koi.rip
my nixos dotfiles :3 (git.koi.rip mirror)
git.koi.rip/koi/dotfiles
linux
dotfiles
neovim
nixos
catppuccin
seber: update ssl certificates
+2
-2
LICENSE
+2
-2
LICENSE
···
4
4
================================================================================
5
5
The Happy Bunny License (Modified MIT License)
6
6
--------------------------------------------------------------------------------
7
-
Copyright (c) 2025 Adam Perkowski
7
+
Copyright (c) 2025 koibtw
8
8
9
9
Permission is hereby granted, free of charge, to any person obtaining a copy
10
10
of this software and associated documentation files (the "Software"), to deal
···
31
31
================================================================================
32
32
The MIT License
33
33
--------------------------------------------------------------------------------
34
-
Copyright (c) 2025 Adam Perkowski
34
+
Copyright (c) 2025 koibtw
35
35
36
36
Permission is hereby granted, free of charge, to any person obtaining a copy
37
37
of this software and associated documentation files (the "Software"), to deal
+4
-2
secrets/secrets.nix
+4
-2
secrets/secrets.nix
···
7
7
"jellyfin-rpc.json.age".publicKeys = [ koi ];
8
8
9
9
"vaultwarden.env.age".publicKeys = [ seber ];
10
-
"ssl-adamperkowski.cert.pem.age".publicKeys = [ seber ];
11
-
"ssl-adamperkowski.key.pem.age".publicKeys = [ seber ];
10
+
"ssl-koi.cert.pem.age".publicKeys = [ seber ];
11
+
"ssl-koi.key.pem.age".publicKeys = [ seber ];
12
+
"ssl-ebil.cert.pem.age".publicKeys = [ seber ];
13
+
"ssl-ebil.key.pem.age".publicKeys = [ seber ];
12
14
}
secrets/ssl-adamperkowski.cert.pem.age
secrets/ssl-adamperkowski.cert.pem.age
This is a binary file and will not be displayed.
secrets/ssl-adamperkowski.key.pem.age
secrets/ssl-adamperkowski.key.pem.age
This is a binary file and will not be displayed.
secrets/ssl-ebil.cert.pem.age
secrets/ssl-ebil.cert.pem.age
This is a binary file and will not be displayed.
secrets/ssl-ebil.key.pem.age
secrets/ssl-ebil.key.pem.age
This is a binary file and will not be displayed.
secrets/ssl-koi.cert.pem.age
secrets/ssl-koi.cert.pem.age
This is a binary file and will not be displayed.
secrets/ssl-koi.key.pem.age
secrets/ssl-koi.key.pem.age
This is a binary file and will not be displayed.
+14
-4
systems/seber/default.nix
+14
-4
systems/seber/default.nix
···
54
54
mode = "0400";
55
55
owner = "vaultwarden";
56
56
};
57
-
ssl-adamperkowski-cert = {
58
-
file = ../../secrets/ssl-adamperkowski.cert.pem.age;
57
+
ssl-koi-cert = {
58
+
file = ../../secrets/ssl-koi.cert.pem.age;
59
59
mode = "0440";
60
60
group = "nginx";
61
61
};
62
-
ssl-adamperkowski-key = {
63
-
file = ../../secrets/ssl-adamperkowski.key.pem.age;
62
+
ssl-koi-key = {
63
+
file = ../../secrets/ssl-koi.key.pem.age;
64
+
mode = "0440";
65
+
group = "nginx";
66
+
};
67
+
ssl-ebil-cert = {
68
+
file = ../../secrets/ssl-ebil.cert.pem.age;
69
+
mode = "0440";
70
+
group = "nginx";
71
+
};
72
+
ssl-ebil-key = {
73
+
file = ../../secrets/ssl-ebil.key.pem.age;
64
74
mode = "0440";
65
75
group = "nginx";
66
76
};
+2
-2
systems/seber/services/ebil-club.nix
+2
-2
systems/seber/services/ebil-club.nix
+2
-2
systems/seber/services/lebel.nix
+2
-2
systems/seber/services/lebel.nix
···
36
36
};
37
37
};
38
38
forceSSL = true;
39
-
sslCertificate = "/run/agenix/ssl-adamperkowski-cert";
40
-
sslCertificateKey = "/run/agenix/ssl-adamperkowski-key";
39
+
sslCertificate = "/run/agenix/ssl-ebil-cert";
40
+
sslCertificateKey = "/run/agenix/ssl-ebil-key";
41
41
};
42
42
43
43
systemd.tmpfiles.rules = [ "d /var/lebel 2750 koi users -" ];
+2
-2
systems/seber/services/robin.nix
+2
-2
systems/seber/services/robin.nix
+4
-5
systems/seber/services/vaultwarden.nix
+4
-5
systems/seber/services/vaultwarden.nix
···
3
3
enable = true;
4
4
environmentFile = "/run/agenix/vaultwarden-env";
5
5
config = {
6
-
DOMAIN = "https://vault.adamperkowski.dev";
6
+
DOMAIN = "https://vault.koi.rip";
7
7
SIGNUPS_ALLOWED = false;
8
8
ROCKET_ADDRESS = "127.0.0.1";
9
9
ROCKET_PORT = 8222;
···
12
12
};
13
13
};
14
14
15
-
services.nginx.virtualHosts."vault.adamperkowski.dev" = {
15
+
services.nginx.virtualHosts."vault.koi.rip" = {
16
16
locations."/" = {
17
17
proxyPass = "http://127.0.0.1:8222";
18
18
extraConfig = ''
···
22
22
'';
23
23
};
24
24
forceSSL = true;
25
-
sslCertificate = "/run/agenix/ssl-adamperkowski-cert";
26
-
sslCertificateKey = "/run/agenix/ssl-adamperkowski-key";
25
+
sslCertificate = "/run/agenix/ssl-koi-cert";
26
+
sslCertificateKey = "/run/agenix/ssl-koi-key";
27
27
};
28
-
29
28
}
+2
-2
systems/seber/services/website.nix
+2
-2
systems/seber/services/website.nix
···
22
22
'';
23
23
};
24
24
forceSSL = true;
25
-
sslCertificate = "/run/agenix/ssl-adamperkowski-cert";
26
-
sslCertificateKey = "/run/agenix/ssl-adamperkowski-key";
25
+
sslCertificate = "/run/agenix/ssl-koi-cert";
26
+
sslCertificateKey = "/run/agenix/ssl-koi-key";
27
27
};
28
28
29
29
systemd.tmpfiles.rules = [ "d /var/website 2750 koi users -" ];