From f9751a9510ce8c112da3d9da801893e8cffcb20e Mon Sep 17 00:00:00 2001
From: Gabriel Arazas <foo.dogsquared@gmail.com>
Date: Fri, 25 Nov 2022 21:27:23 +0800
Subject: [PATCH] hosts/ni: update config

---
 hosts/plover/default.nix                | 33 +++++++++++++------------
 hosts/plover/hardware-configuration.nix |  7 ++++--
 2 files changed, 22 insertions(+), 18 deletions(-)

diff --git a/hosts/plover/default.nix b/hosts/plover/default.nix
index 9ddd8716..b028761f 100644
--- a/hosts/plover/default.nix
+++ b/hosts/plover/default.nix
@@ -1,13 +1,17 @@
 { config, options, lib, pkgs, ... }:
 
 let
+  inherit (builtins) toString;
   domain = "foodogsquared.one";
+  wikiDomain = "wiki.${domain}";
   passwordManagerDomain = "vault.${domain}";
   codeForgeDomain = "forge.${domain}";
 in
 {
   imports = [
+    ./hardware-configuration.nix
     (lib.getUser "nixos" "plover")
+    (lib.getUser "nixos" "admin")
   ];
 
   sops.secrets =
@@ -43,26 +47,27 @@ in
     recommendedTlsSettings = true;
 
     virtualHosts = {
-      # These are just websites that are already deployed.
-      "www.${domain}" = {
+      # Personal website.
+      "${domain}" = {
+        forceSSL = false;
+        enableACME = true;
+        serverAliases = [ "www.${domain}" ];
         locations."/" = {
           proxyPass = "https://foodogsquared.netlify.app";
         };
       };
-      "wiki.${domain}" = {
+
+      # My digital notebook.
+      "${wikiDomain}" = {
+        forceSSL = false;
+        enableACME = true;
         locations."/" = {
           proxyPass = "https://foodogsquared-wiki.netlify.app";
         };
       };
-      "search.${domain}" = {
-        locations."/" = {
-          proxyPass = "https://search.brave.com";
-        };
-      };
 
       # Vaultwarden instance.
       "${passwordManagerDomain}" = {
-        http2 = true;
         forceSSL = true;
         enableACME = true;
         locations = let
@@ -86,11 +91,12 @@ in
         };
       };
 
+      # Gitea instance.
       "${codeForgeDomain}" = {
-        http2 = true;
+        forceSSL = true;
         enableACME = true;
         locations."/" = {
-          proxyPass = "http://localhost:${config.services.gitea.httpPort}";
+          proxyPass = "http://localhost:${toString config.services.gitea.httpPort}";
         };
       };
     };
@@ -102,11 +108,6 @@ in
   security.acme = {
     acceptTerms = true;
     defaults.email = "admin@foodogsquared.one";
-
-    certs = {
-      "${passwordManagerDomain}".keyType = "rs2048";
-      "${codeForgeDomain}" = {};
-    };
   };
 
   # Some additional dependencies for this system.
diff --git a/hosts/plover/hardware-configuration.nix b/hosts/plover/hardware-configuration.nix
index 839007aa..94f07dba 100644
--- a/hosts/plover/hardware-configuration.nix
+++ b/hosts/plover/hardware-configuration.nix
@@ -1,14 +1,17 @@
 { lib, pkgs, modulesPath, ... }:
 
+# Most of the filesystems listed here are supposed to be overriden to default
+# settings of whatever image format configuration this host system will import
+# from nixos-generators.
 {
   imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-  fileSystems."/" = {
+  fileSystems."/" = lib.mkOverride 2000 {
     label = "nixos";
     fsType = "ext4";
     autoResize = true;
   };
 
-  fileSystems."/srv" = {
+  fileSystems."/srv" = lib.mkOverride 2000 {
     label = "data";
     options = [
       "discard"