pluie.me / flake
All my system configs and packages in one repo
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

focaccia: share album links

Leah Amelia Chen 469bae7d 9815e2b2

+20 -6
+4
systems/focaccia/configuration.nix
··· 43 43 "wheel" # 1984 powers 44 44 ]; 45 45 home = "/home/leah"; 46 + 47 + openssh.authorizedKeys.keys = [ 48 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINcpWY17MNJBx56APRSvLOfUjHllXn9gY/cV51JaLoh6" 49 + ]; 46 50 }; 47 51 48 52 services.openssh = {
+4 -3
systems/focaccia/secrets/global.yaml
··· 1 1 hysteria: ENC[AES256_GCM,data:W3s2hkKW+E91K44rKE3NNmok1LY=,iv:Ndr0HTC6XdxiXw/Lpd9hhhlpIpbISYv5k9btRJJi3ok=,tag:7sy5nmhShX0Ev3PznNe49A==,type:str] 2 + cf-dns-api-token: ENC[AES256_GCM,data:Ub6w7Y0z+sf0oY0WNfQwoopVxopH7ehGgMtw1tI1SkgoOeWTMlgRWA==,iv:aB/2X0QGU+tCOkgDSqUvWZUXeL9GavtVGan6MO+FRTk=,tag:JFVAZy84oVKTNWUcmY6Q+w==,type:str] 2 3 sops: 3 4 age: 4 5 - recipient: age1lh4sn2s9gxj2s3naqdl4wpmz3uhpd3p8l0jfy6k5hu6cu34uyygsdwadd5 ··· 19 20 WXN3LzdwZ2tXeEE0bUg1eXVkZk02ODAKOn6FoE48qmR+C1ALGzIjWMMWKOEh9WEW 20 21 iJ6Rdd7spZB1hRW/QJQ1+7K8hmPWDcxgZov+Nt7UoSz/p3G7DZjfjw== 21 22 -----END AGE ENCRYPTED FILE----- 22 - lastmodified: "2026-01-16T22:27:23Z" 23 - mac: ENC[AES256_GCM,data:e1WezcXk68avrvH6n3QJUPE90Ge6W6h9BFTyXfdad8WCwzNU3RLZ1x/3nSE6chDU4uhDrs1YgyBV9yNpI+nLxLSEy1wBsxrScbLPsndn/SuAZzSdWAXGcw2Qj2pL9EGpBpXQWY3G+L6sGu2T7gySVGciqfXQT/bjOgokP1z9lsE=,iv:4EuiJoRPNebRtetzAoLbEYQGdwPrRi+ncS7ePTvuFII=,tag:LJNXOXc1whLnPXI4wJnJBQ==,type:str] 23 + lastmodified: "2026-03-19T18:33:08Z" 24 + mac: ENC[AES256_GCM,data:cDCtSaJT2hEBKxXKF3iKw/i6bTYGForq/vGOa8mU6uqyTc2ToY3cAjU3JMAj4h9B9N9sYw0ppx55llopsuj0kBL+hHfLHKJkMXzDj8xux1FXtG2Cc1sscecsjUl/XR7pzPCMTrEY9gL1SItqvqzFBySHQHrU+2LBC/1/LN4GAKw=,iv:BlCd1oCVq7hXm82yazJc3HMH+rNLZvRc7SRk6M2ZpZE=,tag:bHPYHLyd9kD/YcS1TeK9Bg==,type:str] 24 25 unencrypted_suffix: _unencrypted 25 - version: 3.11.0 26 + version: 3.12.1
+3 -2
systems/focaccia/services/ente.nix
··· 27 27 albums = photos; 28 28 accounts = webPackage "accounts"; 29 29 cast = webPackage "cast"; 30 + embed = webPackage "embed"; 30 31 }; 31 32 subdomains = lib.mapAttrs (n: _: domainFor n) apps; 32 33 in ··· 64 65 domain = domainFor "api"; 65 66 settings = { 66 67 credentials-file = config.sops.secrets.ente.path; 68 + apps.embed-albums = "https://${subdomains.embed}"; 69 + 67 70 s3 = { 68 71 are_local_buckets = false; 69 72 b2-eu-cen = { ··· 80 83 # trying to enable nginx despite me explicitly disabling it. 81 84 # PR a fix to upstream soon. 82 85 services.nginx.enable = lib.mkForce false; 83 - 84 - services.postgresql.authentication = "local all all trust"; 85 86 86 87 services.caddy.virtualHosts = 87 88 (lib.mapAttrs' (name: app: {
+9 -1
systems/focaccia/services/hysteria.nix
··· 3 3 ... 4 4 }: 5 5 { 6 - sops.secrets.hysteria = { }; 6 + sops.secrets = { 7 + hysteria = { }; 8 + cf-dns-api-token = { }; 9 + }; 7 10 8 11 networking.firewall.allowedUDPPorts = [ 53 ]; 9 12 services.hysteria = { ··· 13 16 acme = { 14 17 domains = [ "focaccia.pluie.me" ]; 15 18 email = "srv@acc.pluie.me"; 19 + type = "dns"; 20 + dns = { 21 + name = "cloudflare"; 22 + config.cloudflare_api_token._secret = config.sops.secrets.cf-dns-api-token.path; 23 + }; 16 24 }; 17 25 auth = { 18 26 type = "password";