m

4 files changed, 56 insertions, 20 deletions

diff --git a/hosts/cloud/bkk/configuration.nix b/hosts/cloud/bkk/configuration.nix
index 16281d9..da71a54 100644
--- a/hosts/cloud/bkk/configuration.nix
+++ b/hosts/cloud/bkk/configuration.nix
@@ -34,6 +34,18 @@
   #     listen-http = ":8090";
   #   };
   # };
+
+  services.headscale = {
+    enable = true;
+    address = "0.0.0.0";
+    port = 8001;
+    settings = {
+      server_url = "https://head.urbit.men";
+      dns.baseDomain = "urbit.men";
+      logtail.enabled = false;
+    };
+  };
+
   system.stateVersion = "24.05"; # Did you read the comment?
   environment.systemPackages = with pkgs; [
     tmux
diff --git a/hosts/cloud/bkk/nginx.nix b/hosts/cloud/bkk/nginx.nix
index c73eaeb..03c13ce 100644
--- a/hosts/cloud/bkk/nginx.nix
+++ b/hosts/cloud/bkk/nginx.nix
@@ -25,6 +25,14 @@
         proxy_cache off;
       '';
     };
+    virtualHosts."head.urbit.men" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:8001";
+        proxyWebsockets = true; # needed if you need to use WebSocket
+      };
+    };
     virtualHosts."m.urbit.men" = {
       enableACME = true;
       forceSSL = true;
diff --git a/hosts/cloud/sortug/nginx.nix b/hosts/cloud/sortug/nginx.nix
index a3e5a85..655b44c 100644
--- a/hosts/cloud/sortug/nginx.nix
+++ b/hosts/cloud/sortug/nginx.nix
@@ -1,22 +1,21 @@
-{ ... }: {
-
+{...}: {
   security.acme.acceptTerms = true;
   security.acme.defaults.email = "security@sortug.com";
   services.nginx = {
     enable = true;
-    virtualHosts."sortug.com" =  {
+    virtualHosts."sortug.com" = {
       enableACME = true;
       forceSSL = true;
       root = "/var/www/sortug";
       # root = "/home/y/www";
     };
-    virtualHosts."cal.sortug.com" =  {
+    virtualHosts."cal.sortug.com" = {
       enableACME = true;
       forceSSL = true;
       root = "/var/www/sorcal";
       # root = "/home/y/www";
     };
-    virtualHosts."git.sortug.com" =  {
+    virtualHosts."git.sortug.com" = {
       enableACME = true;
       forceSSL = true;
       locations."/" = {
@@ -24,7 +23,15 @@
         proxyWebsockets = true; # needed if you need to use WebSocket
       };
     };
-    virtualHosts."u.sortug.com" =  {
+    virtualHosts."ai.sortug.com" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:8000";
+        proxyWebsockets = true; # needed if you need to use WebSocket
+      };
+    };
+    virtualHosts."u.sortug.com" = {
       enableACME = true;
       forceSSL = true;
       locations."/" = {
@@ -32,7 +39,7 @@
         proxyWebsockets = true; # needed if you need to use WebSocket
       };
     };
-    virtualHosts."p.sortug.com" =  {
+    virtualHosts."p.sortug.com" = {
       enableACME = true;
       forceSSL = true;
       locations."/" = {
@@ -47,10 +54,10 @@
         proxy_http_version 1.1;
         chunked_transfer_encoding off;
         proxy_buffering off;
-        proxy_cache off;      
+        proxy_cache off;
       '';
     };
-    virtualHosts."ntfy.sortug.com" =  {
+    virtualHosts."ntfy.sortug.com" = {
       enableACME = true;
       forceSSL = true;
       locations."/" = {
@@ -65,10 +72,10 @@
         proxy_http_version 1.1;
         chunked_transfer_encoding off;
         proxy_buffering off;
-        proxy_cache off;      
+        proxy_cache off;
       '';
     };
-    virtualHosts."ustj.sortug.com" =  {
+    virtualHosts."ustj.sortug.com" = {
       enableACME = true;
       forceSSL = true;
       locations."/" = {
@@ -83,36 +90,36 @@
         proxy_http_version 1.1;
         chunked_transfer_encoding off;
         proxy_buffering off;
-        proxy_cache off;      
+        proxy_cache off;
       '';
     };
-    virtualHosts."s3.sortug.com" =  {
+    virtualHosts."s3.sortug.com" = {
       enableACME = true;
       forceSSL = true;
       locations."/" = {
         proxyPass = "http://127.0.0.1:9000";
         proxyWebsockets = true; # needed if you need to use WebSocket
         extraConfig = ''
-         proxy_set_header Host $Host;
+          proxy_set_header Host $Host;
         '';
         # actually important
       };
     };
-    virtualHosts."s3c.sortug.com" =  {
+    virtualHosts."s3c.sortug.com" = {
       enableACME = true;
       forceSSL = true;
       locations."/" = {
         proxyPass = "http://127.0.0.1:9001";
         proxyWebsockets = true; # needed if you need to use WebSocket
         extraConfig = ''
-           proxy_set_header Host $Host;
+          proxy_set_header Host $Host;
         '';
       };
     };
-          # proxy_http_version 1.1;
-          # proxy_set_header Upgrade $http_upgrade;
-          # proxy_set_header Connection "Upgrade";
-    virtualHosts."urbit.s3.sortug.com" =  {
+    # proxy_http_version 1.1;
+    # proxy_set_header Upgrade $http_upgrade;
+    # proxy_set_header Connection "Upgrade";
+    virtualHosts."urbit.s3.sortug.com" = {
       enableACME = true;
       forceSSL = true;
       locations."/" = {
diff --git a/hosts/local/ohira/configuration.nix b/hosts/local/ohira/configuration.nix
index 91d4abf..e5316f5 100644
--- a/hosts/local/ohira/configuration.nix
+++ b/hosts/local/ohira/configuration.nix
@@ -120,6 +120,15 @@
       #  thunderbird
     ];
   };
+  users.users.leo2 = {
+    isNormalUser = true;
+    description = "leo2";
+    extraGroups = ["networkmanager" "wheel"];
+    packages = with pkgs; [
+      # firefox
+      #  thunderbird
+    ];
+  };
 
   # Allow unfree packages
   nixpkgs.config.allowUnfree = true;