Contributing to Spectrum
Want to contribute to Spectrum? We'd love to have you. Have a look at the online documentation.
{ config, pkgs, lib, ... }: { imports = [ ../modules/server ../modules/server/dns ../modules/server/irc ../modules/server/cgit ../modules/server/ftp ../modules/server/nginx ../modules/server/tor ../modules/server/xmpp ../modules/server/spectrum ../modules/users ]; boot.initrd.availableKernelModules = [ "xen_blkfront" ]; fileSystems = { "/" = { device = "rpool/root"; fsType = "zfs"; neededForBoot = true; }; "/boot" = { device = "/dev/disk/by-partlabel/boot"; fsType = "ext4"; }; "/nix" = { device = "rpool/nix"; fsType = "zfs"; neededForBoot = true; }; "/var" = { device = "rpool/var"; fsType = "zfs"; }; "/home/qyliss" = { device = "rpool/home/qyliss"; fsType = "zfs"; }; "/root" = { device = "rpool/home/root"; fsType = "zfs"; }; }; systemd.enableEmergencyMode = false; boot.zfs.devNodes = "/dev"; swapDevices = [ { device = "/dev/disk/by-uuid/49f18b74-5f6e-4e61-b569-f7cc9dc5c600"; } ]; nix.maxJobs = 2; boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "nodev"; boot.loader.grub.configurationLimit = 2; boot.supportedFilesystems = [ "zfs" ]; networking.hostName = "atuin"; networking.hostId = "238d1961"; networking.domain = "qyliss.net"; networking.interfaces.eth0 = { ipv4.addresses = [ { address = "85.119.82.108"; prefixLength = 21; } ]; ipv6.addresses = [ { address = "2001:ba8:1f1:f0bc::2"; prefixLength = 64; } ]; }; networking.defaultGateway = "85.119.80.1"; networking.defaultGateway6 = { address = "2001:ba8:1f1:f0bc::1"; }; networking.dhcpcd.enable = false; networking.firewall.allowedTCPPorts = [ 80 443 6697 ]; networking.firewall.extraCommands = '' iptables -t nat -A POSTROUTING -s10.100.0.0/24 -j MASQUERADE ''; boot.kernelPackages = pkgs.linuxPackages; boot.kernelParams = [ "zfs.zfs_arc_max=356515840" ]; networking.nat.enable = true; networking.nat.externalInterface = "eth0"; networking.nat.internalInterfaces = [ "wg0" ]; networking.firewall.allowedUDPPorts = with config; [ networking.wireguard.interfaces.wg0.listenPort ]; networking.wireguard.interfaces = { wg0 = { ips = [ "10.172.171.1" ]; listenPort = 51820; privateKeyFile = "/var/lib/wireguard/wg0/private"; peers = [ { publicKey = "oQZ3fcb9LsnQj8sDYLHf1+hodnW4XEhsM0rNBgHROz8="; allowedIPs = [ "10.172.171.2/32" ]; } { publicKey = "lu4ZxYq7qpkmIt8z0Q/wb5Y0Wc3fa0ui9wOWn/+xYxI="; allowedIPs = [ "10.172.171.3/32" ]; } { publicKey = "ugHG/NOqM/9hde9EmWpu7XsCpjT3WQbjLK99IGHtdjQ="; allowedIPs = [ "10.13.12.0/24" ]; endpoint = "95.216.98.55:51820"; } ]; }; }; security.acme.acceptTerms = true; security.acme.email = "hi@alyssa.is"; security.acme.certs = with lib; let coalesce = maybe: default: if maybe == null then default else maybe; toAttrs = val: if isList val then genAttrs val (_: null) else val; vhostDomains = mapAttrsToList (name: { serverName, ... }: coalesce serverName name) config.services.nginx.virtualHosts; domains = { "qyliss.net" = {}; "spectrum-os.org" = { extraDomains = [ "spectrumos.org" ]; }; }; in mapAttrs ( domain: { postRun ? "systemctl reload nginx.service" , webroot ? "/var/lib/acme/acme-challenge" , group ? "tls" , allowKeysForGroup ? true , extraDomains ? {} , ... } @ value: let extraDomainsFromVhosts = toAttrs (filter (hasSuffix ".${domain}") vhostDomains); in value // { inherit postRun webroot group allowKeysForGroup; extraDomains = extraDomainsFromVhosts // (toAttrs extraDomains); } ) domains; users.groups.tls.members = [ "nginx" ]; users.users.qyliss.home = "/home/qyliss"; services.cgit.instances.qyliss = { vhost = "git.qyliss.net"; config = pkgs.writeText "cgit.conf" '' clone-prefix=https://git.qyliss.net css=/cgit.css enable-blame=1 enable-commit-graph=1 enable-follow-links=1 enable-git-config=1 enable-index-owner=0 enable-log-filecount=1 enable-log-linecount=1 remove-suffix=1 root-desc=Alyssa Ross's personal Git repositories root-title=git.qyliss.net snapshots=all about-filter=${pkgs.cgit}/lib/cgit/filters/about-formatting.sh source-filter=${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py virtual-root=/ scan-path=/home/qyliss/git ''; }; services.cgit.instances.spectrum = { vhost = "spectrum-os.org"; path = "/git"; config = let cgitFooter = pkgs.writeText "cgit-footer.html" ''
''; spectrumReadme = pkgs.writeText "about.html" ''Want to contribute to Spectrum? We'd love to have you. Have a look at the online documentation.