about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--configuration.nix6
-rw-r--r--ipfs.nix6
-rw-r--r--matrix.nix2
-rw-r--r--static.nix14
4 files changed, 14 insertions, 14 deletions
diff --git a/configuration.nix b/configuration.nix
index c2167db..5db2c20 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -16,11 +16,11 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with loang configuration.  If not, see <https://www.gnu.org/licenses/>.
 
-{ config, pkgs, ... }:
+{ pkgs, ... }:
 {
   environment = {
     enableAllTerminfo = true;
-    systemPackages = with pkgs; [ git htop rsync vim ];
+    systemPackages = with pkgs; [ git htop man-pages rsync vim ];
   };
 
   fileSystems."/mnt/nas" = {
@@ -59,7 +59,7 @@
   system.stateVersion = "22.05";
 
   systemd.extraConfig = ''
-      DefaultTimeoutStartSec=900s
+    DefaultTimeoutStartSec=900s
   '';
 
   time.timeZone = "UTC";
diff --git a/ipfs.nix b/ipfs.nix
index 5122c67..876b74c 100644
--- a/ipfs.nix
+++ b/ipfs.nix
@@ -16,8 +16,8 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with loang configuration.  If not, see <https://www.gnu.org/licenses/>.
 
-{ config, lib, pkgs, ... }:
-let domain = config.networking.domain;
+{ config, ... }:
+let inherit (config.networking) domain;
 in {
   networking.firewall = {
     allowedTCPPorts = [ 4001 ];
@@ -26,7 +26,7 @@ in {
 
   security = {
     acme.certs.${domain} = {
-      credentialsFile = pkgs.writeText "knot.env" ''
+      credentialsFile = builtins.toFile "knot.env" ''
         RFC2136_NAMESERVER=127.0.0.1
         RFC2136_TSIG_KEY=lego
         RFC2136_TSIG_ALGORITHM=hmac-sha256
diff --git a/matrix.nix b/matrix.nix
index b3bc773..12a7655 100644
--- a/matrix.nix
+++ b/matrix.nix
@@ -18,6 +18,7 @@
 
 { config, lib, pkgs, ... }:
 let
+  inherit (config.networking) domain;
   client = {
     "m.homeserver" = {
       base_url = "https://${domain}";
@@ -27,7 +28,6 @@ let
       base_url = ""; # disable
     };
   };
-  domain = config.networking.domain;
   server = {
     "m.server" = "${domain}:443"; # unify with client-server
   };
diff --git a/static.nix b/static.nix
index 603b3c0..bdfd73b 100644
--- a/static.nix
+++ b/static.nix
@@ -16,10 +16,9 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with loang configuration.  If not, see <https://www.gnu.org/licenses/>.
 
-{ config, lib, pkgs, ... }:
+{ config, lib, ... }:
 let
-  certs = config.security.acme.certs.${domain};
-  domain = config.networking.domain;
+  inherit (config.networking) domain;
   bindUserDirs = sources: target: lib.mapAttrs' (user: dir: {
     name = target + user;
     value = {
@@ -45,12 +44,13 @@ in {
   };
 
   services = {
-    molly-brown = {
-      certPath = "${certs.directory}/cert.pem";
+    molly-brown = let certDir = config.security.acme.certs.${domain}.directory;
+    in {
+      certPath = "${certDir}/cert.pem";
       docBase = "/var/lib/gemini/${domain}";
       enable = true;
       hostName = domain;
-      keyPath = "${certs.directory}/key.pem";
+      keyPath = "${certDir}/key.pem";
     };
 
     nginx = {
@@ -114,6 +114,6 @@ in {
   };
 
   systemd.services.molly-brown.serviceConfig.SupplementaryGroups = [
-    certs.group
+    config.security.acme.certs.${domain}.group
   ];
 }