From ae78da6fc1875d65363eac0921c6ca06773a5241 Mon Sep 17 00:00:00 2001 From: Lzebulon Date: Sat, 24 May 2025 21:58:08 +0200 Subject: [PATCH] initial setup wikimedia for test --- flake.lock | 53 ++++++++++--------- flake.nix | 7 ++- hosts/vm/wiki/default.nix | 16 ++++++ hosts/vm/wiki/hardware-configuration.nix | 45 ++++++++++++++++ hosts/vm/wiki/networking.nix | 65 ++++++++++++++++++++++++ modules/services/wiki.nix | 44 ++++++++++++++++ 6 files changed, 204 insertions(+), 26 deletions(-) create mode 100644 hosts/vm/wiki/default.nix create mode 100644 hosts/vm/wiki/hardware-configuration.nix create mode 100644 hosts/vm/wiki/networking.nix create mode 100644 modules/services/wiki.nix diff --git a/flake.lock b/flake.lock index 0be5400..4585f26 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1736955230, - "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "lastModified": 1747575206, + "narHash": "sha256-NwmAFuDUO/PFcgaGGr4j3ozG9Pe5hZ/ogitWhY+D81k=", "owner": "ryantm", "repo": "agenix", - "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "rev": "4835b1dc898959d8547a871ef484930675cb47f1", "type": "github" }, "original": { @@ -31,11 +31,11 @@ ] }, "locked": { - "lastModified": 1700795494, - "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "lastModified": 1744478979, + "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "rev": "43975d782b418ebf4969e9ccba82466728c2851b", "type": "github" }, "original": { @@ -50,11 +50,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1736143030, - "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", + "lastModified": 1743550720, + "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", + "rev": "c621e8422220273271f52058f618c94e405bb0f5", "type": "github" }, "original": { @@ -71,11 +71,11 @@ ] }, "locked": { - "lastModified": 1703113217, - "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "lastModified": 1745494811, + "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", "owner": "nix-community", "repo": "home-manager", - "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", "type": "github" }, "original": { @@ -86,30 +86,33 @@ }, "nixpkgs": { "locked": { - "lastModified": 1737672001, - "narHash": "sha256-YnHJJ19wqmibLQdUeq9xzE6CjrMA568KN/lFPuSVs4I=", + "lastModified": 1747825515, + "narHash": "sha256-BWpMQymVI73QoKZdcVCxUCCK3GNvr/xa2Dc4DM1o2BE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "035f8c0853c2977b24ffc4d0a42c74f00b182cd8", + "rev": "cd2812de55cf87df88a9e09bf3be1ce63d50c1a6", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.11", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-lib": { "locked": { - "lastModified": 1735774519, - "narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" + "lastModified": 1743296961, + "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa", + "type": "github" }, "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" } }, "root": { @@ -142,11 +145,11 @@ ] }, "locked": { - "lastModified": 1737483750, - "narHash": "sha256-5An1wq5U8sNycOBBg3nsDDgpwBmR9liOpDGlhliA6Xo=", + "lastModified": 1747469671, + "narHash": "sha256-bo1ptiFoNqm6m1B2iAhJmWCBmqveLVvxom6xKmtuzjg=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "f2cc121df15418d028a59c9737d38e3a90fbaf8f", + "rev": "ab0378b61b0d85e73a8ab05d5c6029b5bd58c9fb", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index b05c87a..85f4454 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "Configuration NixOS du Crans"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; flake-parts.url = "github:hercules-ci/flake-parts"; # Formatter @@ -71,6 +71,11 @@ specialArgs = inputs; modules = [ ./hosts/vm/two ] ++ baseModules; }; + + wiki = nixosSystem { + specialArgs = inputs; + modules = [ ./hosts/vm/wiki ] ++ baseModules; + }; }; }; diff --git a/hosts/vm/wiki/default.nix b/hosts/vm/wiki/default.nix new file mode 100644 index 0000000..f4baa1a --- /dev/null +++ b/hosts/vm/wiki/default.nix @@ -0,0 +1,16 @@ +{ ... }: + +{ + imports = [ + ./hardware-configuration.nix + # ./networking.nix + + ../../../modules + ../../../modules/services/wiki.nix + ]; + + networking.hostName = "wiki"; + boot.loader.grub.devices = [ "/dev/sda" ]; + + system.stateVersion = "25.05"; +} diff --git a/hosts/vm/wiki/hardware-configuration.nix b/hosts/vm/wiki/hardware-configuration.nix new file mode 100644 index 0000000..c61d274 --- /dev/null +++ b/hosts/vm/wiki/hardware-configuration.nix @@ -0,0 +1,45 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/6aab06d9-2d09-4929-a680-719c6818a663"; + fsType = "ext4"; + }; + + swapDevices = [ { device = "/dev/disk/by-uuid/24f88af8-323d-48e3-8872-402b8bbbdc13"; } ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens18.useDHCP = lib.mkDefault true; + # networking.interfaces.ens19.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/hosts/vm/wiki/networking.nix b/hosts/vm/wiki/networking.nix new file mode 100644 index 0000000..8ec9ca3 --- /dev/null +++ b/hosts/vm/wiki/networking.nix @@ -0,0 +1,65 @@ +{ ... }: + +{ + networking = { + interfaces = { + ens18 = { + + ipv4 = { + addresses = [ + { + address = "172.16.10.139"; + prefixLength = 24; + } + ]; + }; + + ipv6 = { + addresses = [ + { + address = "fd00::10:0:ff:fe01:3910"; + prefixLength = 64; + } + ]; + }; + + }; + + ens19 = { + + ipv4 = { + addresses = [ + { + address = "172.16.3.139"; + prefixLength = 24; + } + ]; + routes = [ + { + address = "0.0.0.0"; + via = "172.16.3.99"; + prefixLength = 0; + } + ]; + }; + + ipv6 = { + addresses = [ + { + address = "2a0c:700:3::ff:fe01:3903"; + prefixLength = 64; + } + ]; + routes = [ + { + address = "::"; + via = "2a0c:700:3::ff:fe00:9903"; + prefixLength = 0; + } + ]; + }; + + }; + }; + }; +} diff --git a/modules/services/wiki.nix b/modules/services/wiki.nix new file mode 100644 index 0000000..c692a0d --- /dev/null +++ b/modules/services/wiki.nix @@ -0,0 +1,44 @@ +{pkgs, ...}: +{ + + services.mediawiki = { + enable = true; + + httpd.virtualHost = { + hostName = "test-wiki.crans.org"; + adminAddr = "root@crans.org"; + + listen = [ + { + ip = "127.0.0.1"; + port = 8080; + # ssl = false; + } + ]; + }; + + passwordFile = pkgs.writeText "password" "cardbotine"; + + extraConfig = '' + # contact info + $wgEmergencyContact = 'contact@crans.org'; + + + + # default theme + $wgDefaultSkin = 'citizen'; + + $wgLanguageCode = 'fr'; + + # Disable anonymous editing + $wgGroupPermissions['*']['edit'] = false; + ''; + + skins = { + Citizen = pkgs.fetchzip { + url = "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/archive/main.zip"; + sha256 = "sha256-6ZhrAHAKWHGij1qBgigEll0xbGhEOo0hYTMuakkU06o="; + }; + }; + }; +}