diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
index 50435330..a8c9bc66 100644
--- a/.github/workflows/terraform.yml
+++ b/.github/workflows/terraform.yml
@@ -56,8 +56,6 @@ jobs:
id: plan
run: |
mkdir logs
- tree -L 3 .
- pwd
set +e
nix develop ./flakes --command terraform-wrapper plan -out="$PWD/terraform.plan" -detailed-exitcode \
> >(sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | tee logs/terraform-plan.stdout.log) \
@@ -195,6 +193,7 @@ jobs:
if [ -z "$(git status --porcelain)" ]; then
echo "repository is clean, skip commit and push"
else
+ git pull
git config --global user.email "i@dora.im"
git config --global user.name "jz832543"
git add --all
diff --git a/flake.lock b/flake.lock
index 6823bcad..e12b4b84 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1590,6 +1590,32 @@
"type": "github"
}
},
+ "pastebin": {
+ "inputs": {
+ "flake-parts": [
+ "flake-parts"
+ ],
+ "nixpkgs": [
+ "nixpkgs"
+ ],
+ "treefmt-nix": [
+ "treefmt-nix"
+ ]
+ },
+ "locked": {
+ "lastModified": 1726849009,
+ "narHash": "sha256-a/mIijgBqUjVzcaFXyTRJHOnvCSpNx9E0gC0x3+l8qQ=",
+ "owner": "linyinfeng",
+ "repo": "pastebin",
+ "rev": "9e1c8014b9d97581ace4401e26a0111bb835b93b",
+ "type": "github"
+ },
+ "original": {
+ "owner": "linyinfeng",
+ "repo": "pastebin",
+ "type": "github"
+ }
+ },
"poetry2nix": {
"inputs": {
"flake-utils": "flake-utils",
@@ -1714,6 +1740,7 @@
"nixpkgs-terraform-providers-bin": "nixpkgs-terraform-providers-bin",
"nur": "nur",
"nvfetcher": "nvfetcher",
+ "pastebin": "pastebin",
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"sops-nix": "sops-nix",
"systems": "systems_3",
diff --git a/flake.nix b/flake.nix
index 39e22a9b..d390e61f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -161,6 +161,12 @@
inputs.nixpkgs.follows = "nixpkgs";
inputs.fenix.follows = "fenix";
};
+ pastebin = {
+ url = "github:linyinfeng/pastebin";
+ inputs.nixpkgs.follows = "nixpkgs";
+ inputs.flake-parts.follows = "flake-parts";
+ inputs.treefmt-nix.follows = "treefmt-nix";
+ };
# Themes
grub2-themes = {
url = "github:vinceliuice/grub2-themes";
diff --git a/home-manager/modules/base/editorconfig.nix b/home-manager/modules/base/editorconfig.nix
index de4c852d..6c4b9338 100644
--- a/home-manager/modules/base/editorconfig.nix
+++ b/home-manager/modules/base/editorconfig.nix
@@ -6,16 +6,16 @@
"*" = {
charset = "utf-8";
end_of_line = "lf";
- indent_size = 2;
+ # indent_size = 2;
indent_style = "space";
insert_final_newline = true;
max_line_length = "off";
trim_trailing_whitespace = true;
};
- "*.js".indent_size = 2;
- "*.json".indent_size = 2;
- "*.md".indent_size = 2;
- "*.nix".indent_size = 2;
+ # "*.js".indent_size = 2;
+ # "*.json".indent_size = 2;
+ # "*.md".indent_size = 2;
+ # "*.nix".indent_size = 2;
};
};
}
diff --git a/nixos/hosts/fra1/default.nix b/nixos/hosts/fra1/default.nix
index 578fbf5b..68cbb6c9 100644
--- a/nixos/hosts/fra1/default.nix
+++ b/nixos/hosts/fra1/default.nix
@@ -13,7 +13,8 @@
nixosModules.services.doraim
nixosModules.services.ntfy
nixosModules.services.sogo
- nixosModules.services.matrix
+ nixosModules.services.pastebin
+ (import nixosModules.services.matrix { })
(import nixosModules.services.keycloak { })
(import nixosModules.services.vaultwarden { })
(import nixosModules.services.alist { })
diff --git a/nixos/hosts/isk/_steam/dst/Caves/worldgenoverride.lua b/nixos/hosts/isk/_steam/dst/Caves/worldgenoverride.lua
index 0020699d..66a3376d 100644
--- a/nixos/hosts/isk/_steam/dst/Caves/worldgenoverride.lua
+++ b/nixos/hosts/isk/_steam/dst/Caves/worldgenoverride.lua
@@ -1,6 +1,6 @@
return {
- override_enabled = true,
- worldgen_preset = "DST_CAVE",
- settings_preset = "DST_CAVE",
- overrides = {},
+ override_enabled = true,
+ worldgen_preset = "DST_CAVE",
+ settings_preset = "DST_CAVE",
+ overrides = {},
}
diff --git a/nixos/hosts/isk/_steam/dst/Master/worldgenoverride.lua b/nixos/hosts/isk/_steam/dst/Master/worldgenoverride.lua
index e4ef3b00..7ece50bd 100644
--- a/nixos/hosts/isk/_steam/dst/Master/worldgenoverride.lua
+++ b/nixos/hosts/isk/_steam/dst/Master/worldgenoverride.lua
@@ -1,4 +1,4 @@
return {
- override_enabled = true,
- overrides = {},
+ override_enabled = true,
+ overrides = {},
}
diff --git a/nixos/hosts/isk/_steam/dst/modoverrides.lua b/nixos/hosts/isk/_steam/dst/modoverrides.lua
index 718e1185..33b22a5b 100644
--- a/nixos/hosts/isk/_steam/dst/modoverrides.lua
+++ b/nixos/hosts/isk/_steam/dst/modoverrides.lua
@@ -1,20 +1,20 @@
return {
- --# Health Info
- ["workshop-375859599"] = { enabled = true },
- --# Show Me
- ["workshop-2287303119"] = { enabled = true },
- --# No Thermal Stone Durability
- ["workshop-466732225"] = { enabled = true },
- --# Extra Equip Slots
- ["workshop-375850593"] = { enabled = true },
- --# Display Attack Range
- ["workshop-2078243581"] = { enabled = true },
- --# Increased Stack size
- ["workshop-374550642"] = { enabled = true },
- --# Combined Status
- ["workshop-376333686"] = { enabled = true },
- --# Global Positions
- ["workshop-378160973"] = { enabled = true },
- --# Demon sword Muramasa
- ["workshop-1842087172"] = { enabled = true },
+ --# Health Info
+ ["workshop-375859599"] = { enabled = true },
+ --# Show Me
+ ["workshop-2287303119"] = { enabled = true },
+ --# No Thermal Stone Durability
+ ["workshop-466732225"] = { enabled = true },
+ --# Extra Equip Slots
+ ["workshop-375850593"] = { enabled = true },
+ --# Display Attack Range
+ ["workshop-2078243581"] = { enabled = true },
+ --# Increased Stack size
+ ["workshop-374550642"] = { enabled = true },
+ --# Combined Status
+ ["workshop-376333686"] = { enabled = true },
+ --# Global Positions
+ ["workshop-378160973"] = { enabled = true },
+ --# Demon sword Muramasa
+ ["workshop-1842087172"] = { enabled = true },
}
diff --git a/nixos/modules/base/nixpkgs.nix b/nixos/modules/base/nixpkgs.nix
index 0c639d32..ed322b8e 100644
--- a/nixos/modules/base/nixpkgs.nix
+++ b/nixos/modules/base/nixpkgs.nix
@@ -7,6 +7,7 @@
let
packages = [
inputs.sops-nix.overlays.default
+ inputs.pastebin.overlays.default
# inputs.neovim-nightly-overlay.overlay
# inputs.nixd.overlays.default
# inputs.nvfetcher.overlays.default
diff --git a/nixos/modules/services/pastebin.nix b/nixos/modules/services/pastebin.nix
new file mode 100644
index 00000000..43d0c9d5
--- /dev/null
+++ b/nixos/modules/services/pastebin.nix
@@ -0,0 +1,54 @@
+{
+ config,
+ pkgs,
+ ...
+}:
+{
+ # services.nginx.virtualHosts."pb.*" = {
+ # forceSSL = true;
+ # inherit (config.security.acme.tfCerts."li7g_com".nginxSettings) sslCertificate sslCertificateKey;
+ # locations."/" = {
+ # proxyPass = "http://127.0.0.1:${toString config.ports.pastebin}";
+ # extraConfig = ''
+ # add_header Cache-Control "public, no-cache";
+ # '';
+ # };
+ # extraConfig = ''
+ # client_max_body_size 25M;
+ # '';
+ # };
+ systemd.services.pastebin = {
+ script = ''
+ # export AWS_ACCESS_KEY_ID=$(cat "$CREDENTIALS_DIRECTORY/key-id")
+ # export AWS_SECRET_ACCESS_KEY=$(cat "$CREDENTIALS_DIRECTORY/access-key")
+ ${pkgs.pastebin}/bin/pastebin \
+ # --endpoint-host minio.li7g.com \
+ # --bucket pastebin \
+ --addressing-style path \
+ --port "${toString config.ports.pastebin}"
+ '';
+ serviceConfig = {
+ DynamicUser = true;
+ # LoadCredential = [
+ # "key-id:${config.sops.secrets."minio_pastebin_key_id".path}"
+ # "access-key:${config.sops.secrets."minio_pastebin_access_key".path}"
+ # ];
+ };
+ wantedBy = [ "multi-user.target" ];
+ };
+ services.traefik.dynamicConfigOptions.http = {
+ routers = {
+ atuin = {
+ rule = "Host(`pb.${config.networking.domain}`)";
+ entryPoints = [ "https" ];
+ service = "pastebin";
+ };
+ };
+ services = {
+ pastebin.loadBalancer = {
+ passHostHeader = true;
+ servers = [ { url = "http://localhost:${toString config.ports.pastebin}"; } ];
+ };
+ };
+ };
+}
diff --git a/terraform/b2.tf b/terraform/b2.tf
index 7500b29d..a3d07283 100644
--- a/terraform/b2.tf
+++ b/terraform/b2.tf
@@ -121,3 +121,58 @@ output "b2_mastodon_media_access_key" {
value = b2_application_key.mastodon_media.application_key
sensitive = true
}
+
+# pastebin
+resource "b2_bucket" "pastebin_media" {
+ bucket_name = "doraim-pastebin-media"
+ bucket_type = "allPublic"
+
+ # keep only the last version of the file
+ lifecycle_rules {
+ file_name_prefix = ""
+ days_from_uploading_to_hiding = null
+ days_from_hiding_to_deleting = 1
+ }
+
+ cors_rules {
+ cors_rule_name = "allow-media-on-dora-im"
+ allowed_operations = [
+ "s3_head",
+ "b2_download_file_by_id",
+ "b2_download_file_by_name",
+ "s3_get"
+ ]
+ allowed_origins = [
+ "https://*.dora.im"
+ ]
+ max_age_seconds = 86400
+ }
+}
+resource "b2_application_key" "pastebin_media" {
+ key_name = "pastebin-media"
+ bucket_id = b2_bucket.pastebin_media.id
+ capabilities = [
+ "deleteFiles",
+ "listAllBucketNames",
+ "listBuckets",
+ "listFiles",
+ "readBucketEncryption",
+ "readBuckets",
+ "readFiles",
+ "shareFiles",
+ "writeBucketEncryption",
+ "writeFiles"
+ ]
+}
+output "b2_pastebin_media_bucket_name" {
+ value = b2_bucket.pastebin_media.bucket_name
+ sensitive = false
+}
+output "b2_pastebin_media_key_id" {
+ value = b2_application_key.pastebin_media.application_key_id
+ sensitive = false
+}
+output "b2_pastebin_media_access_key" {
+ value = b2_application_key.pastebin_media.application_key
+ sensitive = true
+}
diff --git a/terraform/cloudflare.tf b/terraform/cloudflare.tf
index db7840ad..7f27f93e 100644
--- a/terraform/cloudflare.tf
+++ b/terraform/cloudflare.tf
@@ -81,6 +81,7 @@ locals {
atuin = { on = "fra1", proxy = false }
ntfy = { on = "fra1", proxy = false }
mail = { on = "fra1", proxy = false }
+ pb = { on = "fra1", proxy = false }
m = { on = "fra1", proxy = false }
"admin.m" = { on = "fra1", proxy = false }
searx = { on = "hkg4", proxy = false }
@@ -109,7 +110,7 @@ resource "cloudflare_record" "dora" {
proxied = false
ttl = 1
type = "CNAME"
- content = "dfw0.dora.im"
+ content = "hkg4.dora.im"
zone_id = cloudflare_zone.im_dora.id
}
@@ -189,15 +190,6 @@ resource "cloudflare_record" "dora_mx_fra1" {
# Machines
-resource "cloudflare_record" "dora_matrix" {
- name = "m"
- proxied = false
- ttl = 1
- type = "A"
- content = "100.64.0.2"
- zone_id = cloudflare_zone.im_dora.id
-}
-
resource "cloudflare_record" "dora_tippy" {
name = "tippy"
proxied = false