Nix configurations for my homelab
Prepare to retire b77.boo domain
+18
-42
-1
lily/config.nix
-1
lily/config.nix
···
31
31
../modules/services/caddy/pds.nix
32
32
../modules/services/caddy/soju.nix
33
33
../modules/services/caddy/tangled-knot.nix
34
-
../modules/services/caddy/websites/boo-b77.nix
35
34
../modules/services/caddy/websites/org-biotabit.nix
36
35
../modules/services/caddy/websites/org-butwho.nix
37
36
../modules/services/caddy/websites/pink-lilac.nix
+2
-2
modules/services/caddy/bsky-sieve.nix
+2
-2
modules/services/caddy/bsky-sieve.nix
···
3
3
# TODO: Instead of copying the client-metadata json here everytime, probably just include the repo as a flake so it
4
4
# gets updated as I update my repo
5
5
services.caddy.virtualHosts = {
6
-
"bsky-sieve-cli.b77.boo".extraConfig = ''
6
+
"bsky-sieve-cli.butwho.org".extraConfig = ''
7
7
encode
8
8
9
9
@redirect {
···
20
20
header /oauth-client-metadata.json Content-Type application/json
21
21
respond /oauth-client-metadata.json <<JSON
22
22
{
23
-
"client_id": "https://bsky-sieve-cli.b77.boo/oauth-client-metadata.json",
23
+
"client_id": "https://bsky-sieve-cli.butwho.org/oauth-client-metadata.json",
24
24
"application_type": "native",
25
25
"grant_types": [
26
26
"authorization_code",
-23
modules/services/caddy/websites/boo-b77.nix
-23
modules/services/caddy/websites/boo-b77.nix
···
1
-
{ ... }:
2
-
{
3
-
environment.persistence."/data/persistent".directories = [
4
-
{
5
-
directory = "/var/www/boo.b77";
6
-
user = "mou";
7
-
group = "caddy";
8
-
mode = "0750";
9
-
}
10
-
];
11
-
12
-
services.caddy.virtualHosts."b77.boo".extraConfig = ''
13
-
encode
14
-
root * /var/www/boo.b77
15
-
file_server {
16
-
hide .git license
17
-
}
18
-
19
-
handle_errors {
20
-
respond "{err.status_code} {err.status_text}"
21
-
}
22
-
'';
23
-
}
+6
-6
modules/services/nextcloud.nix
+6
-6
modules/services/nextcloud.nix
···
28
28
owner = "nextcloud";
29
29
group = "nextcloud";
30
30
};
31
-
"b77-smtp/user" = { };
32
-
"b77-smtp/pass" = { };
31
+
"mou-smtp/user" = { };
32
+
"mou-smtp/pass" = { };
33
33
};
34
34
templates.smtpConfig = {
35
35
owner = "nextcloud";
36
36
group = "nextcloud";
37
37
content = builtins.toJSON {
38
-
mail_domain = "lilac.pink";
39
-
mail_from_address = "nextcloud-noreply";
38
+
mail_domain = "mou.pink";
39
+
mail_from_address = "cloud-noreply";
40
40
mail_smtpauth = true;
41
41
mail_smtphost = "smtp.purelymail.com";
42
-
mail_smtpname = config.sops.placeholder."b77-smtp/user";
43
-
mail_smtppassword = config.sops.placeholder."b77-smtp/pass";
42
+
mail_smtpname = config.sops.placeholder."mou-smtp/user";
43
+
mail_smtppassword = config.sops.placeholder."mou-smtp/pass";
44
44
mail_smtpport = 465;
45
45
mail_smtpsecure = "ssl";
46
46
};
+4
-4
modules/services/pds.nix
+4
-4
modules/services/pds.nix
···
14
14
"pds/adminPass" = { };
15
15
"pds/jwtSecret" = { };
16
16
"pds/plcRotationKeyK256PrivateKeyHex" = { };
17
-
"b77-smtp/user" = { };
18
-
"b77-smtp/pass" = { };
17
+
"butwho-smtp/user" = { };
18
+
"butwho-smtp/pass" = { };
19
19
};
20
20
templates.pds-env.content =
21
21
let
22
22
jwtSecret = config.sops.placeholder."pds/jwtSecret";
23
23
adminPass = config.sops.placeholder."pds/adminPass";
24
24
plcRotKey = config.sops.placeholder."pds/plcRotationKeyK256PrivateKeyHex";
25
-
smtpUser = config.sops.placeholder."b77-smtp/user";
26
-
smtpPass = config.sops.placeholder."b77-smtp/pass";
25
+
smtpUser = config.sops.placeholder."butwho-smtp/user";
26
+
smtpPass = config.sops.placeholder."butwho-smtp/pass";
27
27
in
28
28
''
29
29
PDS_JWT_SECRET=${jwtSecret}
+6
-6
secrets/lily.yaml
+6
-6
secrets/lily.yaml
···
4
4
mou: ENC[AES256_GCM,data:nCr/pLkF1/G9RluVJM3uADQzndQ9zkHkKXgX7Wrmtt4NkUMmrm7fuETka3AoQMgiU3PKK4R3SArFMdCs5R037RgY81BLOQkgyA==,iv:DLeJzinK6A8PzD3Wrmk+1yV+szOxWlHh9DBHIEKR+aA=,tag:ouhe5vY3rOCTPYPj2plWaQ==,type:str]
5
5
nextcloud:
6
6
adminPass: ENC[AES256_GCM,data:EtMNU5NIVCt2qT6v/co6j/0pBxYJODGOWoVsaHXgysioHCZQcb0O5gVIp4+1Oi5FWb4GSAGei+UZGbdd5kZC9Q==,iv:kjO6U8lWfQEasV/uZgdkBYIH0u/24XuuC+ZcPXTDXH4=,tag:zLBTg4sdWAyLNSvMNg3wPQ==,type:str]
7
-
b77-smtp:
8
-
user: ENC[AES256_GCM,data:iYFjUVEMsI5k,iv:nx/4BxgSuXIuZNQvKY5Wr/e0H6THVwevX1BUX9T2lzI=,tag:Ngu5JIX6ti7Q4oS01LlprA==,type:str]
9
-
pass: ENC[AES256_GCM,data:f99WjuFsZWFrA3YeDQ+QEWDLlro=,iv:Iw+SC+Ni2iPtHmFOS88BTEOLoFag+XqcuATjL0pWeXY=,tag:yS/PlM55quEThZ61NtIXbg==,type:str]
7
+
butwho-smtp:
8
+
user: ENC[AES256_GCM,data:PYOVCDeed/MxEwli9KtItiSwKg==,iv:6X3Wr8Tpf8Biv9o0xVt1ipS9QaA06KTJ1uG5UEQsKQ8=,tag:sJjabkvR/eYqhOoL+1ntTQ==,type:str]
9
+
pass: ENC[AES256_GCM,data:fZrJIWOfScss++3ZF4WhQzk/w+c=,iv:0qfAnoeojmsnZ5ODUHcwBuo3Bj3VkBSwSZhTRIVS9/E=,tag:exkMR8Ho21/wHQdhe8QfIw==,type:str]
10
10
pds:
11
11
adminPass: ENC[AES256_GCM,data:zQ/3bvzI27B7kcZ/rnaG8C/b3Pk/Cp0m+cDC5qN5Rqo=,iv:5A1WuK26asHKYoNUhfsAMVZtBA+bRFCl+zxw2phH2Rs=,tag:kS6A/N9K+2yYc7VkOqCbug==,type:str]
12
12
jwtSecret: ENC[AES256_GCM,data:Ueday7XtlsxHC+/Nbx5T+FWwXABvV8Z+M+6PEGpypQU=,iv:+7o5cjW+3Xi+LhiBLdijEHwXiEZ4UnYW9qmOejQzCsM=,tag:7Fic+08fBOam8+gakM6iEg==,type:str]
···
28
28
cHlWQjF3ZkU5NUs0Y1hodUlabkxpdzAK91EV34EhJMrxxdVrRCwZlGKuRs7AU7v3
29
29
dU8XRhjAzJs2Vu5UnCVOGB5Zl6w7FkXICYY0IP2dA0b477dI5rXNBg==
30
30
-----END AGE ENCRYPTED FILE-----
31
-
lastmodified: "2026-02-09T07:55:58Z"
32
-
mac: ENC[AES256_GCM,data:mDzkDqE0h7Smd/gtR9AFhCe9bkDns44GNQbe7jmK/KhS0/ohxLpMzenelg3E6bqH80+LAWfZ2grSWDPBc3THJ2rF48Me4IjQe0Eki8aGWkjjFVY5UaRYndWFQ0+TA1bDGhbYGD3v+747/zHe6PIYee4YeKqdQgpKpnUkMb2xyFI=,iv:N/81DI//hrdEdZ14fk53LcXHyioGvWCgIB56N2isFCo=,tag:AetEIorNQpXS9d1W7J+4zw==,type:str]
31
+
lastmodified: "2026-05-01T21:52:53Z"
32
+
mac: ENC[AES256_GCM,data:amL1DOUlhvNkSQdInc9m4Cjej4xtlAZ+jVvWYMfWD7Ed7JdDhpoexMJ7XSgsUWcFU0Nolvk0cqr0ffGZw7mq5R4GOD30joEP0Al/S3RLeVRwVnVHMbKZU2HPl5ZVhw3ksU297JxyLP9qGIYw16VqF1j3tyxAqDZYQ/gmhdAMjeg=,iv:BUFlgkAwxqFepdvu8wZtT6kusiw6V2qXo3ZGctVw9wk=,tag:bgZKN2/ib3oFfyaiOeFoww==,type:str]
33
33
unencrypted_suffix: _unencrypted
34
-
version: 3.11.0
34
+
version: 3.12.2