57 lines
2.5 KiB
Nix
57 lines
2.5 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
{
|
|
system.stateVersion = "24.11";
|
|
|
|
networking.hostName = "noisebell-remote";
|
|
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
services.openssh.enable = true;
|
|
services.caddy.enable = true;
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
# Add your SSH public key here
|
|
];
|
|
|
|
# ── Secrets ───────────────────────────────────────────────────────────
|
|
|
|
age.secrets.pi-api-key.file = ./secrets/pi-api-key.age;
|
|
age.secrets.pi-inbound-api-key.file = ./secrets/pi-inbound-api-key.age;
|
|
age.secrets.discord-token.file = ./secrets/discord-token.age;
|
|
age.secrets.discord-webhook-secret.file = ./secrets/discord-webhook-secret.age;
|
|
age.secrets.rss-webhook-secret.file = ./secrets/rss-webhook-secret.age;
|
|
|
|
# ── Cache ─────────────────────────────────────────────────────────────
|
|
|
|
services.noisebell-cache = {
|
|
enable = true;
|
|
domain = "noisebell.extremist.software";
|
|
piAddress = "http://noisebell:80";
|
|
inboundApiKeyFile = config.age.secrets.pi-api-key.path;
|
|
piApiKeyFile = config.age.secrets.pi-inbound-api-key.path;
|
|
outboundWebhooks = [
|
|
{ url = "https://discord.noisebell.extremist.software/webhook"; secretFile = config.age.secrets.discord-webhook-secret.path; }
|
|
{ url = "https://rss.noisebell.extremist.software/webhook"; secretFile = config.age.secrets.rss-webhook-secret.path; }
|
|
];
|
|
};
|
|
|
|
# ── Discord ───────────────────────────────────────────────────────────
|
|
|
|
services.noisebell-discord = {
|
|
enable = true;
|
|
domain = "discord.noisebell.extremist.software";
|
|
discordTokenFile = config.age.secrets.discord-token.path;
|
|
channelId = "000000000000000000"; # Replace with actual channel ID
|
|
webhookSecretFile = config.age.secrets.discord-webhook-secret.path;
|
|
};
|
|
|
|
# ── RSS ───────────────────────────────────────────────────────────────
|
|
|
|
services.noisebell-rss = {
|
|
enable = true;
|
|
domain = "rss.noisebell.extremist.software";
|
|
webhookSecretFile = config.age.secrets.rss-webhook-secret.path;
|
|
};
|
|
|
|
}
|