root/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add paste

Browse source
This commit is contained in:
root 2025-11-05 15:22:21 +00:00
parent 36fa7a75a3
commit 1d4b154bcd
3 changed files with 28 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
services/default.nix
View file

@ -9,6 +9,7 @@
./lldap.nix
# Dante not working right now, possibly misconfigured.
#./dante.nix
./paste.nix
./btcpayserver.nix
./btc.nix
./vaultwarden.nix

26
services/paste.nix Normal file
View file

@ -0,0 +1,26 @@
let
pastePort = 8087;
onionUrl = "http://s4h5nfnwwhzku55opxlqouobioibx4htwygnp2l4fkp256lur5s53rad.onion";
in
{
services.microbin = {
enable = true;
settings = {
MICROBIN_PORT = pastePort;
MICROBIN_ENABLE_BURN_AFTER = true;
MICROBIN_QR = true;
MICROBIN_NO_LISTING = true;
MICROBIN_HIGHLIGHTSYNTAX = true;
MICROBIN_PUBLIC_PATH = "https://paste.distrust.network/";
};
};
services.caddy.virtualHosts."https://paste.distrust.network ${onionUrl}".extraConfig = ''
reverse_proxy localhost:${toString pastePort}
header Onion-Location ${onionUrl}
'';
services.tor.relay.onionServices."microbin".map = [
80
];
}

1
site/index.html
View file

@ -53,6 +53,7 @@
<li>Static Site Hosting (TOR &amp; clearnet, <a href="mailto:root@distrust.network?subject=SITE%20HOSTING%20REQUEST">email me</a> upon registration)</li>
<li>Forgejo <small><a href="http://cr27k6asjs7skvjxs6smhqfam3wlvmft2f3iins44k6p6rmmfyolobqd.onion/">[tor]</a> <a href="https://git.distrust.network">[clearnet]</a></small></li>
<li>Vaultwarden <small><a href="http://gfoqwlo4nmhcywzzyhfanhkf7hz64lkjayngfyrpbd7ohaucu3q4znqd.onion/">[tor]</a> <a href="https://vault.distrust.network">[clearnet]</a> <a title="Once you have logged in for the first time, check your inbox for an invite.">[hover]</a></small></li>
<li>Microbin (Paste) <small><a href="http://s4h5nfnwwhzku55opxlqouobioibx4htwygnp2l4fkp256lur5s53rad.onion">[tor]</a> <a href="https://paste.distrust.network/">[clearnet]</a></small></li>
</ul>
<p>All services have a strict no-metrics policy, with logs being kept for at most 1 hour (for debugging purposes). Where it is difficult to configure this in a service, logs are directly piped and/or symlinked to <code>/dev/null</code>.</p>
<p>The server runs a hardened NixOS config, and is updated when appropriate for any security/hardening tweaks. This NixOS config is auditable and freely accessible over <a href="http://cr27k6asjs7skvjxs6smhqfam3wlvmft2f3iins44k6p6rmmfyolobqd.onion/root/flake">TOR</a> and <a href="https://git.distrust.network/root/flake">clearnet</a>.</p>