diff --git a/README.md b/README.md
index 6e54d1a0..9f654d9d 100644
--- a/README.md
+++ b/README.md
@@ -9,3 +9,17 @@ This is using flakes for reproducibility and home manager for setting up user-sp
Workstations are set up by running ` sudo nixos-rebuild switch --flake '.#'` and servers are by `nixos-rebuild switch --flake '.#servername' --target-host root@hostname`.
I don't use home manager the program, everything is referenced from the top flake.
+
+## infra setup
+
+```mermaid
+sequenceDiagram
+Alice ->> Bob: Hello Bob, how are you?
+Bob-->>John: How about you John?
+Bob--x Alice: I am good thanks!
+Bob-x John: I am good thanks!
+Note right of John: Bob thinks a long
long time, so long
that the text does
not fit on a row.
+
+Bob-->Alice: Checking with John...
+Alice->John: Yes... John, how are you?
+```
diff --git a/nixos/boxes/mb1/default.nix b/nixos/boxes/mb1/default.nix
index f5284981..ef9457ee 100644
--- a/nixos/boxes/mb1/default.nix
+++ b/nixos/boxes/mb1/default.nix
@@ -6,7 +6,6 @@
./atuin.nix
];
networking.hostName = "mb1";
- environment.systemPackages = with pkgs; [ ];
boot.loader.grub = {
devices = [ "/dev/vda" ];
diff --git a/nixos/boxes/vpsfree1/gitea.nix b/nixos/boxes/vpsfree1/gitea.nix
index f1bb70bb..33375b4e 100644
--- a/nixos/boxes/vpsfree1/gitea.nix
+++ b/nixos/boxes/vpsfree1/gitea.nix
@@ -1,11 +1,5 @@
-{
- config,
- pkgs,
- inputs,
- lib,
- system,
- ...
-}: let
+{ config, pkgs, inputs, lib, system, ... }:
+let
httpPort = 8083;
sshPort = 22;
domain = "git.cyplo.dev";
@@ -27,18 +21,18 @@
};
groups."${systemGroupName}" = {
inherit gid;
- members = ["${systemUserName}" "nginx"];
+ members = [ "${systemUserName}" "nginx" ];
};
};
in {
- imports = [../nginx.nix];
+ imports = [ ../nginx.nix ];
inherit users;
- boot.kernel.sysctl = {"net.ipv4.ip_unprivileged_port_start" = 0;};
+ boot.kernel.sysctl = { "net.ipv4.ip_unprivileged_port_start" = 0; };
systemd.services.systemd-sysctl.enable = lib.mkForce true;
- networking.firewall.allowedTCPPorts = [sshPort];
+ networking.firewall.allowedTCPPorts = [ sshPort ];
services.nginx = {
virtualHosts = {
"${domain}" = {
@@ -80,19 +74,12 @@ in {
isReadOnly = true;
};
};
- config = {
- config,
- pkgs,
- lib,
- ...
- }: {
+ config = { config, pkgs, lib, ... }: {
system.stateVersion = "22.11";
- users =
- users
- // {
- mutableUsers = false;
- allowNoPasswordLogin = true;
- };
+ users = users // {
+ mutableUsers = false;
+ allowNoPasswordLogin = true;
+ };
services.gitea = {
inherit domain httpPort;
enable = true;
@@ -103,6 +90,13 @@ in {
package = inputs.nixpkgs-master.legacyPackages.${system}.forgejo;
settings = {
service.DISABLE_REGISTRATION = true;
+ "markup.mermaid" = {
+ ENABLED = true;
+ FILE_EXTENSIONS = ".md";
+ RENDER_COMMAND =
+ "${pkgs.asciidoc-full}/bin/asciidoc --out-file=- -";
+ IS_INPUT_FILE = false;
+ };
server = {
START_SSH_SERVER = true;
SSH_PORT = sshPort;