bert: Remove misplaced bigbird note from README

Don't write documentation tired, kids! I thought I was missing this, so
I had added it…to the wrong file, while similar notes were already
present in the file where they belonged!

bert/README.md

@@ -1,13 +1,20 @@
-# Installation
+# `bert`
+
+## Installation
 1. Install NixOS minimal
 2. `ssh-keygen -N "" -f /etc/secrets/initrd/ssh_host_ed25519_key`
 2. Enable SSH server and add root SSH key
 3. Deploy updated config with `make`
 4. Set up [Remote Disk Unlocking](https://nixos.wiki/wiki/Remote_disk_unlocking)
    1. mkdir -p /etc/secrets/initrd && ssh-keygen -N "" -f /etc/secrets/initrd/ssh_host_25519_key
-5. Deploy content to web services
+5. Deploy content:
+   - websites in /srv
+   - factorio world at /var/lib/factorio/saves/default.zip
+   - git/forgejo in /var/lib/forgejo
+   - navidrome DB/etc in /var/lib/navidrome
+6. Set up Grafana users (log in with default admin/admin; change creds; configure)
 
-# Notes on Caddy
+## Notes on Caddy
 Until 2.8 is released with 24.11, Caddy has a pretty limited sense of what
 content-types should be compressed:
 

bert/configuration.nix

@@ -58,6 +58,14 @@
   services.openssh.settings.PasswordAuthentication = false;
   users.users.root.openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEhPyyqS3BGYor3zLbjc8hZuhem3mS8TNmvWogXcnz/b chandler@chandlerswift.com'' ];
 
+  users.users.isaac = {
+    isNormalUser = true;
+    description = "Isaac Swift";
+    openssh.authorizedKeys.keys = [
+      # TODO
+    ];
+  };
+
   networking.firewall.allowedTCPPorts = [
     80 # Caddy
     443 # Caddy

bert/services/http/index.nix

@@ -5,9 +5,11 @@
     ./git.chandlerswift.com.nix
     ./harborpaperco.com.nix
     ./home.chandlerswift.com.nix
+    ./isaacswift.com.nix
     ./katherineandchandler.com.nix
     ./maps.chandlerswift.com.nix
     ./music.chandlerswift.com.nix
+    ./preview.chandlerswift.com.nix
     ./stjohnscccc.org.nix
     ./swiftgang.net.nix
   ];

bert/services/http/isaacswift.com.nix

@@ -0,0 +1,23 @@
+
+{
+  services.caddy.virtualHosts."isaacswift.com" = {
+    serverAliases = ["www.isaacswift.com"];
+    extraConfig = ''
+      encode zstd gzip
+      file_server
+      root * /srv/www/isaacswift.com
+      # hide .git # ???
+
+      handle_errors {
+        respond "{err.status_code} {err.status_text}"
+      }
+    '';
+  };
+  systemd.tmpfiles.settings."10-isaacswift-com" = {
+    "/srv/www/isaacswift.com" = {
+      d = {
+        user = "isaac";
+      };
+    };
+  };
+}

bert/services/http/preview.chandlerswift.com.nix

@@ -0,0 +1,9 @@
+{config, ...}: {
+  services.caddy.virtualHosts."preview.chandlerswift.com".extraConfig = ''
+    reverse_proxy oscar:4000
+
+    handle_errors {
+      respond "{err.status_code} {err.status_text}"
+    }
+  '';
+}

bigbird/Makefile

@@ -1,20 +1,20 @@
 # https://stackoverflow.com/a/23324703
 current_dir:=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
 
-.PHONY: remote-deploy
+.PHONY: deploy
-remote-deploy:
+deploy:
 	rsync -av $(current_dir)/ root@bigbird:config/
 	ssh root@bigbird nixos-rebuild switch --fast -I nixos-config=/root/config/configuration.nix
 
 ## This probably doesn't work, since architectures are different?
-# .PHONY: deploy
+# .PHONY: local-build-deploy
-# deploy:
+# local-build-deploy:
 # 	nixos-rebuild switch --fast -I nixos-config=./configuration.nix --build-host root@animal.chandlerswift.com --target-host root@animal.chandlerswift.com
 
-.PHONY: remote-deploy-upgrade
+.PHONY: deploy-upgrade
-remote-deploy-upgrade:
+deploy-upgrade:
-	rsync -avz $(current_dir)/ root@animal.chandlerswift.com:config/
+	rsync -avz $(current_dir)/ root@bigbird:config/
-	ssh root@animal.chandlerswift.com nixos-rebuild switch --upgrade-all --fast -I nixos-config=/root/config/configuration.nix
+	ssh root@bigbird nixos-rebuild switch --upgrade-all --fast -I nixos-config=/root/config/configuration.nix
 
 # TODO: build an SD card?
 #sd-image:

bigbird/configuration.nix

@@ -14,7 +14,6 @@
   boot.loader.generic-extlinux-compatible.enable = true;
 
   networking.hostName = "bigbird"; # Define your hostname.
-  networking.networkmanager.enable = true;
 
   # Enable ZFS: https://openzfs.github.io/openzfs-docs/Getting%20Started/NixOS/index.html
   boot.supportedFilesystems = [ "zfs" ];

bigbird/kathe.nix

@@ -1,4 +1,4 @@
-{
+{pkgs, ...}: {
   users.users.kathe = {
     isNormalUser = true;
     description = "Käthe Swift";

oscar/configuration.nix

@@ -119,7 +119,8 @@
   # Define a user account. Don't forget to set a password with ‘passwd’.
   users.users.chandler.isNormalUser = true;
   users.users.chandler.description = "Chandler Swift";
-  users.users.chandler.extraGroups = [ "networkmanager" "wheel" "dialout" "cdrom" ];
+  users.users.chandler.extraGroups = [ "networkmanager" "wheel" "dialout" "cdrom" "plugdev" ];
+  home-manager.backupFileExtension = "backup";
   home-manager.users.chandler = { pkgs, ... }: {
 
     nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
@@ -133,11 +134,13 @@
       freecad
       frescobaldi
       gimp
+      gnome-sound-recorder
       josm
       kate
       kicad
       libreoffice-qt
       prismlauncher
+      prusa-slicer
       qgis
 
       # command line applications
@@ -149,6 +152,7 @@
       alsa-utils
       dig
       file
+      git-absorb
       killall
       pv
       wl-clipboard
@@ -201,6 +205,7 @@
         url."https://aur.archlinux.org/".insteadOf = "aur:";
         url."ssh://aur@aur.archlinux.org/".pushInsteadOf = "aur:";
         url."ssh://git@github.com/ChandlerSwift/".insteadOf = "gh:";
+        url."ssh://forgejo@bert/chandlerswift/".insteadOf = "forgejo:";
         push.autoSetupRemote = true;
         rebase.autosquash = true;
         rebase.autostash = true;