add: matrix

jz8132543 · Sep 21, 2024 · f6f4e33 · f6f4e33
1 parent 9eb28df
commit f6f4e33
Show file tree

Hide file tree

Showing 12 changed files with 177 additions and 42 deletions.
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
@@ -56,8 +56,6 @@ jobs:
         id: plan
         run: |
           mkdir logs
-          tree -L 3 .
-          pwd
           set +e
           nix develop ./flakes --command terraform-wrapper plan -out="$PWD/terraform.plan" -detailed-exitcode \
              > >(sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | tee logs/terraform-plan.stdout.log) \
@@ -195,6 +193,7 @@ jobs:
             if [ -z "$(git status --porcelain)" ]; then
               echo "repository is clean, skip commit and push"
             else
+              git pull
               git config --global user.email "[email protected]"
               git config --global user.name "jz832543"
               git add --all

diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -161,6 +161,12 @@
       inputs.nixpkgs.follows = "nixpkgs";
       inputs.fenix.follows = "fenix";
     };
+    pastebin = {
+      url = "github:linyinfeng/pastebin";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.flake-parts.follows = "flake-parts";
+      inputs.treefmt-nix.follows = "treefmt-nix";
+    };
     # Themes
     grub2-themes = {
       url = "github:vinceliuice/grub2-themes";

diff --git a/home-manager/modules/base/editorconfig.nix b/home-manager/modules/base/editorconfig.nix
@@ -6,16 +6,16 @@
       "*" = {
         charset = "utf-8";
         end_of_line = "lf";
-        indent_size = 2;
+        # indent_size = 2;
         indent_style = "space";
         insert_final_newline = true;
         max_line_length = "off";
         trim_trailing_whitespace = true;
       };
-      "*.js".indent_size = 2;
-      "*.json".indent_size = 2;
-      "*.md".indent_size = 2;
-      "*.nix".indent_size = 2;
+      # "*.js".indent_size = 2;
+      # "*.json".indent_size = 2;
+      # "*.md".indent_size = 2;
+      # "*.nix".indent_size = 2;
     };
   };
 }
diff --git a/nixos/hosts/fra1/default.nix b/nixos/hosts/fra1/default.nix
@@ -13,7 +13,8 @@
       nixosModules.services.doraim
       nixosModules.services.ntfy
       nixosModules.services.sogo
-      nixosModules.services.matrix
+      nixosModules.services.pastebin
+      (import nixosModules.services.matrix { })
       (import nixosModules.services.keycloak { })
       (import nixosModules.services.vaultwarden { })
       (import nixosModules.services.alist { })

diff --git a/nixos/hosts/isk/_steam/dst/Caves/worldgenoverride.lua b/nixos/hosts/isk/_steam/dst/Caves/worldgenoverride.lua
@@ -1,6 +1,6 @@
 return {
-	override_enabled = true,
-	worldgen_preset = "DST_CAVE",
-	settings_preset = "DST_CAVE",
-	overrides = {},
+  override_enabled = true,
+  worldgen_preset = "DST_CAVE",
+  settings_preset = "DST_CAVE",
+  overrides = {},
 }
diff --git a/nixos/hosts/isk/_steam/dst/Master/worldgenoverride.lua b/nixos/hosts/isk/_steam/dst/Master/worldgenoverride.lua
@@ -1,4 +1,4 @@
 return {
-	override_enabled = true,
-	overrides = {},
+  override_enabled = true,
+  overrides = {},
 }
diff --git a/nixos/hosts/isk/_steam/dst/modoverrides.lua b/nixos/hosts/isk/_steam/dst/modoverrides.lua
@@ -1,20 +1,20 @@
 return {
-	--# Health Info
-	["workshop-375859599"] = { enabled = true },
-	--# Show Me
-	["workshop-2287303119"] = { enabled = true },
-	--# No Thermal Stone Durability
-	["workshop-466732225"] = { enabled = true },
-	--# Extra Equip Slots
-	["workshop-375850593"] = { enabled = true },
-	--# Display Attack Range
-	["workshop-2078243581"] = { enabled = true },
-	--# Increased Stack size
-	["workshop-374550642"] = { enabled = true },
-	--# Combined Status
-	["workshop-376333686"] = { enabled = true },
-	--# Global Positions
-	["workshop-378160973"] = { enabled = true },
-	--# Demon sword Muramasa
-	["workshop-1842087172"] = { enabled = true },
+  --# Health Info
+  ["workshop-375859599"] = { enabled = true },
+  --# Show Me
+  ["workshop-2287303119"] = { enabled = true },
+  --# No Thermal Stone Durability
+  ["workshop-466732225"] = { enabled = true },
+  --# Extra Equip Slots
+  ["workshop-375850593"] = { enabled = true },
+  --# Display Attack Range
+  ["workshop-2078243581"] = { enabled = true },
+  --# Increased Stack size
+  ["workshop-374550642"] = { enabled = true },
+  --# Combined Status
+  ["workshop-376333686"] = { enabled = true },
+  --# Global Positions
+  ["workshop-378160973"] = { enabled = true },
+  --# Demon sword Muramasa
+  ["workshop-1842087172"] = { enabled = true },
 }
diff --git a/nixos/modules/base/nixpkgs.nix b/nixos/modules/base/nixpkgs.nix
@@ -7,6 +7,7 @@
 let
   packages = [
     inputs.sops-nix.overlays.default
+    inputs.pastebin.overlays.default
     # inputs.neovim-nightly-overlay.overlay
     # inputs.nixd.overlays.default
     # inputs.nvfetcher.overlays.default

diff --git a/nixos/modules/services/pastebin.nix b/nixos/modules/services/pastebin.nix
@@ -0,0 +1,54 @@
+{
+  config,
+  pkgs,
+  ...
+}:
+{
+  # services.nginx.virtualHosts."pb.*" = {
+  #   forceSSL = true;
+  #   inherit (config.security.acme.tfCerts."li7g_com".nginxSettings) sslCertificate sslCertificateKey;
+  #   locations."/" = {
+  #     proxyPass = "http://127.0.0.1:${toString config.ports.pastebin}";
+  #     extraConfig = ''
+  #       add_header Cache-Control "public, no-cache";
+  #     '';
+  #   };
+  #   extraConfig = ''
+  #     client_max_body_size 25M;
+  #   '';
+  # };
+  systemd.services.pastebin = {
+    script = ''
+      # export AWS_ACCESS_KEY_ID=$(cat "$CREDENTIALS_DIRECTORY/key-id")
+      # export AWS_SECRET_ACCESS_KEY=$(cat "$CREDENTIALS_DIRECTORY/access-key")
+      ${pkgs.pastebin}/bin/pastebin \
+        # --endpoint-host minio.li7g.com \
+        # --bucket pastebin \
+        --addressing-style path \
+        --port "${toString config.ports.pastebin}"
+    '';
+    serviceConfig = {
+      DynamicUser = true;
+      # LoadCredential = [
+      #   "key-id:${config.sops.secrets."minio_pastebin_key_id".path}"
+      #   "access-key:${config.sops.secrets."minio_pastebin_access_key".path}"
+      # ];
+    };
+    wantedBy = [ "multi-user.target" ];
+  };
+  services.traefik.dynamicConfigOptions.http = {
+    routers = {
+      atuin = {
+        rule = "Host(`pb.${config.networking.domain}`)";
+        entryPoints = [ "https" ];
+        service = "pastebin";
+      };
+    };
+    services = {
+      pastebin.loadBalancer = {
+        passHostHeader = true;
+        servers = [ { url = "http://localhost:${toString config.ports.pastebin}"; } ];
+      };
+    };
+  };
+}
diff --git a/terraform/b2.tf b/terraform/b2.tf
@@ -121,3 +121,58 @@ output "b2_mastodon_media_access_key" {
   value     = b2_application_key.mastodon_media.application_key
   sensitive = true
 }
+
+# pastebin
+resource "b2_bucket" "pastebin_media" {
+  bucket_name = "doraim-pastebin-media"
+  bucket_type = "allPublic"
+
+  # keep only the last version of the file
+  lifecycle_rules {
+    file_name_prefix              = ""
+    days_from_uploading_to_hiding = null
+    days_from_hiding_to_deleting  = 1
+  }
+
+  cors_rules {
+    cors_rule_name = "allow-media-on-dora-im"
+    allowed_operations = [
+      "s3_head",
+      "b2_download_file_by_id",
+      "b2_download_file_by_name",
+      "s3_get"
+    ]
+    allowed_origins = [
+      "https://*.dora.im"
+    ]
+    max_age_seconds = 86400
+  }
+}
+resource "b2_application_key" "pastebin_media" {
+  key_name  = "pastebin-media"
+  bucket_id = b2_bucket.pastebin_media.id
+  capabilities = [
+    "deleteFiles",
+    "listAllBucketNames",
+    "listBuckets",
+    "listFiles",
+    "readBucketEncryption",
+    "readBuckets",
+    "readFiles",
+    "shareFiles",
+    "writeBucketEncryption",
+    "writeFiles"
+  ]
+}
+output "b2_pastebin_media_bucket_name" {
+  value     = b2_bucket.pastebin_media.bucket_name
+  sensitive = false
+}
+output "b2_pastebin_media_key_id" {
+  value     = b2_application_key.pastebin_media.application_key_id
+  sensitive = false
+}
+output "b2_pastebin_media_access_key" {
+  value     = b2_application_key.pastebin_media.application_key
+  sensitive = true
+}
diff --git a/terraform/cloudflare.tf b/terraform/cloudflare.tf
@@ -81,6 +81,7 @@ locals {
     atuin     = { on = "fra1", proxy = false }
     ntfy      = { on = "fra1", proxy = false }
     mail      = { on = "fra1", proxy = false }
+    pb        = { on = "fra1", proxy = false }
     m         = { on = "fra1", proxy = false }
     "admin.m" = { on = "fra1", proxy = false }
     searx     = { on = "hkg4", proxy = false }
@@ -109,7 +110,7 @@ resource "cloudflare_record" "dora" {
   proxied = false
   ttl     = 1
   type    = "CNAME"
-  content = "dfw0.dora.im"
+  content = "hkg4.dora.im"
   zone_id = cloudflare_zone.im_dora.id
 }
 
@@ -189,15 +190,6 @@ resource "cloudflare_record" "dora_mx_fra1" {
 
 # Machines
 
-resource "cloudflare_record" "dora_matrix" {
-  name    = "m"
-  proxied = false
-  ttl     = 1
-  type    = "A"
-  content = "100.64.0.2"
-  zone_id = cloudflare_zone.im_dora.id
-}
-
 resource "cloudflare_record" "dora_tippy" {
   name    = "tippy"
   proxied = false