Misc system changes and nix flake update

2025-07-24 08:08:22 -05:00
parent fc3979e64b
commit ff550b960e
8 changed files with 142 additions and 30 deletions
--- a/nix/application/containers.nix
+++ b/nix/application/containers.nix
@ -28,7 +28,7 @@
                    "/home/sezycei/srv/containerdata/gitea/config:/etc/gitea"
                  ];
        ports = [ "8027:3000" "23231:2222"];
-        environment = 
+        environment =
          {
           GITEA_APP_INI = "/etc/gitea/app.ini";
           GITEA_CUSTOM = "/var/lib/gitea/custom";
@ -48,13 +48,13 @@
                    "/home/sezycei/srv/containerdata/gitea/runner/data:/data"
                    "/run/podman/podman.sock:/var/run/docker.sock"
                  ];
-        environment = 
+        environment =
          {
            CONFIG_FILE = "/config.yaml";
            GITEA_INSTANCE_URL = "https://git.eversole.co";
            GITEA_RUNNER_REGISTRATION_TOKEN = "Rxl7OYPb4ysOmDZB3jnmzm7hJtQQYeaKHdn4jrbR";
            GITEA_RUNNER_NAME = "nix0-primary";
-            
+
          };

      };
@ -96,7 +96,7 @@
        volumes = [
          "/home/sezycei/srv/containerdata/purr/data:/app/data"
        ];
-        environment = { 
+        environment = {
          ENVIRONMENT = "production";
          APPLICATIONHOST = "localhost";
          APPLICATIONPORT = "3000";
--- a/nix/application/nginx.nix
+++ b/nix/application/nginx.nix
@ -88,6 +88,15 @@
          '';
        };
        "jame.su" = static { dir = "/var/www/jame.su"; };
+        "llm.matri.cx" = proxiedLAN { 
+          target = "http://192.168.0.94:11434"; 
+          extra = ''
+            proxy_connect_timeout 1800s;
+            proxy_send_timeout 1800s;
+            proxy_read_timeout 1800s;
+            send_timeout 1800s;
+          '';
+        };
        "matri.cx" = static { dir = "/var/www/matri.cx"; };
        "media.matri.cx" = proxied { target = "http://127.0.0.1:8096"; };
        "purr.eversole.co" = proxied { target = "http://127.0.0.1:5195"; };
--- a/nix/system/backups.nix
+++ b/nix/system/backups.nix
@ -13,7 +13,7 @@
        "${config.users.users.sezycei.home}/keys"
        "${config.users.users.sezycei.home}/dev"
      ];
-      
+
      exclude = [
        "*minecraft/OLD*"
      ];
--- a/nix/system/dns.nix
+++ b/nix/system/dns.nix
@ -12,7 +12,7 @@

      mail.matri.cx {
        template IN A  {
-            answer "{{ .Name }} 0 IN A 149.28.112.101"
+            answer "{{ .Name }} 0 IN A 216.128.148.134"
        }
      }

@ -37,7 +37,7 @@

      box.eversole.co {
        template IN A  {
-            answer "{{ .Name }} 0 IN A 149.28.112.101"
+            answer "{{ .Name }} 0 IN A 216.128.148.134"
        }
      }

--- a/nix/system/network.nix
+++ b/nix/system/network.nix
@ -2,8 +2,8 @@
  networking = {
    hostName = "eve-psr-nix0";
    firewall = {
-      allowedTCPPorts = [ 22 80 443 5000 23231 23232 23233 ];
-      allowedUDPPorts = [ 53 51820 config.services.tailscale.port ];
+      allowedTCPPorts = [ 22 80 443 5000 23231 23232 23233 20443 ];
+      allowedUDPPorts = [ 53 51820 config.services.tailscale.port 20443 ];
      extraCommands = ''
        iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o enp1s0 -j MASQUERADE
      '';
--- a/nix/system/nix-conf.nix
+++ b/nix/system/nix-conf.nix
@ -1,7 +1,7 @@
 { config, ... }: {
  services = {
    nix-serve = {
-      enable = true;
+      enable = false;
      secretKeyFile = config.age.secrets.cache-key.path;
    };
  };