Merge branch 'main' of github.com:fwastring/nix

moduler/hyprland.nix

@@ -94,6 +94,7 @@ in
 
             wallpaper = [
               "DP-1,/home/fw/nix/wallpapers/blue.png"
+              "eDP-1,/home/fw/nix/wallpapers/blue.png"
             ];
           };
         };

moduler/kitchenowl.nix

@@ -0,0 +1,26 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+let
+in
+{
+  virtualisation.oci-containers = {
+    backend = "podman";
+	containers = {
+		kitchenowl = {
+			image = "tombursch/kitchenowl:latest";
+			volumes = [
+			  "/var/kitchenowl:/data"
+			];
+			ports = [ "127.0.0.1:8080:8080" ];
+			environment = {
+			  JWT_SECRET_KEY = "jkdlaksjdljlkjlq";
+			}
+			;
+		};
+	};
+  };
+}

moduler/radicale.nix

@@ -0,0 +1,32 @@
+{
+  ...
+}:
+{
+
+  security.acme = {
+    certs."cal.wastring.com" = {
+      dnsProvider = "gandiv5";
+      webroot = null;
+      credentialsFile = /run/secrets/gandi_key;
+      dnsPropagationCheck = true;
+    };
+  };
+  services.nginx = {
+    virtualHosts."cal.wastring.com" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:5232";
+        proxyWebsockets = true; # needed if you need to use WebSocket
+        extraConfig = "proxy_ssl_server_name on;" + "proxy_pass_header Authorization;";
+      };
+    };
+  };
+  services.radicale = {
+    enable = true;
+    settings = {
+		auth.type = "none";
+		server.hosts = [ "0.0.0.0:5232" ];
+	};
+  };
+}

moduler/vaultwarden.nix

@@ -3,14 +3,17 @@
 }:
 {
 
+	networking.firewall = {
+	allowedTCPPorts = [ 80 443 ];
+	};
   security.acme = {
     acceptTerms = true;
     defaults.email = "fredrik@wastring.com";
     certs."pass.wastring.com" = {
       dnsProvider = "gandiv5";
       webroot = null;
-	  credentialsFile = /run/secrets/gandi_key;
-		dnsPropagationCheck = true;
+   credentialsFile = /run/secrets/gandi_key;
+  dnsPropagationCheck = true;
     };
   };
   services.nginx = {
@@ -42,7 +45,6 @@
       ROCKET_PORT = 8222;
       DOMAIN = "https://pass.wastring.com";
       SIGNUPS_ALLOWED = true;
-      LOG_FILE = "/var/lib/bitwarden_rs/access.log";
     };
   };
 }