pew pew. I added tailscale, happily learn that home manager and agenix exists and we got caddy with cloudflare dns working!!

why tailscale?… well, with it i don’t need to expose my machine to the outside world, i can just connect to it via tailscale and do the same stuff i would if i was connecting to it via its public ip. Now i can just firewall it and only let in cloudflare ips :D.

home manager to just give me the birb kisses (mwa :3), giving me the same stuff I already have on mah terminal in my arch laptop but on my vps AND it do be using some pretty syntax making me not juggle around config files for each hecking thing I want to add. and also it lets me install stuff for “my user” instead of the whole system, pretty neat.

AGENIX, ah, storing secrets havent been easier. I just have to do “agenix -e name.age” set the secrets in there and boom, i can use it in my config file without worrying about it being exposed because i somehow committed the .env file. It just decrypts it on the vps, i just followed the tutorial on the agenix repo and it really was straight forward. sadly i have to manually set the “where is this secret stored” to be able to really use it (i just use another .nix file to not make my main config file too cluttered with stuffies).

and finally, caddy with cloudflare dns. at first i was thinking about using cloudflared (cloudflare tunnels) but i indeed ended up not using it because I AM ALREADY PAYING FOR A ipv4 ADDRESS FOR GODS sake, soooo I just set up caddy with cloudflare dns, had some problemos because it didn’t like having “https://” on the url and that i needed a dummy hash so when building the flake (is that how its called?) it would give me the real hash. The idea is that i make something that lets me make new services, like a pretty template, setting up the caddy config, a systemd service and a user with a group for it.

oh and also, i enabled postgresql. there’s not much about, i just set it as an enabled service lol.