feat(server): memos

feat(jj): set conflict-marker-style
fix(headscale): RestartSec conflict
2025-07-22 17:07:47 +08:00 · 2025-07-22 16:43:25 +08:00 · 2025-07-22 16:43:25 +08:00 · 2025-07-22 16:43:25 +08:00 · 2025-07-22 16:42:43 +08:00
7 changed files with 101 additions and 83 deletions
--- a/config/hosts/imxyy-nix-server/build.nix
+++ b/config/hosts/imxyy-nix-server/build.nix
@@ -34,6 +34,7 @@
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBWOy0QmAyxENg/O5m3cus8U3c9jCLioivwcWsh5/a82 imxyy-hisense-pad"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK8pivvE8PMtsOxmccfNhH/4KehDKhBfUfJbQZxo/SZT imxyy-ace5"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKALTBn/QSGcSPgMg0ViSazFcaA0+nEF05EJpjbsI6dE imxyy_soope_@imxyy-cloudwin"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMb5G/ieEYBOng66YeyttBQLThyM6W//z2POsNyq4Rw/ imxyy@imxyy-nix-x16"

      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIENauvvhVMLsUwH9cPYsvnOg7VCL3a4yEiKm8I524TE efl@efl-nix"
    ];
--- a/config/hosts/imxyy-nix-server/code.nix
+++ b/config/hosts/imxyy-nix-server/code.nix
@@ -7,26 +7,22 @@
    }
  ];
  services.postgresql.ensureDatabases = [ "coder" ];
-  virtualisation.oci-containers = {
-    containers = {
-      coder = {
-        image = "ghcr.io/coder/coder:latest";
-        environment = {
-          CODER_ACCESS_URL = "https://coder.imxyy.top";
-          CODER_HTTP_ADDRESS = "0.0.0.0:8086";
-          CODER_PG_CONNECTION_URL = "postgresql://coder:coderdatabase@127.0.0.1/coder?sslmode=disable";
-        };
-        extraOptions = [
-          "--network=host"
-          "--group-add=${toString config.users.groups.podman.gid}"
-        ];
-        volumes = [
-          "/var/lib/coder:/home/coder/.config"
-          "/var/run/docker.sock:/var/run/docker.sock"
-        ];
-        ports = [ "8086:8086" ];
-      };
+  virtualisation.oci-containers.containers.coder = {
+    image = "ghcr.io/coder/coder:latest";
+    environment = {
+      CODER_ACCESS_URL = "https://coder.imxyy.top";
+      CODER_HTTP_ADDRESS = "0.0.0.0:8086";
+      CODER_PG_CONNECTION_URL = "postgresql://coder:coderdatabase@127.0.0.1/coder?sslmode=disable";
    };
+    extraOptions = [
+      "--network=host"
+      "--group-add=${toString config.users.groups.podman.gid}"
+    ];
+    volumes = [
+      "/var/lib/coder:/home/coder/.config"
+      "/var/run/docker.sock:/var/run/docker.sock"
+    ];
+    ports = [ "8086:8086" ];
  };
  services.caddy.virtualHosts."coder.imxyy.top" = {
    extraConfig = ''
--- a/config/hosts/imxyy-nix-server/homepage.nix
+++ b/config/hosts/imxyy-nix-server/homepage.nix
@@ -1,14 +1,10 @@
 {
-  virtualisation.oci-containers = {
-    containers = {
-      sun-panel = {
-        image = "hslr/sun-panel:latest";
-        volumes = [
-          "/var/lib/sun-panel:/app/conf"
-        ];
-        ports = [ "8085:3002" ];
-      };
-    };
+  virtualisation.oci-containers.containers.sun-panel = {
+    image = "hslr/sun-panel:latest";
+    volumes = [
+      "/var/lib/sun-panel:/app/conf"
+    ];
+    ports = [ "8085:3002" ];
  };
  services.caddy.virtualHosts."home.imxyy.top" = {
    extraConfig = ''
--- a/config/hosts/imxyy-nix-server/immich.nix
+++ b/config/hosts/imxyy-nix-server/immich.nix
@@ -1,5 +1,9 @@
 { ... }:
 {
+  users.users.immich = {
+    home = "/mnt/nas/immich";
+    createHome = true;
+  };
  services.immich = {
    enable = true;
    host = "127.0.0.1";
--- a/config/hosts/imxyy-nix-server/net.nix
+++ b/config/hosts/imxyy-nix-server/net.nix
@@ -132,12 +132,14 @@
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBWOy0QmAyxENg/O5m3cus8U3c9jCLioivwcWsh5/a82 imxyy-hisense-pad"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK8pivvE8PMtsOxmccfNhH/4KehDKhBfUfJbQZxo/SZT imxyy-ace5"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKALTBn/QSGcSPgMg0ViSazFcaA0+nEF05EJpjbsI6dE imxyy_soope_@imxyy-cloudwin"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMb5G/ieEYBOng66YeyttBQLThyM6W//z2POsNyq4Rw/ imxyy@imxyy-nix-x16"
  ];
  users.users.${username}.openssh.authorizedKeys.keys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEFLUkyeaK8ZPPZdVNEmtx8zvoxi7xqS2Z6oxRBuUPO imxyy@imxyy-nix"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBWOy0QmAyxENg/O5m3cus8U3c9jCLioivwcWsh5/a82 imxyy-hisense-pad"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK8pivvE8PMtsOxmccfNhH/4KehDKhBfUfJbQZxo/SZT imxyy-ace5"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKALTBn/QSGcSPgMg0ViSazFcaA0+nEF05EJpjbsI6dE imxyy_soope_@imxyy-cloudwin"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMb5G/ieEYBOng66YeyttBQLThyM6W//z2POsNyq4Rw/ imxyy@imxyy-nix-x16"
  ];

  sops.secrets.dae-imxyy-nix-server = {
@@ -407,6 +409,21 @@
          customDomains = [ "immich.imxyy.top" ];
        }

+        {
+          name = "memo-http";
+          type = "http";
+          localIP = "127.0.0.1";
+          localPort = 80;
+          customDomains = [ "memo.imxyy.top" ];
+        }
+        {
+          name = "memo-https";
+          type = "https";
+          localIP = "127.0.0.1";
+          localPort = 443;
+          customDomains = [ "memo.imxyy.top" ];
+        }
+
        {
          name = "minecraft";
          type = "tcp";
@@ -449,10 +466,6 @@
    };
  };
  systemd.services."headscale" = {
-    serviceConfig = {
-      Restart = "always";
-      RestartSec = 120;
-    };
    after = [
      "podman-obligator.service"
    ];
@@ -481,27 +494,23 @@
    ];
  };

-  virtualisation.oci-containers = {
-    containers = {
-      obligator = {
-        image = "anderspitman/obligator:latest";
-        volumes = [
-          "/var/lib/obligator:/data"
-          "/var/lib/obligator:/api"
-        ];
-        ports = [ "8081:1616" ];
-        cmd = [
-          "-storage-dir"
-          "/data"
-          "-api-socket-dir"
-          "/api"
-          "-root-uri"
-          "https://oidc.imxyy.top"
-          "-port"
-          "1616"
-        ];
-      };
-    };
+  virtualisation.oci-containers.containers.obligator = {
+    image = "anderspitman/obligator:latest";
+    volumes = [
+      "/var/lib/obligator:/data"
+      "/var/lib/obligator:/api"
+    ];
+    ports = [ "8081:1616" ];
+    cmd = [
+      "-storage-dir"
+      "/data"
+      "-api-socket-dir"
+      "/api"
+      "-root-uri"
+      "https://oidc.imxyy.top"
+      "-port"
+      "1616"
+    ];
  };
  services.caddy.virtualHosts."headscale.imxyy.top" = {
    extraConfig = ''
@@ -567,6 +576,7 @@
        "ai"
        "sy"
        "minio"
+        "immich"
      ];
    in
    {
--- a/config/hosts/imxyy-nix-server/note.nix
+++ b/config/hosts/imxyy-nix-server/note.nix
@@ -14,36 +14,41 @@
      format = "dotenv";
    };
  };
-  virtualisation.oci-containers = {
-    containers = {
-      flatnotes = {
-        image = "dullage/flatnotes:latest";
-        volumes = [
-          "/mnt/nas/flatnotes/data:/data"
-        ];
-        environmentFiles = [
-          "${config.sops.secrets.flatnote-env.path}"
-        ];
-        ports = [ "8093:8080" ];
-      };
-      siyuan = {
-        image = "apkdv/siyuan-unlock:v3.1.30";
-        volumes = [
-          "/mnt/nas/siyuan/workspace:/workspace"
-          "/mnt/nas/siyuan:/home/siyuan"
-        ];
-        cmd = [
-          "--workspace=/workspace"
-        ];
-        environment = {
-          PUID = "0";
-          PGID = "0";
-        };
-        environmentFiles = [
-          "${config.sops.secrets.siyuan-env.path}"
-        ];
-        ports = [ "8095:6806" ];
+  virtualisation.oci-containers.containers = {
+    flatnotes = {
+      image = "dullage/flatnotes:latest";
+      volumes = [
+        "/mnt/nas/flatnotes/data:/data"
+      ];
+      environmentFiles = [
+        "${config.sops.secrets.flatnote-env.path}"
+      ];
+      ports = [ "8093:8080" ];
+    };
+    siyuan = {
+      image = "apkdv/siyuan-unlock:v3.1.30";
+      volumes = [
+        "/mnt/nas/siyuan/workspace:/workspace"
+        "/mnt/nas/siyuan:/home/siyuan"
+      ];
+      cmd = [
+        "--workspace=/workspace"
+      ];
+      environment = {
+        PUID = "0";
+        PGID = "0";
      };
+      environmentFiles = [
+        "${config.sops.secrets.siyuan-env.path}"
+      ];
+      ports = [ "8095:6806" ];
+    };
+    memos = {
+      image = "neosmemo/memos:stable";
+      volumes = [
+        "/mnt/nas/memos:/var/opt/memos"
+      ];
+      ports = [ "8097:5230" ];
    };
  };
  services.caddy.virtualHosts = {
@@ -57,5 +62,10 @@
        reverse_proxy :8095
      '';
    };
+    "memo.imxyy.top" = {
+      extraConfig = ''
+        reverse_proxy :8097
+      '';
+    };
  };
 }
--- a/modules/cli/vcs/jj.nix
+++ b/modules/cli/vcs/jj.nix
@@ -26,6 +26,7 @@ lib.my.makeHomeProgramConfig {
          ui = {
            graph.style = "square";
            default-command = "status";
+            conflict-marker-style = "snapshot";
          };
          signing = {
            backend = "ssh";
Author	SHA1	Message	Date
imxyy_soope_	3263d72b59	feat(server): memos	2025-07-22 17:07:47 +08:00
imxyy_soope_	1c7e5b9f05	feat(jj): set conflict-marker-style	2025-07-22 16:43:25 +08:00
imxyy_soope_	1da34bf704	fix(headscale): RestartSec conflict	2025-07-22 16:43:25 +08:00
imxyy_soope_	88107f9fe7	feat(server): authorize imxyy-nix-x16	2025-07-22 16:43:25 +08:00
imxyy_soope_	5d1f622782	fix: immich	2025-07-22 16:42:43 +08:00