Update server
Christian Krinitsin mail@krinitsin.com
Tue, 06 Jan 2026 10:07:44 +0100
10 files changed,
78 insertions(+),
56 deletions(-)
M
configuration.nix
→
configuration.nix
@@ -22,6 +22,7 @@ ./modules/atuin.nix
./modules/silverbullet.nix ./modules/monit.nix ./modules/shopping-list.nix + ./modules/jellyfin.nix ./modules/glance.nix ];@@ -37,6 +38,7 @@
neovim ]; + nixpkgs.config.allowUnfree = true; system.copySystemConfiguration = true; system.stateVersion = "24.11";
M
modules/git/cgit.nix
→
modules/git/cgit.nix
@@ -1,6 +1,5 @@
{ config, pkgs, lib , ... }: { - services.cgit.git = { enable = true; package = pkgs.cgit-pink;@@ -9,19 +8,19 @@ group = "git";
scanPath = "/null"; extraConfig = '' - root-title=git.krinitsin - root-desc=github mirror + root-title=git.krinitsin.com + root-desc= footer= logo= css=/cur-cgit.css - clone-url=git@krinitsin.com:$CGIT_REPO_URL + enable-http-clone = 1 + clone-url=https://git.krinitsin.com/$CGIT_REPO_URL snapshots=tar.gz zip cache-size=1000 enable-index-owner=0 - enable-http-clone=0 enable-blame=1 enable-commit-graph=1
A
modules/jellyfin.nix
@@ -0,0 +1,26 @@
+{ pkgs, libs, config, ... }: +{ + + services.jellyfin.enable = true; + + environment.systemPackages = [ + pkgs.jellyfin + pkgs.jellyfin-web + pkgs.jellyfin-ffmpeg + ]; + + services.nginx.virtualHosts."jelly.krinitsin.com" = { + forceSSL = true; + useACMEHost = "krinitsin.com"; + locations."/".proxyPass = "http://localhost:8096"; + }; + + security.acme.certs."krinitsin.com".extraDomainNames = [ "jelly.krinitsin.com" ]; + + services.monit.config = '' + check process jellyfin with matching "jellyfin" + start program = "${pkgs.systemd}/bin/systemctl start jellyfin" + stop program = "${pkgs.systemd}/bin/systemctl stop jellyfin" + ''; + +}
M
modules/mailserver.nix
→
modules/mailserver.nix
@@ -1,17 +1,19 @@
{ config, pkgs, ... }: { imports = [ (builtins.fetchTarball { - url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-25.05/nixos-mailserver-nixos-25.05.tar.gz"; - sha256 = "0jpp086m839dz6xh6kw5r8iq0cm4nd691zixzy6z11c4z2vf8v85"; + url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-25.11/nixos-mailserver-nixos-25.11.tar.gz"; + sha256 = "16kanlk74xnj7xgmjsj7pahy31hlxqcbv76xnsg8qbh54b0hwxgq"; }) ]; mailserver = { - enable = true; + enable = false; fqdn = "mail.krinitsin.com"; domains = [ "krinitsin.com" ]; + stateVersion = 3; certificateScheme = "acme-nginx"; lmtpSaveToDetailMailbox = "no"; + forwards = { "mail@krinitsin.com" = "ckrinitsin@purelymail@com"; }; # To create the password hashes, use nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' loginAccounts = {
M
modules/matrix/mautrix-whatsapp.nix
→
modules/matrix/mautrix-whatsapp.nix
@@ -3,52 +3,43 @@ {
services.mautrix-whatsapp = { enable = true; + registerToSynapse = true; settings = { - appservice = { - as_token = ""; - bot = { - displayname = "WhatsApp Bridge Bot"; - username = "whatsappbot"; - }; + ephemeral_events = false; + id = "whatsapp"; + }; + backfill = { + enabled = true; + }; + bridge = { + mute_only_on_create = false; + permissions = { + "krinitsin.com" = "admin"; + }; + relay.enabled = true; + private_chat_portal_meta = true; + }; database = { type = "sqlite3"; uri = "/var/lib/mautrix-whatsapp/mautrix-whatsapp.db"; }; - hostname = "[::]"; - hs_token = ""; - id = "whatsapp"; - port = 29318; - }; - - bridge = { - command_prefix = "!wa"; - displayname_template = "{{if .BusinessName}}{{.BusinessName}}{{else if .PushName}}{{.PushName}}{{else}}{{.JID}}{{end}} (WA)"; - double_puppet_server_map = { }; - login_shared_secret_map = { }; - permissions = { - "krinitsin.com" = "admin"; - }; - relay = { - enabled = true; - }; - username_template = "whatsapp_{{.}}"; - }; - - homeserver = { - address = "http://localhost:8008"; - }; - - logging = { - min_level = "info"; - writers = [ - { - format = "pretty-colored"; - time_format = " "; - type = "stdout"; - } - ]; - }; + encryption = { + allow = true; + default = true; + pickle_key = "pickle_key_ol"; + #require = true; + }; + homeserver = { + address = "http://localhost:8008"; + domain = "krinitsin.com"; + }; + matrix = { + message_status_events = true; + }; + provisioning = { + shared_secret = "disable"; + }; }; };
M
modules/mealie.nix
→
modules/mealie.nix
@@ -6,7 +6,7 @@ {
services.mealie = { enable = true; - package = unstable.mealie; + #package = unstable.mealie; }; services.nginx.virtualHosts."recipes.krinitsin.com" = {
M
modules/minecraft-server.nix
→
modules/minecraft-server.nix
@@ -14,9 +14,11 @@ declarative = true;
whitelist = { Elenal = "65bad3ad-e8af-43b2-8d77-5cd6bcc56c43"; Karuzo03 = "88ec7147-1bf5-455d-b6b5-c5771796caef"; + samisulkrini = "15848c38-e948-4e37-835d-2b5a14067e75"; + wlafi = "8d38e8f9-8100-4309-acc3-d7690bbc6c32"; }; serverProperties = { - max-players = 2; + max-players = 4; motd = "<3"; white-list = true; };
M
modules/pdf.nix
→
modules/pdf.nix
@@ -14,10 +14,6 @@ useACMEHost = "krinitsin.com";
locations."/" = { proxyPass = "http://localhost:5031"; recommendedProxySettings = true; - extraConfig = '' - sub_filter '</body>' '<script> document.querySelectorAll(".go-pro-badge").forEach(badge => badge.remove()); </script></body>'; - sub_filter_once on; - ''; }; };
M
modules/syncthing.nix
→
modules/syncthing.nix
@@ -1,9 +1,9 @@
-{ pkgs, libs, config, ... }: +{ config, libs, pkgs, ... }: { services.syncthing = { enable = true; - guiAddress = "localhost:8384"; + guiAddress = "0.0.0.0:8384"; dataDir = "/var/lib/syncthing"; openDefaultPorts = true; };
M
modules/webserver.nix
→
modules/webserver.nix
@@ -4,6 +4,10 @@
users.users.nginx.extraGroups = [ "acme" ]; services.nginx = { enable = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; virtualHosts = { "krinitsin.com" = { forceSSL = true;