aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README.md127
-rw-r--r--TODOs.org2
l---------base-image/5d05f383bcf61-snapshot-configuration.nix1
l---------base-image/c565f318e4aea-snapshot-configuration.nix1
-rw-r--r--base-image/e1d5f317b0f7a-snapshot-configuration.nix107
-rw-r--r--cgit-about.html8
-rwxr-xr-xci-gen-index.sh70
-rw-r--r--envsubst-configuration.nix1
-rw-r--r--favicons/git.icobin6518 -> 0 bytes
-rwxr-xr-xgen-hash.sh9
-rw-r--r--guix/channels.scm20
-rw-r--r--guix/manifest.scm5
-rwxr-xr-xnixos-switch.sh31
-rw-r--r--scripts/cronjobs/borg.sh16
-rw-r--r--secrets/borg-key-export.txtbin835 -> 0 bytes
-rw-r--r--secrets/passwords/matrix-registration.txtbin87 -> 0 bytes
-rw-r--r--secrets/passwords/nextcloud-admin.txtbin53 -> 0 bytes
-rw-r--r--secrets/passwords/user-hash.txtbin129 -> 0 bytes
-rw-r--r--secrets/telegram.orgbin2410 -> 0 bytes
-rw-r--r--secrets/terraform/plan-files/2020-11-17T09:04:03-03:00.tfplanbin0 -> 3785 bytes
-rw-r--r--secrets/terraform/terraform.tfstatebin3079 -> 3076 bytes
-rw-r--r--secrets/terraform/terraform.tfstate.backupbin181 -> 3079 bytes
-rw-r--r--secrets/user-password.txtbin1021 -> 0 bytes
-rw-r--r--secrets/user-salt.txtbin39 -> 0 bytes
-rwxr-xr-xshell.sh5
-rw-r--r--vps-configuration.nix9
-rw-r--r--vps.tf3
27 files changed, 105 insertions, 310 deletions
diff --git a/README.md b/README.md
index 419c3ac..697d355 100644
--- a/README.md
+++ b/README.md
@@ -1,75 +1,86 @@
# VPS
## Workflow
+
### Re-creating everything from scratch
```shell
+./shell.sh
git crypt unlock
direnv allow
-./terraform-update.sh
-# wait for the DNS to propagate, so
-# letsencrypt can create the certificates
-./nixos-switch.sh
+./terraform-apply.sh
+./guix-reconfigure.sh
```
### After an update on `vps.tf`
Same as above.
-### After editing `vps-configuration.nix` or other OS files
-
-Just run the `./nixos-switch.sh` script.
-
-## Base image
-The basic `configuration.nix` file in the current snapshots looks just like this:
-
-```nix
-{ config, pkgs, ... }:
-
-{
- imports = [
- ./hardware-configuration.nix
- ];
-
- boot.loader.grub.enable = true;
- boot.loader.grub.version = 2;
- boot.loader.grub.device = "/dev/vda";
-
- networking.useDHCP = false;
- networking.interfaces.ens3.useDHCP = true;
-
- environment.systemPackages = with pkgs; [ vim ];
-
- services.openssh.enable = true;
- services.openssh.permitRootLogin = "no";
-
- users.extraUsers.andreh = {
- uid = 1000;
- isNormalUser = true;
- extraGroups = [ "wheel" ];
- password = "...tmp password...";
- openssh.authorizedKeys.keys = [
- "...ssh public key..."
- ];
- };
-
- system.stateVersion = "19.09";
-}
+### After editing `sync/vps.scm` or other OS files
+
+Just run the `./guix-reconfigure.sh` script.
+
+## "base-guix-image"
+
+The base `sync/vps.scm` file in the current snapshot (snapshot ID 5c35fb3a74873)
+is:
+
+```scheme
+(use-modules (gnu))
+(use-service-modules networking ssh)
+(use-package-modules ssh)
+
+(define ssh-public-key
+ "ssh-rsa ...")
+
+(define sudoers "\
+root ALL=(ALL) ALL
+%wheel ALL=NOPASSWD: ALL\n")
+
+(operating-system
+ (locale "fr_FR.UTF-8")
+ (timezone "America/Sao_Paulo")
+ (keyboard-layout (keyboard-layout "us"))
+ (host-name "guix-pet-server")
+ (users (cons* (user-account
+ (name "andreh")
+ (group "users")
+ (home-directory "/home/andreh")
+ (supplementary-groups '("wheel")))
+ %base-user-accounts))
+ (sudoers-file (plain-file "sudoers" sudoers))
+ (packages
+ (append (map specification->package
+ '("nss-certs"
+ "rsync"))
+ %base-packages))
+ (services
+ (append
+ (list (service openssh-service-type
+ (openssh-configuration
+ (openssh openssh-sans-x)
+ (password-authentication? #false)
+ (authorized-keys
+ `(("andreh" ,(plain-file "id_rsa.pub" ssh-public-key))))))
+ (service dhcp-client-service-type))
+ %base-services))
+ (bootloader
+ (bootloader-configuration
+ (bootloader grub-bootloader)
+ (target "/dev/vda")
+ (keyboard-layout keyboard-layout)))
+ (swap-devices
+ (list (uuid "79a91c82-f3e1-4ed7-8c4e-23569f1ae0ca")))
+ (file-systems
+ (cons* (file-system
+ (mount-point "/")
+ (device
+ (uuid "fddb6a4c-8b8c-4f57-b274-5d6d33200f28"
+ 'ext4))
+ (type "ext4"))
+ %base-file-systems)))
```
This basic setup allows it to boot, starts the OpenSSH server agent and allows
-the listed `openssh.authorizedKeys.keys` to login.
-
-I've also changed the ownership of `/etc/nixos/configuration.nix` to allow my
-user to write to it by piping through SSH without trying some
-[non-working solutions like before][0]:
-
-```shell
-sudo chown andreh /etc/nixos/configuration.nix
-```
-
-With that `./nixos-switch.sh` can write to the NixOS configuration file without
-running into issues with `sudo` password permissions through the SSH pipe while
-writing to stdin.
-
-[0]: https://git.euandreh.xyz/vps/tree/nixos-switch.sh?id=a7983c859f3d8890e35c587176f497b73a7a7dc7#n7
+the listed `ssh-public-key` to login, and commands from the
+"andreh" user can run `sudo` without password.
diff --git a/TODOs.org b/TODOs.org
index 37cdfe2..0c7ba2a 100644
--- a/TODOs.org
+++ b/TODOs.org
@@ -13,10 +13,10 @@ re-creating everything from scratch.
*** TODO Email
*** TODO Matrix
* Services
-** TODO =mail.$tld=: email
** TODO =git.$tld=: cgit
** TODO =$project.$tld=: static documentation for projects
** TODO =ci.$tld=: cuirass
+** TODO =mail.$tld=: email
** TODO =chat.$tld=: Matrix
** TODO =meet.$tld=: Jitsi/Nextcloud Talk
** TODO =$tld=: Jekyll blog
diff --git a/base-image/5d05f383bcf61-snapshot-configuration.nix b/base-image/5d05f383bcf61-snapshot-configuration.nix
deleted file mode 120000
index c59f37b..0000000
--- a/base-image/5d05f383bcf61-snapshot-configuration.nix
+++ /dev/null
@@ -1 +0,0 @@
-e1d5f317b0f7a-snapshot-configuration.nix \ No newline at end of file
diff --git a/base-image/c565f318e4aea-snapshot-configuration.nix b/base-image/c565f318e4aea-snapshot-configuration.nix
deleted file mode 120000
index c59f37b..0000000
--- a/base-image/c565f318e4aea-snapshot-configuration.nix
+++ /dev/null
@@ -1 +0,0 @@
-e1d5f317b0f7a-snapshot-configuration.nix \ No newline at end of file
diff --git a/base-image/e1d5f317b0f7a-snapshot-configuration.nix b/base-image/e1d5f317b0f7a-snapshot-configuration.nix
deleted file mode 100644
index b80eab0..0000000
--- a/base-image/e1d5f317b0f7a-snapshot-configuration.nix
+++ /dev/null
@@ -1,107 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system. Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, ... }:
-
-{
- imports = [ # Include the results of the hardware scan.
- ./hardware-configuration.nix
- ];
-
- # Use the GRUB 2 boot loader.
- boot.loader.grub.enable = true;
- boot.loader.grub.version = 2;
- # boot.loader.grub.efiSupport = true;
- # boot.loader.grub.efiInstallAsRemovable = true;
- # boot.loader.efi.efiSysMountPoint = "/boot/efi";
- # Define on which hard drive you want to install Grub.
- boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only
-
- # networking.hostName = "nixos"; # Define your hostname.
- # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
-
- # The global useDHCP flag is deprecated, therefore explicitly set to false here.
- # Per-interface useDHCP will be mandatory in the future, so this generated config
- # replicates the default behaviour.
- networking.useDHCP = false;
- networking.interfaces.ens3.useDHCP = true;
-
- # Configure network proxy if necessary
- # networking.proxy.default = "http://user:password@proxy:port/";
- # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
-
- # Select internationalisation properties.
- # i18n = {
- # consoleFont = "Lat2-Terminus16";
- # consoleKeyMap = "us";
- # defaultLocale = "en_US.UTF-8";
- # };
-
- # Set your time zone.
- # time.timeZone = "Europe/Amsterdam";
-
- # List packages installed in system profile. To search, run:
- # $ nix search wget
- environment.systemPackages = with pkgs; [ vim ];
-
- # Some programs need SUID wrappers, can be configured further or are
- # started in user sessions.
- # programs.mtr.enable = true;
- # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
-
- # List services that you want to enable:
-
- # Enable the OpenSSH daemon.
- services.openssh.enable = true;
- services.openssh.permitRootLogin = "no";
-
- # Open ports in the firewall.
- # networking.firewall.allowedTCPPorts = [ ... ];
- # networking.firewall.allowedUDPPorts = [ ... ];
- # Or disable the firewall altogether.
- # networking.firewall.enable = false;
-
- # Enable CUPS to print documents.
- # services.printing.enable = true;
-
- # Enable sound.
- # sound.enable = true;
- # hardware.pulseaudio.enable = true;
-
- # Enable the X11 windowing system.
- # services.xserver.enable = true;
- # services.xserver.layout = "us";
- # services.xserver.xkbOptions = "eurosign:e";
-
- # Enable touchpad support.
- # services.xserver.libinput.enable = true;
-
- # Enable the KDE Desktop Environment.
- # services.xserver.displayManager.sddm.enable = true;
- # services.xserver.desktopManager.plasma5.enable = true;
-
- # Define a user account. Don't forget to set a password with ‘passwd’.
- # users.users.jane = {
- # isNormalUser = true;
- # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
- # };
-
- users.extraUsers.andreh = {
- uid = 1000;
- isNormalUser = true;
- extraGroups = [ "wheel" ];
- password =
- "...tmp password..."; # stored in secrets/base-image-old-password.txt
- openssh.authorizedKeys.keys = [
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDF+uy407LKZAFnfFkJPRiOBzwV98qIEcKhITnLYhqfITfrJvcFVOY0/YDCrs6WHXyLdM29AoywVWsQ1qXiB7xQCwknPV8YZoCnJQcn0gvH8jbCk+C8Po0Rx846wbhL49qYolnmlhe+Uoy30j7XIJSDtPVO9d/hZqt2GPwGVJ98HLyY2ak+j4i1YkHr+mPFgnCaqCAzA374d1Bop18+YENYtMMU0k8hCsomwZny/7qNo4V8mjLxQAS8FvTuljxlthEpOM4Jsjl07yDLgE69kLvU7mmFi8EeC26e50N18Ouse82dZigtVhAMeLBhbJnQbDff4WfUBzSjpKjZPGcxoRaej3qSRbIkcMMqCOSlww6GcjRi+COvlpA4c1i4hKI15wHceoiKghDLA6jbaHfOqEMldflYl5gCVUIYzJ5XehZppH6L7PzO+L4suNs+aFjWPDZ0jqEtcyTmgTMea40p7wwz086ExnBDorbG79oDiJrWc+swJjXuVakS+fQjb3mPsCC/FgUhsxEtqiVfvLo2mphp47pOYvs64aUp3RV9muqQNuS4tEuP9V1urGTLtgPL26LEjF0oLu1ag0H+VZY5O/T9KRYvWre8IWbj/KkZYo1tJaGJyEVr0plmyzLBEy8b3Hu/6Wtq7yB0Eii60fxqFWC24nEkvs1V0cxDa+o6I2iA9w== eu@euandre.org"
- ];
- };
-
- # This value determines the NixOS release with which your system is to be
- # compatible, in order to avoid breaking some software such as database
- # servers. You should change this only after NixOS release notes say you
- # should.
- system.stateVersion = "19.09"; # Did you read the comment?
-
-}
diff --git a/cgit-about.html b/cgit-about.html
deleted file mode 100644
index 159a092..0000000
--- a/cgit-about.html
+++ /dev/null
@@ -1,8 +0,0 @@
-<h1>
- EuAndreh's git repositories
-</h1>
-
-<p>
- If you're interested in contributing, the README of each repository contains
- instructions on how to do it.
-</p>
diff --git a/ci-gen-index.sh b/ci-gen-index.sh
deleted file mode 100755
index 4de179c..0000000
--- a/ci-gen-index.sh
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/usr/bin/env bash
-set -Eeuo pipefail
-cd "$(dirname "${BASH_SOURCE[0]}")"
-
-printf "Generating index.html of build logs... "
-rm -f index.html
-
-cat <<EOF >> index.html
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="UTF-8" />
- <meta name="viewport" content="width=device-width, initial-scale=1" />
-
- <style>
- pre {
- display: inline;
- }
- </style>
- </head>
- <body>
- <h1>
- Build logs
- </h1>
-EOF
-
-PASS='✅'
-FAIL='❌'
-DUNNO='❔'
-
-for dir in */; do
- d="${dir%/}"
- cat <<EOF >> index.html
- <h2 id="$d">
- <a href="#$d">
- $dir
- </a>
- </h2>
- <ul>
-EOF
- for file in "$d"/*; do
- REPORT="$(grep '>>>' "$file" ||:)"
- if [[ -z "$REPORT" ]]; then
- STATUS="$DUNNO"
- elif grep '>>> exit status was 0' <(echo "$REPORT") > /dev/null; then
- STATUS="$PASS"
- else
- STATUS="$FAIL"
- fi
- cat <<EOF >> index.html
- <li>
- <a href="$file">
- $STATUS
- <pre>$file</pre>
- </a>
- </li>
-EOF
- done
-
- cat <<EOF >> index.html
- </ul>
-EOF
-done
-
-cat <<EOF >> index.html
- </body>
-</html>
-EOF
-
-echo "done."
diff --git a/envsubst-configuration.nix b/envsubst-configuration.nix
deleted file mode 100644
index 3ec28c3..0000000
--- a/envsubst-configuration.nix
+++ /dev/null
@@ -1 +0,0 @@
-{ }: { TLD = "$TLD"; }
diff --git a/favicons/git.ico b/favicons/git.ico
deleted file mode 100644
index 145b4b0..0000000
--- a/favicons/git.ico
+++ /dev/null
Binary files differ
diff --git a/gen-hash.sh b/gen-hash.sh
deleted file mode 100755
index 774f9f9..0000000
--- a/gen-hash.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-set -Eeuo pipefail
-cd "$(dirname "${BASH_SOURCE[0]}")"
-
-mkpasswd -m sha-512 \
- "$(cat ./secrets/user-password.txt)" \
- "$(cat ./secrets/user-salt.txt)" \
- | tr -d '\n' \
- > ./secrets/passwords/user-hash.txt
diff --git a/guix/channels.scm b/guix/channels.scm
new file mode 100644
index 0000000..335210f
--- /dev/null
+++ b/guix/channels.scm
@@ -0,0 +1,20 @@
+(list
+ (channel
+ (name 'guix)
+ (url "https://git.savannah.gnu.org/git/guix.git")
+ (commit
+ "dc2de508a38d8e0a3f93e8d6ded225d3a7e32548")
+ (introduction
+ (make-channel-introduction
+ "9edb3f66fd807b096b48283debdcddccfea34bad"
+ (openpgp-fingerprint
+ "BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA"))))
+ (channel
+ (name 'euandreh)
+ (url "https://git.sr.ht/~euandreh/euandreh-guix-channel")
+ (branch "master")
+ (introduction
+ (make-channel-introduction
+ "641f9388002cd874040938ab1c6da7ac9d0e54ca"
+ (openpgp-fingerprint
+ "5BDA E9B8 B2F6 C6BC BB0D 6CE5 81F9 0EC3 CD35 6060")))))
diff --git a/guix/manifest.scm b/guix/manifest.scm
new file mode 100644
index 0000000..b3bbcbe
--- /dev/null
+++ b/guix/manifest.scm
@@ -0,0 +1,5 @@
+(specifications->manifest
+ '("direnv"
+ "git-crypt"
+ "shellcheck"
+ "terraform"))
diff --git a/nixos-switch.sh b/nixos-switch.sh
deleted file mode 100755
index 1e46434..0000000
--- a/nixos-switch.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env nix-shell
-#!nix-shell -i bash
-# shellcheck shell=bash
-# shellcheck disable=2086
-set -Eeuo pipefail
-cd "$(dirname "${BASH_SOURCE[0]}")"
-
-set -x
-
-USER_PASSWORD="$(cat ./secrets/base-image-old-password.txt)"
-export TLD='euandreh.xyz'
-
-# Idempotent init folders and permissions
-FOLDERS='/data/ /data/secrets/ /data/favicons/ /data/git/ /data/static/ci-logs/ /data/static/ci-logs/placeholder/ /data/nixos/ /data/static/logrotate/'
-echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S mkdir -p $FOLDERS
-echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S chown andreh:users $FOLDERS
-ssh "$TLD" touch /data/static/ci-logs/placeholder/f.log
-echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S chown -R andreh:users /data/
-
-# Copy secrets and support files
-rsync -avzP secrets/passwords/ "${TLD}:/data/secrets/"
-rsync -avzP favicons/ "${TLD}:/data/favicons/"
-scp cgit-about.html "${TLD}:/data/git/about.html"
-scp ci-gen-index.sh "${TLD}:/data/static/ci-logs/ci-gen-index.sh"
-
-# Run nixos-rebuild
-envsubst < envsubst-configuration.nix | ssh "$TLD" 'cat > /data/nixos/envsubst-configuration.nix'
-scp vps-configuration.nix "${TLD}:/etc/nixos/configuration.nix"
-echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S nix-channel --add "https://nixos.org/channels/nixos-unstable" nixos
-echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S -i nixos-rebuild switch --upgrade
-ssh "$TLD" rm -rf /data/static/ci-logs/placeholder/
diff --git a/scripts/cronjobs/borg.sh b/scripts/cronjobs/borg.sh
deleted file mode 100644
index bd6325f..0000000
--- a/scripts/cronjobs/borg.sh
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/usr/bin/env bash
-set -Eeuo pipefail
-
-# shellcheck disable=SC1090
-. "${HOME}/.ssh/environment" > /dev/null
-BORG_PASSPHRASE="$(cat /data/secrets/borg-passphrase.txt)"
-export BORG_PASSPHRASE
-R='16686@ch-s010.rsync.net'
-
-borg create \
- --verbose \
- --stats \
- --progress \
- --compression lzma,6 \
- "$R:vps-borg::{hostname}-{now}-cronjob" \
- /data/
diff --git a/secrets/borg-key-export.txt b/secrets/borg-key-export.txt
deleted file mode 100644
index 90e3b37..0000000
--- a/secrets/borg-key-export.txt
+++ /dev/null
Binary files differ
diff --git a/secrets/passwords/matrix-registration.txt b/secrets/passwords/matrix-registration.txt
deleted file mode 100644
index 86c632e..0000000
--- a/secrets/passwords/matrix-registration.txt
+++ /dev/null
Binary files differ
diff --git a/secrets/passwords/nextcloud-admin.txt b/secrets/passwords/nextcloud-admin.txt
deleted file mode 100644
index 0fd239d..0000000
--- a/secrets/passwords/nextcloud-admin.txt
+++ /dev/null
Binary files differ
diff --git a/secrets/passwords/user-hash.txt b/secrets/passwords/user-hash.txt
deleted file mode 100644
index e315081..0000000
--- a/secrets/passwords/user-hash.txt
+++ /dev/null
Binary files differ
diff --git a/secrets/telegram.org b/secrets/telegram.org
deleted file mode 100644
index 75514e5..0000000
--- a/secrets/telegram.org
+++ /dev/null
Binary files differ
diff --git a/secrets/terraform/plan-files/2020-11-17T09:04:03-03:00.tfplan b/secrets/terraform/plan-files/2020-11-17T09:04:03-03:00.tfplan
new file mode 100644
index 0000000..21870d8
--- /dev/null
+++ b/secrets/terraform/plan-files/2020-11-17T09:04:03-03:00.tfplan
Binary files differ
diff --git a/secrets/terraform/terraform.tfstate b/secrets/terraform/terraform.tfstate
index 135ef81..550cf6d 100644
--- a/secrets/terraform/terraform.tfstate
+++ b/secrets/terraform/terraform.tfstate
Binary files differ
diff --git a/secrets/terraform/terraform.tfstate.backup b/secrets/terraform/terraform.tfstate.backup
index 775ca09..135ef81 100644
--- a/secrets/terraform/terraform.tfstate.backup
+++ b/secrets/terraform/terraform.tfstate.backup
Binary files differ
diff --git a/secrets/user-password.txt b/secrets/user-password.txt
deleted file mode 100644
index 63555f9..0000000
--- a/secrets/user-password.txt
+++ /dev/null
Binary files differ
diff --git a/secrets/user-salt.txt b/secrets/user-salt.txt
deleted file mode 100644
index 60fb774..0000000
--- a/secrets/user-salt.txt
+++ /dev/null
Binary files differ
diff --git a/shell.sh b/shell.sh
new file mode 100755
index 0000000..99f67b8
--- /dev/null
+++ b/shell.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+cd "$(dirname "${BASH_SOURCE[0]}")"
+
+guix time-machine -C guix/channels.scm -- environment -m guix/manifest.scm
diff --git a/vps-configuration.nix b/vps-configuration.nix
index d8261cd..9189c34 100644
--- a/vps-configuration.nix
+++ b/vps-configuration.nix
@@ -13,7 +13,7 @@ let
matrixServerJSON = { "m.server" = "${matrixDomain}:443"; };
matrixClientJSON = { "m.homeserver" = { "base_url" = "https://${TLD}"; }; };
matrixPort = 8008;
- static-sites = [ "boneco" "pdfs-da-d-maria" ];
+ static-sites = [ ]; # [ "boneco" "pdfs-da-d-maria" ];
docs-projects = [ "mediator" "libedn" "x-bindgen" ];
# "eq" "songbooks"
};
@@ -193,15 +193,14 @@ in {
enable-index-owner=0
enable-log-filecount=1
enable-log-linecount=1
- root-desc=public repositories
- root-readme=/data/git/about.html
+ root-desc=Patches welcome!
readme=:README.md
readme=:README
readme=:README.rst
readme=:README.org
max-repodesc-length=120
remove-suffix=1
- root-title=EuAndreh's git repositories
+ root-title=EuAndreh's repositories
snapshots=tar.gz zip
source-filter=${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py
about-filter=${pkgs.cgit}/lib/cgit/filters/about-formatting.sh
@@ -211,7 +210,7 @@ in {
};
logrotate = {
- enable = true;
+ enable = false;
extraConfig = ''
compress
diff --git a/vps.tf b/vps.tf
index 5570e80..792376a 100644
--- a/vps.tf
+++ b/vps.tf
@@ -23,7 +23,6 @@ provider "vultr" {
version = "~> 1.3"
}
-
# Instance
resource "vultr_server" "vps_server" {
@@ -37,7 +36,7 @@ resource "vultr_server" "vps_server" {
# $ curl https://api.vultr.com/v1/plans/list?type=vc2 | jq '.["201"]'
plan_id = 201
# $ curl -H "API-Key: $TF_VAR_vultr_api_key" https://api.vultr.com/v1/snapshot/list | jq
- snapshot_id = "2525fb321b412" # base-guix
+ snapshot_id = "5c35fb3a74873" # base-guix-image
}
output "public_ip" {