Compare commits

..

No commits in common. "671f7b511719403b78156f5be8bcadb232bbea6d" and "dd4a80e03423c470e239e07c5f5895e20feba10b" have entirely different histories.

7 changed files with 8 additions and 58 deletions

View file

@ -1,32 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
LINUX=/root/petersweb-infra/nixos/linux.nix
usage() {
echo "Usage: $0 <sha256-digest>"
echo " e.g. $0 sha256:2e2d92abae0ba68be780fff581523480ac05444690dbf38bf4330f1dda099e2a"
exit 1
}
[[ $# -eq 1 ]] || usage
NEW_DIGEST="${1#sha256:}" # strip leading "sha256:" if provided
# Validate: hex string of the right length
if ! [[ "$NEW_DIGEST" =~ ^[0-9a-f]{64}$ ]]; then
echo "Error: digest must be a 64-character lowercase hex string (got: $NEW_DIGEST)" >&2
exit 1
fi
OLD_LINE=$(grep -n 'coldairnetworks-com@sha256:' "$LINUX")
echo "Current: $OLD_LINE"
sed -i -E "s|(coldairnetworks-com@sha256:)[0-9a-f]{64}|\1${NEW_DIGEST}|" "$LINUX"
NEW_LINE=$(grep -n 'coldairnetworks-com@sha256:' "$LINUX")
echo "Updated: $NEW_LINE"
echo "Applying NixOS configuration..."
nixos-rebuild switch --flake /root/petersweb-infra/nixos#mainframe
echo "Done. Tail logs with: podman logs -f coldairnetworks"

View file

@ -7,7 +7,7 @@
services = {
app = {
service = {
image = "forge.quinefoundation.com/ironmagma/riverside@sha256:567483665861b5a895d4330caa03635191b6554a68f6e471c81c9ff4dbdacfa7";
image = "forge.quinefoundation.com/ironmagma/riverside@sha256:6ad578b0668ac91f37fc3677ce12960b5eeb23c3ba7238e1ba137d35e60fea58";
container_name = "riverside";
restart = "unless-stopped";
networks = [ "riverside" ];

View file

@ -83,11 +83,6 @@ in {
file = ./secrets/paperless.age;
owner = "root";
};
coldairnetworks = {
file = ./secrets/coldairnetworks.age;
owner = "root";
};
};
environment.systemPackages = [
@ -385,15 +380,13 @@ in {
"coldairnetworks" = {
autoStart = true;
image = "quineglobal/coldairnetworks-com@sha256:36f16006502171d82a107b1bd67517b9d602b54de31630a4861fba1e78250857";
image = "quineglobal/coldairnetworks-com:latest";
volumes = [];
environment = {
POSTMARK_SERVER_TOKEN = "e718a146-c590-4550-a750-a3b925056e29";
BETTER_AUTH_URL = "https://coldairnetworks.com";
NODE_TLS_REJECT_UNAUTHORIZED = "0";
};
environmentFiles = [ config.age.secrets.postmark.path config.age.secrets.coldairnetworks.path ];
ports = ["3012:3000"];
environmentFiles = [ config.age.secrets.postmark.path ];
ports = ["3012:8081"];
};
};

View file

@ -121,10 +121,10 @@
locations."/" = {
proxyPass = "http://127.0.0.1:8000/";
extraConfig = ''
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 100M;
'';
};

View file

@ -1,7 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 NFD/vg 5yGAA19rlzC2wSX7buivwDVu6AkSz0joS9oT7gcomGk
YnrxzrNQ7rT6joa38uyz3JBs5NkZhqPOwCOyaTRHD5A
--- jeqx+rAgrPkbdKhzNsiYjGhzq3nVTBfXfl4wKbkski8
¯/ß‹P#¬!âŽ<C3A2>&Ïó` àF¾rf9|œö~"~ð§m?+Õenw±D£KUXkS¢=;.“Ç£m^!ÀÊ÷L6ßBä\˾† »„1S
<@Óp˜­Ag¿ç˜Þ™°°ÁwLãX…ŒÏHô¿ðôãA(%6‰/ñ©ïýt{ñªLO_˜üs<C3BC>!8Æ+œ“žaêX·/{úÛ/¾çÜeNè&
rbøÉ¡Ë ~2fG$6HÈB•Æì•â<E280A2>µB`ƒs+EžË4aGǺ5370-T£æJ° „‚#m÷òe=˜÷

View file

@ -30,8 +30,4 @@ in {
# PAPERLESS_ADMIN_PASSWORD=<password>
# PAPERLESS_ADMIN_EMAIL=peterson@sent.com
"./paperless.age".publicKeys = [mainframePublicKey];
# DATABASE_URL=<supabase postgres dsn>
# BETTER_AUTH_SECRET=<secret>
"./coldairnetworks.age".publicKeys = [mainframePublicKey];
}

Binary file not shown.