ashie/nixos-vps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
44 commits 1 branch 0 tags 134 KiB
Commit graph

44 commits

This branch
This branch
All branches
Author SHA1 Message Date
ashisgreat22
a2a0dfaa58 docs: update Vaultwarden plan with nginx extraLocations fix 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 03:15:34 +01:00
ashisgreat22
5b584cdb11 Update Vaultwarden spec with review feedback 
- Add module header comment pattern
- Clarify Nginx WebSocket integration with concrete example
- Add SOPS secrets and templates declarations
- Update Files to Modify table

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 03:06:55 +01:00
ashisgreat22
2304648927 Add Vaultwarden module design spec 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 03:04:01 +01:00
ashisgreat22
2bfcc7c2ff update 2026-03-18 01:51:16 +00:00
ashisgreat22
a87fd37489 Add Brave Search web search to OpenClaw 
- Enable web_search tool with Brave provider
- Add openclaw_brave_api_key secret to SOPS configuration
- Add BRAVE_API_KEY to openclaw.env template

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 02:50:09 +01:00
ashisgreat22
2d7a67bac9 Add CLAUDE.md for future Claude Code instances 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 02:42:21 +01:00
ashisgreat22
4d9c61da10 Fix exec config: use valid options (security: full, ask: off) 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 02:36:59 +01:00
ashisgreat22
3ef4234d07 Enable elevated tools with auto-approve (no permission prompts) 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 02:36:04 +01:00
ashisgreat22
a91e6ac883 Add Discord token to config with env variable substitution 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 02:29:15 +01:00
ashisgreat22
9f734de29e Add allowFrom for Discord dmPolicy=open 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 02:26:40 +01:00
ashisgreat22
b5901efde8 Fix JSON syntax: add missing closing brace in openclaw-config.json 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 02:24:55 +01:00
ashisgreat22
99a424aa34 Add channels.discord config to Openclaw 2026-03-18 01:58:51 +01:00
ashisgreat22
19bcc4c5fc Use loopback binding for OpenClaw (no auth required) 2026-03-18 01:54:55 +01:00
ashisgreat22
636fbd0597 Fix gateway.bind to use 'lan' mode instead of legacy format 2026-03-18 01:52:26 +01:00
ashisgreat22
175c0acf22 Fix OpenClaw config volume path to /home/node 2026-03-18 01:47:37 +01:00
ashisgreat22
ae5e61cb6e Fix openclaw config syntax - use external json file 
- Move openclaw config to separate json file
- Reference file directly in podman module
- Remove problematic builtins.toJSON with nested arrays

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 01:37:46 +01:00
ashisgreat22
a595445bd2 Convert Openclaw to Podman container 
- Use official ghcr.io/openclaw/openclaw image
- configure via JSON config file
- containerized for better isolation

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-18 01:35:02 +01:00
ashisgreat22
11a588a4d9 Fix api type to openai-completions 2026-03-17 21:38:46 +01:00
ashisgreat22
396d1bd048 Copy config to OpenClaw's actual config location 2026-03-17 21:35:28 +01:00
ashisgreat22
68240b7319 Set openclaw as owner of sops template 2026-03-17 21:32:37 +01:00
ashisgreat22
d7c3bd0775 Fix EnvironmentFile merge with mkMerge 2026-03-17 21:26:51 +01:00
ashisgreat22
2dd8ef2797 Add --allow-unconfigured flag to openclaw 2026-03-17 21:19:08 +01:00
ashisgreat22
50b99b008c Run openclaw gateway in foreground mode 2026-03-17 21:17:12 +01:00
ashisgreat22
ff397d7d8c Add bash to PATH for shell scripts 2026-03-17 21:15:11 +01:00
ashisgreat22
36880c0135 Fix PATH environment variable for git access 2026-03-17 21:13:47 +01:00
ashisgreat22
cd801d325b Add git to OpenClaw service PATH for npm deps 2026-03-17 21:12:18 +01:00
ashisgreat22
cf27c28389 Add home dir to ReadWritePaths for npm cache 2026-03-17 21:08:25 +01:00
ashisgreat22
b9976c04ef Fix cp command shell syntax in OpenClaw 2026-03-17 21:07:26 +01:00
ashisgreat22
416432be17 Fix OpenClaw systemd service configuration 2026-03-17 21:06:14 +01:00
ashisgreat22
da5a408853 Set maxTokens to 128k for all z.ai models 2026-03-17 21:04:00 +01:00
ashisgreat22
a26e75b7a7 Update z.ai API URL and models 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 21:03:26 +01:00
ashisgreat22
1d11816a55 Remove OpenAI, use z.ai for OpenClaw 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 20:59:05 +01:00
ashisgreat22
1748360922 Add z.ai API key to OpenClaw secrets 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 20:55:40 +01:00
ashisgreat22
3a885463f0 Add OpenClaw AI Agent module 
- Systemd service running OpenClaw gateway
- Configurable via sops secrets
- Runs on localhost:18789

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 20:55:15 +01:00
ashisgreat22
f013863986 Simplify SearXNG module to use root-based podman 
Remove complex rootless container setup that was causing
dependency issues with user-runtime-dir services.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 20:17:20 +01:00
ashisgreat22
e44340d3eb Update nixpkgs to unstable for Go 1.25 support 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 20:10:18 +01:00
ashisgreat22
1e26b2a3b5 Fix sops-nix version compatibility 
Remove nixpkgs follows to allow sops-nix to use its own nixpkgs
with Go 1.25 support.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 20:07:34 +01:00
ashisgreat22
d71426adae . 2026-03-17 18:59:15 +00:00
ashisgreat22
24d01ac630 Add modular service configuration with SearXNG and Nginx 
- Create modules/ directory with reusable NixOS modules
- Add system module for main user configuration
- Add podman module for rootless container support
- Add nginx module with automatic Let's Encrypt SSL
- Add searxng module with Anubis AI firewall protection
- Configure SearXNG at search.ashisgreat.xyz
- Enable nginx reverse proxy with HTTPS

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 19:47:43 +01:00
ashisgreat22
5dcb85e56d Add sops-nix for secrets management 
- Add flake.nix with sops-nix input
- Configure sops with age key encryption
- Add .sops.yaml template for age key configuration
- Create secrets/ directory for encrypted secrets
- Add .gitignore for age keys and nix result symlinks

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 19:34:10 +01:00
ashisgreat22
58905b7666 Add security hardening and basic VPS setup 
- Enable firewall with only SSH port 22 open, disable ping
- Harden SSH: disable root login and password auth
- Create non-root user 'ashie' with sudo access
- Add htop and tmux to system packages
- Enable automatic NixOS updates (no auto-reboot)
- Fix hostname syntax error (missing closing quote)
- Remove duplicate nixos/ subdirectory

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 19:28:26 +01:00
ashisgreat22
e2277631af Merge branch 'main' of github.com:ashisgreat22/nixos-vps 2026-03-17 18:22:52 +00:00
System administrator
2e768daefa Initial commit 2026-03-17 18:20:35 +00:00
ashisgreat1122
d62a6fd0dc
Initial commit 2026-03-17 19:18:13 +01:00