae3093b5c671b16ed7caabb402", "type": "github" }, "original": { @@ -740,7 +673,6 @@ "admin-fe": "admin-fe", "akkoma": "akkoma", "akkoma-fe": "akkoma-fe", - "chir-rs": "chir-rs", "colorpickle": "colorpickle", "devshell": "devshell", "dns": "dns", @@ -749,7 +681,6 @@ "flake-compat": "flake-compat", "flake-parts": "flake-parts", "flake-utils": "flake-utils", - "haskell-flake": "haskell-flake", "home-manager": "home-manager", "lib-aggregate": "lib-aggregate", "mozilla": "mozilla", @@ -761,8 +692,7 @@ "nixpkgs": "nixpkgs_2", "nur": "nur", "sops-nix": "sops-nix", - "systems": "systems", - "treefmt-nix": "treefmt-nix" + "systems": "systems" } }, "sops-nix": { @@ -775,11 +705,11 @@ ] }, "locked": { - "lastModified": 1700362823, - "narHash": "sha256-/H7XgvrYM0IbkpWkcdfkOH0XyBM5ewSWT1UtaLvOgKY=", + "lastModified": 1700967639, + "narHash": "sha256-uuUwD/O1QcVk+TWPZFwl4ioUkC8iACj0jEXSyE/wGPI=", "owner": "Mic92", "repo": "sops-nix", - "rev": "49a87c6c827ccd21c225531e30745a9a6464775c", + "rev": "4be58d802693d7def8622ff34d36714f8db40371", "type": "github" }, "original": { @@ -802,26 +732,6 @@ "repo": "default", "type": "github" } - }, - "treefmt-nix": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1699786194, - "narHash": "sha256-3h3EH1FXQkIeAuzaWB+nK0XK54uSD46pp+dMD3gAcB4=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "e82f32aa7f06bbbd56d7b12186d555223dc399d1", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index a034fac8..5ee79d24 100644 --- a/flake.nix +++ b/flake.nix @@ -22,15 +22,6 @@ rec { inputs.flake-parts.follows = "flake-parts"; inputs.nixpkgs.follows = "nixpkgs"; }; - chir-rs = { - url = "github:DarkKirb/chir.rs"; - inputs.flake-parts.follows = "flake-parts"; - inputs.haskell-flake.follows = "haskell-flake"; - inputs.nix-packages.follows = "nix-packages"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.systems.follows = "systems"; - inputs.treefmt-nix.follows = "treefmt-nix"; - }; colorpickle = { url = "github:AgathaSorceress/colorpickle"; inputs.naersk.follows = "naersk"; @@ -73,7 +64,6 @@ rec { url = "github:numtide/flake-utils"; inputs.systems.follows = "systems"; }; - haskell-flake.url = "github:srid/haskell-flake"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; @@ -112,10 +102,6 @@ rec { inputs.nixpkgs-stable.follows = "nixpkgs"; }; systems.url = "github:nix-systems/default"; - treefmt-nix = { - url = "github:numtide/treefmt-nix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; }; outputs = {