Compare commits

..

35 commits

Author SHA1 Message Date
350ed60806
dendrite: Configure x-forwarded-for header 2024-04-24 20:32:12 +02:00
05eabe012b
matrix-sliding-sync: Communicate over loopback 2024-04-24 20:05:01 +02:00
9eac47f684
dendrite: Clean up config 2024-04-24 17:53:35 +02:00
de16b8c700
heimdall: forward all requests to dendrite 2024-04-24 17:53:16 +02:00
625b975884
dendrite: Maybe use server_name without subdomain 2024-04-24 16:47:21 +02:00
5a4daa1aa5
dendrite: Enable debug logging 2024-04-24 16:34:58 +02:00
8ac6f9a4c1
neo: Bind matrix-sliding-sync to 0.0.0.0 2024-04-24 15:37:02 +02:00
2142c7f275
heimdall: Add sliding sync server to matrix client well-known 2024-04-24 15:36:38 +02:00
f9c318a042
dendrite: Reduce max open connections 2024-04-24 15:12:58 +02:00
7ed141d52e
postgresql: Create roles 2024-04-24 15:11:52 +02:00
6f424db18b
dendrite: Don't escape $CREDENTIALS_DIRECTORY? 2024-04-24 15:09:04 +02:00
a33318c725
dendrite: Use alternate syntax for connection string 2024-04-24 15:07:40 +02:00
065838d865
dendrite: Set media_api base_path 2024-04-24 15:06:42 +02:00
e532ad8538
dendrite: Use LoadCredential to load private key 2024-04-24 15:06:40 +02:00
c80dd6998b
Remove unused input 2024-04-24 14:46:49 +02:00
9b914f2f3d
keycloak: Update admin UI 2024-04-24 14:46:48 +02:00
848b227880
machines: Remove obsolete attrs 2024-04-24 14:46:47 +02:00
51e4a3adc5
Add neo, a Matrix server 2024-04-24 14:46:45 +02:00
7fa8cb1b01
heimdall: Split caddy config into separate file and add dendrite config 2024-04-24 13:58:04 +02:00
1737374346
valkyrie: Let coredns handle all domains 2024-04-23 19:47:48 +02:00
23e1a21429
valkyrie: Route Tailscale hosts through coredns 2024-04-23 19:31:04 +02:00
4a624b20cb
valkyrie: Set HOME variable in coredns service env 2024-04-23 17:04:08 +02:00
b708e4f334
devShell: Add lswt 2024-04-23 16:32:38 +02:00
7ec5a372ae
gh: Set protocol to https 2024-04-23 16:32:30 +02:00
51642fa9f3
river: Add mapping for zoom 2024-04-23 16:32:20 +02:00
f5009b1ca1
valkyrie: Set coredns vendorHash 2024-04-23 16:32:01 +02:00
a8b3e5e860
sunshine: It's in nixos now 2024-04-23 16:31:37 +02:00
756e3c44b7
dir-locals: Revert back to nixfmt 2024-04-23 16:30:56 +02:00
8154ca934a
flake.lock: Update
Flake lock file updates:

• Updated input 'atuin':
    'github:atuinsh/atuin/98350f52df1d783886313682a5eada8a729cbaed?narHash=sha256-DA7jYt28ProoSTiSMXgNYCR/Lz1I%2BEtWVEslfpHVqKs%3D' (2024-04-19)
  → 'github:atuinsh/atuin/8b8844887b94a4b750fbfe128317ef4c2a042485?narHash=sha256-4v87Af84q0anMW5OieA/Sbzqo4nR%2Bj5BNPGbGKo0P40%3D' (2024-04-22)
• Updated input 'disko':
    'github:nix-community/disko/1efd500e9805a9efbce401ed5999006d397b9f11?narHash=sha256-kwZvhmx%2BhSZvjzemKxsAqzEqWmXZS47VVwQhNrINORQ%3D' (2024-04-18)
  → 'github:nix-community/disko/b8785a1c37f6176b6bc3d2939df329ab3a8f226c?narHash=sha256-9hFaSpgx%2BrZgGVLsjWdT%2BQUGyZplUyGdK45IoWEx1GM%3D' (2024-04-22)
• Updated input 'emacs-overlay':
    'github:nix-community/emacs-overlay/c5caaf3b6d4f711e5a408ada4dc4c36537a18372?narHash=sha256-5I/Nn0ibs16JVU5xLEjPx3AXBQxs86wxrJOWH8iVHTg%3D' (2024-04-19)
  → 'github:nix-community/emacs-overlay/9b960970b5d0e7594aae8732d92561b988e3e1f0?narHash=sha256-YXuUD/1k061TAMV%2BDrfwvofoLriGBxOY1I2Va6XrXQw%3D' (2024-04-23)
• Updated input 'emacs-overlay/nixpkgs-stable':
    'github:NixOS/nixpkgs/e402c3eb6d88384ca6c52ef1c53e61bdc9b84ddd?narHash=sha256-jpHkAt0sG2/J7ueKnG7VvLLkBYUMQbXQ2L8OBpVG53s%3D' (2024-04-17)
  → 'github:NixOS/nixpkgs/a5e4bbcb4780c63c79c87d29ea409abf097de3f7?narHash=sha256-9ZR/Rbx5/Z/JZf5ehVNMoz/s5xjpP0a22tL6qNvLt5E%3D' (2024-04-21)
• Updated input 'eww':
    'github:elkowar/eww/1e37f53e99016aa2cd725d7050788bb5d4fcc76a?narHash=sha256-dm4bufwlVDUE4ndsR6cAPur75hvlVRzIxbMKJCizutg%3D' (2024-04-14)
  → 'github:elkowar/eww/acf57a8396d19cd160786223b04b950509e46a4b?narHash=sha256-LHwfc%2BMexlqewfjm2onPz74ZMRf/n%2Be7aAuYz08qPUE%3D' (2024-04-21)
• Updated input 'home-manager':
    'github:nix-community/home-manager/938357cb234e85da37109df2cdd9cc59ab9c1cc0?narHash=sha256-zju60y4pyYQoRmqhbgkw%2BjwmKZReVsCNvb8mZxID2Do%3D' (2024-04-19)
  → 'github:nix-community/home-manager/67de98ae6eed5ad6f91b1142356d71a87ba97f21?narHash=sha256-aw3xbVPJauLk/bbrlakIYxKpeuMWzA2feGrkIpIuXd8%3D' (2024-04-22)
• Updated input 'nix-ld-rs':
    'github:nix-community/nix-ld-rs/6b76b4aa158819d6bce637485c4cdd710517c6ce?narHash=sha256-345jReT2AFR6VK0KYAEmIjsMvlCCFsoT0Xaku6Nw1fQ%3D' (2024-04-13)
  → 'github:nix-community/nix-ld-rs/c4f56b515ed0bf8c2cd4d6a13224067017a6dc39?narHash=sha256-8LBvfDbnuPMrF43bmejUZwD9TuP081iuG1nLl8m0jM4%3D' (2024-04-20)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/66adc1e47f8784803f2deb6cacd5e07264ec2d5c?narHash=sha256-hOkzkhLT59wR8VaMbh1ESjtZLbGi%2BXNaBN6h49SPqEc%3D' (2024-04-16)
  → 'github:nixos/nixpkgs/6143fc5eeb9c4f00163267708e26191d1e918932?narHash=sha256-%2Bz/XjO3QJs5rLE5UOf015gdVauVRQd2vZtsFkaXBq2Y%3D' (2024-04-21)
• Updated input 'pre-commit-hooks':
    'github:cachix/git-hooks.nix/40e6053ecb65fcbf12863338a6dcefb3f55f1bf8?narHash=sha256-nMirxrGteNAl9sWiOhoN5tIHyjBbVi5e2tgZUgZlK3Y%3D' (2024-04-12)
  → 'github:cachix/git-hooks.nix/2ac4dcbf55ed43f3be0bae15e181f08a57af24a4?narHash=sha256-Wu9cdYTnGQQwtT20QQMg7jzkANKQjwBD9iccfGKkfls%3D' (2024-04-22)
• Updated input 'rust-overlay':
    'github:oxalica/rust-overlay/1e9264d1214d3db00c795b41f75d55b5e153758e?narHash=sha256-Zv%2BZQq3X%2BEH6oogkXaJ8dGN8t1v26kPZgC5bki04GnM%3D' (2024-04-19)
  → 'github:oxalica/rust-overlay/28a9436d356181603fb0d333565431c3d952f299?narHash=sha256-lCdDz6/YgyXdFRHall3P%2BdCETRpfz3Pi9eREnA9RX6k%3D' (2024-04-23)
• Updated input 'sops':
    'github:Mic92/sops-nix/a929a011a09db735abc45a8a45d1ff7fdee62755?narHash=sha256-vfKxhYVMzG2tg48/1rewBoSLCrKIjQsG1j7Nm/Y2gf4%3D' (2024-04-19)
  → 'github:Mic92/sops-nix/4371a1301c4d36cc791069d90ae522613a3a335e?narHash=sha256-xyP8h9jLQ0AmyPy40sIwL7/D03oVpXG9YHoYJ4ecYWA%3D' (2024-04-22)
• Updated input 'sops/nixpkgs-stable':
    'github:NixOS/nixpkgs/8494ae076b7878d61a7d2d25e89a847fe8f8364c?narHash=sha256-%2B/p5edwlkqKZc6GDAQl%2B92Hoe1f3NNbUF9uj%2BX9H3pU%3D' (2024-04-18)
  → 'github:NixOS/nixpkgs/74574c38577914733b4f7a775dd77d24245081dd?narHash=sha256-q7APLfB6FmmSMI1Su5ihW9IwntBsk2hWNXh8XtSdSIk%3D' (2024-04-20)
2024-04-23 10:55:50 +02:00
5abc425287
river: Remove pre-assigned tags, fix rofi-power command, fix calculator appid 2024-04-23 10:49:08 +02:00
d04c572632
Update nil formatting command 2024-04-22 17:49:42 +02:00
0e6da5207d
emacs: Disable title bar 2024-04-22 17:49:40 +02:00
eb403e3ee3
valkyrie: Add coredns to handle tailscale hosts 2024-04-22 17:49:39 +02:00
8e8678120b
Add initial config for river 2024-04-22 17:42:31 +02:00
9f76b04fd7
flake.lock: Update
Flake lock file updates:

• Updated input 'atuin':
    'github:atuinsh/atuin/00dfc034ed8c816de97824b510f3849420893555?narHash=sha256-gEIloC2%2BQgrCoAm5wOY%2B4Hel3/6rHREbWSvhBPtwpto%3D' (2024-04-18)
  → 'github:atuinsh/atuin/98350f52df1d783886313682a5eada8a729cbaed?narHash=sha256-DA7jYt28ProoSTiSMXgNYCR/Lz1I%2BEtWVEslfpHVqKs%3D' (2024-04-19)
• Updated input 'emacs-overlay':
    'github:nix-community/emacs-overlay/65297336c6db39d94adb8156d811d800b253fded?narHash=sha256-6fXEcCAzhWrouGPJeAmV7oN/Ur0XJtUgQKfA%2BTofoXU%3D' (2024-04-19)
  → 'github:nix-community/emacs-overlay/c5caaf3b6d4f711e5a408ada4dc4c36537a18372?narHash=sha256-5I/Nn0ibs16JVU5xLEjPx3AXBQxs86wxrJOWH8iVHTg%3D' (2024-04-19)
• Updated input 'home-manager':
    'github:nix-community/home-manager/ff1c3646541316258b1ca64e9b25d4c9cca8e587?narHash=sha256-e8%2BZgayVccw6h8ay15jM9hXh%2BsjZDc1XdBGLn3pdYdc%3D' (2024-04-18)
  → 'github:nix-community/home-manager/938357cb234e85da37109df2cdd9cc59ab9c1cc0?narHash=sha256-zju60y4pyYQoRmqhbgkw%2BjwmKZReVsCNvb8mZxID2Do%3D' (2024-04-19)
• Updated input 'naersk':
    'github:nix-community/naersk/aeb58d5e8faead8980a807c840232697982d47b9?narHash=sha256-/TdeHMPRjjdJub7p7%2Bw55vyABrsJlt5QkznPYy55vKA%3D' (2023-10-27)
  → 'github:nix-community/naersk/c5037590290c6c7dae2e42e7da1e247e54ed2d49?narHash=sha256-CO8MmVDmqZX2FovL75pu5BvwhW%2BVugc7Q6ze7Hj8heI%3D' (2024-04-19)
• Updated input 'nixos-hardware':
    'github:NixOS/nixos-hardware/6f976e53752e5b9ab08f9a3b1b0b9c67815c9754?narHash=sha256-3GGeFsEO8ivD%2BTcDEqe4s/d0VLvMYGNDGtx0ZnBxkUs%3D' (2024-04-18)
  → 'github:NixOS/nixos-hardware/5d48925b815fd202781bfae8fb6f45c07112fdb2?narHash=sha256-EwR8wW9AqJhSIY%2B0oxWRybUZ32BVKuZ9bjlRh8SJvQ8%3D' (2024-04-19)
• Updated input 'sops':
    'github:Mic92/sops-nix/b94c6edbb8355756c53efc8ca3874c63622f287a?narHash=sha256-31MpStyXedDL1fvuOvn6iz3JURSVShDtDVMyP1PTjtc%3D' (2024-04-18)
  → 'github:Mic92/sops-nix/a929a011a09db735abc45a8a45d1ff7fdee62755?narHash=sha256-vfKxhYVMzG2tg48/1rewBoSLCrKIjQsG1j7Nm/Y2gf4%3D' (2024-04-19)
2024-04-19 20:22:36 +02:00
28 changed files with 1099 additions and 350 deletions

View file

@ -9,9 +9,11 @@ keys:
- &heimdall age1z94c897pvq4tx0xwsj6wr8emnlpmk6u0xks75rydga6r33dlapjqyqqacc
- &mimir age192a3nepaclecjjkxssszueak6rxar49prceplvvxc5m4f3ww7g5qpfgdqj
- &minio age1cjxe2e7zemvs0jacjawug6k2qnmcpvnka3e04mfzp939h7hppydqrlp6l5
- &neo age1s95yw988he30l6wegfwquh4nh03jst2tvyu4ykng4g88h7s3a3rs5zh5fp
- &nix-cache age1ffpkfl4ged52ym7ynyhjc40t9v2g6pgjp4ue670lxcr6mxy7mdtqt5qjlq
- &proxy age1yz7k9s5plamjq425memjh00y4sdldgdhpwxqpx9gk9wutttx9scsdg3qd5
- &saga age10advysga7fpkh7uuv9a7phs77c5khswf5c9q9txvrauxtqr4yu0sk2r75v
- &valkyrie age139zg5z02dx3j70tl6sn2l9kq0nfz2ddkffx0grlh7gg28dafhq6qd2sj6f
creation_rules:
- path_regex: machines/loki/[^/]+\.yaml$
key_groups:
@ -61,6 +63,12 @@ creation_rules:
- *erwin
- *erwin_horus
- *minio
- path_regex: machines/neo/[^/]+\.yaml$
key_groups:
- age:
- *erwin
- *erwin_horus
- *neo
- path_regex: machines/nix-cache/[^/]+\.yaml$
key_groups:
- age:
@ -79,3 +87,9 @@ creation_rules:
- *erwin
- *erwin_horus
- *saga
- path_regex: machines/valkyrie/[^/]+\.ya?ml$
key_groups:
- age:
- *erwin
- *erwin_horus
- *valkyrie

109
flake.lock generated
View file

@ -54,11 +54,11 @@
]
},
"locked": {
"lastModified": 1713454967,
"narHash": "sha256-gEIloC2+QgrCoAm5wOY+4Hel3/6rHREbWSvhBPtwpto=",
"lastModified": 1713813731,
"narHash": "sha256-4v87Af84q0anMW5OieA/Sbzqo4nR+j5BNPGbGKo0P40=",
"owner": "atuinsh",
"repo": "atuin",
"rev": "00dfc034ed8c816de97824b510f3849420893555",
"rev": "8b8844887b94a4b750fbfe128317ef4c2a042485",
"type": "github"
},
"original": {
@ -195,11 +195,11 @@
]
},
"locked": {
"lastModified": 1713406758,
"narHash": "sha256-kwZvhmx+hSZvjzemKxsAqzEqWmXZS47VVwQhNrINORQ=",
"lastModified": 1713749408,
"narHash": "sha256-9hFaSpgx+rZgGVLsjWdT+QUGyZplUyGdK45IoWEx1GM=",
"owner": "nix-community",
"repo": "disko",
"rev": "1efd500e9805a9efbce401ed5999006d397b9f11",
"rev": "b8785a1c37f6176b6bc3d2939df329ab3a8f226c",
"type": "github"
},
"original": {
@ -219,11 +219,11 @@
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1713491175,
"narHash": "sha256-6fXEcCAzhWrouGPJeAmV7oN/Ur0XJtUgQKfA+TofoXU=",
"lastModified": 1713862442,
"narHash": "sha256-YXuUD/1k061TAMV+DrfwvofoLriGBxOY1I2Va6XrXQw=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "65297336c6db39d94adb8156d811d800b253fded",
"rev": "9b960970b5d0e7594aae8732d92561b988e3e1f0",
"type": "github"
},
"original": {
@ -243,11 +243,11 @@
]
},
"locked": {
"lastModified": 1713106678,
"narHash": "sha256-dm4bufwlVDUE4ndsR6cAPur75hvlVRzIxbMKJCizutg=",
"lastModified": 1713730154,
"narHash": "sha256-LHwfc+Mexlqewfjm2onPz74ZMRf/n+e7aAuYz08qPUE=",
"owner": "elkowar",
"repo": "eww",
"rev": "1e37f53e99016aa2cd725d7050788bb5d4fcc76a",
"rev": "acf57a8396d19cd160786223b04b950509e46a4b",
"type": "github"
},
"original": {
@ -563,11 +563,11 @@
]
},
"locked": {
"lastModified": 1713479280,
"narHash": "sha256-e8+ZgayVccw6h8ay15jM9hXh+sjZDc1XdBGLn3pdYdc=",
"lastModified": 1713818326,
"narHash": "sha256-aw3xbVPJauLk/bbrlakIYxKpeuMWzA2feGrkIpIuXd8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "ff1c3646541316258b1ca64e9b25d4c9cca8e587",
"rev": "67de98ae6eed5ad6f91b1142356d71a87ba97f21",
"type": "github"
},
"original": {
@ -607,11 +607,11 @@
]
},
"locked": {
"lastModified": 1698420672,
"narHash": "sha256-/TdeHMPRjjdJub7p7+w55vyABrsJlt5QkznPYy55vKA=",
"lastModified": 1713520724,
"narHash": "sha256-CO8MmVDmqZX2FovL75pu5BvwhW+Vugc7Q6ze7Hj8heI=",
"owner": "nix-community",
"repo": "naersk",
"rev": "aeb58d5e8faead8980a807c840232697982d47b9",
"rev": "c5037590290c6c7dae2e42e7da1e247e54ed2d49",
"type": "github"
},
"original": {
@ -655,11 +655,11 @@
]
},
"locked": {
"lastModified": 1713026309,
"narHash": "sha256-345jReT2AFR6VK0KYAEmIjsMvlCCFsoT0Xaku6Nw1fQ=",
"lastModified": 1713589173,
"narHash": "sha256-8LBvfDbnuPMrF43bmejUZwD9TuP081iuG1nLl8m0jM4=",
"owner": "nix-community",
"repo": "nix-ld-rs",
"rev": "6b76b4aa158819d6bce637485c4cdd710517c6ce",
"rev": "c4f56b515ed0bf8c2cd4d6a13224067017a6dc39",
"type": "github"
},
"original": {
@ -670,11 +670,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1713441075,
"narHash": "sha256-3GGeFsEO8ivD+TcDEqe4s/d0VLvMYGNDGtx0ZnBxkUs=",
"lastModified": 1713521961,
"narHash": "sha256-EwR8wW9AqJhSIY+0oxWRybUZ32BVKuZ9bjlRh8SJvQ8=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "6f976e53752e5b9ab08f9a3b1b0b9c67815c9754",
"rev": "5d48925b815fd202781bfae8fb6f45c07112fdb2",
"type": "github"
},
"original": {
@ -735,11 +735,11 @@
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1713344939,
"narHash": "sha256-jpHkAt0sG2/J7ueKnG7VvLLkBYUMQbXQ2L8OBpVG53s=",
"lastModified": 1713725259,
"narHash": "sha256-9ZR/Rbx5/Z/JZf5ehVNMoz/s5xjpP0a22tL6qNvLt5E=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e402c3eb6d88384ca6c52ef1c53e61bdc9b84ddd",
"rev": "a5e4bbcb4780c63c79c87d29ea409abf097de3f7",
"type": "github"
},
"original": {
@ -767,11 +767,11 @@
},
"nixpkgs-stable_4": {
"locked": {
"lastModified": 1713434076,
"narHash": "sha256-+/p5edwlkqKZc6GDAQl+92Hoe1f3NNbUF9uj+X9H3pU=",
"lastModified": 1713638189,
"narHash": "sha256-q7APLfB6FmmSMI1Su5ihW9IwntBsk2hWNXh8XtSdSIk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8494ae076b7878d61a7d2d25e89a847fe8f8364c",
"rev": "74574c38577914733b4f7a775dd77d24245081dd",
"type": "github"
},
"original": {
@ -783,11 +783,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1713297878,
"narHash": "sha256-hOkzkhLT59wR8VaMbh1ESjtZLbGi+XNaBN6h49SPqEc=",
"lastModified": 1713714899,
"narHash": "sha256-+z/XjO3QJs5rLE5UOf015gdVauVRQd2vZtsFkaXBq2Y=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "66adc1e47f8784803f2deb6cacd5e07264ec2d5c",
"rev": "6143fc5eeb9c4f00163267708e26191d1e918932",
"type": "github"
},
"original": {
@ -838,11 +838,11 @@
"nixpkgs-stable": "nixpkgs-stable_3"
},
"locked": {
"lastModified": 1712897695,
"narHash": "sha256-nMirxrGteNAl9sWiOhoN5tIHyjBbVi5e2tgZUgZlK3Y=",
"lastModified": 1713775815,
"narHash": "sha256-Wu9cdYTnGQQwtT20QQMg7jzkANKQjwBD9iccfGKkfls=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "40e6053ecb65fcbf12863338a6dcefb3f55f1bf8",
"rev": "2ac4dcbf55ed43f3be0bae15e181f08a57af24a4",
"type": "github"
},
"original": {
@ -876,7 +876,6 @@
"pre-commit-hooks": "pre-commit-hooks",
"rust-overlay": "rust-overlay_2",
"sops": "sops",
"sunshine": "sunshine",
"treefmt-nix": "treefmt-nix"
}
},
@ -915,11 +914,11 @@
]
},
"locked": {
"lastModified": 1713492869,
"narHash": "sha256-Zv+ZQq3X+EH6oogkXaJ8dGN8t1v26kPZgC5bki04GnM=",
"lastModified": 1713838472,
"narHash": "sha256-lCdDz6/YgyXdFRHall3P+dCETRpfz3Pi9eREnA9RX6k=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "1e9264d1214d3db00c795b41f75d55b5e153758e",
"rev": "28a9436d356181603fb0d333565431c3d952f299",
"type": "github"
},
"original": {
@ -936,11 +935,11 @@
"nixpkgs-stable": "nixpkgs-stable_4"
},
"locked": {
"lastModified": 1713457024,
"narHash": "sha256-31MpStyXedDL1fvuOvn6iz3JURSVShDtDVMyP1PTjtc=",
"lastModified": 1713775152,
"narHash": "sha256-xyP8h9jLQ0AmyPy40sIwL7/D03oVpXG9YHoYJ4ecYWA=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "b94c6edbb8355756c53efc8ca3874c63622f287a",
"rev": "4371a1301c4d36cc791069d90ae522613a3a335e",
"type": "github"
},
"original": {
@ -981,30 +980,6 @@
"type": "github"
}
},
"sunshine": {
"inputs": {
"flake-parts": [
"flake-parts"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1705261503,
"narHash": "sha256-88kkBSwPjdGLY5U4q5rD0IjxRQ8Si1QaqeI00Z2Fib4=",
"ref": "main",
"rev": "223fb72217b97ed13248713b5825b234023eed83",
"revCount": 13,
"type": "git",
"url": "https://git.datarift.nl/erwin/sunshine.git"
},
"original": {
"ref": "main",
"type": "git",
"url": "https://git.datarift.nl/erwin/sunshine.git"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,

View file

@ -142,14 +142,6 @@
};
};
sunshine = {
url = "git+https://git.datarift.nl/erwin/sunshine.git?ref=main";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-parts.follows = "flake-parts";
};
};
git-fs-monitor = {
url = "git+https://git.datarift.nl/erwin/git-fs-monitor.git?ref=main";
inputs = {
@ -303,6 +295,7 @@
config.packages.git-repo-go
inputs'.colmena.packages.colmena
just
lswt
multimarkdown
nix-diff
nix-init

View file

@ -262,9 +262,11 @@ Enable line wrapping
(global-visual-line-mode 1)
#+end_src
Disable toolbar and scroll bar
Disable title bar, toolbar and scroll bar
#+begin_src emacs-lisp
; This needs to go before scroll-bar-mode
(setq-default default-frame-alist '((undecorated . t)))
(tool-bar-mode -1)
(menu-bar-mode -1)
(scroll-bar-mode -1)

View file

@ -178,7 +178,7 @@ in
programs.gh = {
enable = true;
settings = {
git_protocol = "ssh";
git_protocol = "https";
editor = "nvim";
prompt = "enabled";
pager = "bat";

View file

@ -0,0 +1,217 @@
{
pkgs,
config,
lib,
...
}:
with lib;
let
cfg = config.eboskma.programs.river;
mod = "Mod4";
lockcmd = "${pkgs.swaylock}/bin/swaylock --ignore-empty-password --daemonize --show-failed-attempts --indicator-caps-lock --image ${cfg.wallpaper} --scaling fill";
rofiPower = pkgs.writeShellScriptBin "rofi-power" (
builtins.replaceStrings [ "{WALLPAPER}" ] [ (builtins.toString cfg.wallpaper) ] (
builtins.readFile ./powermenu.sh
)
);
menu = "${config.programs.anyrun.package}/bin/anyrun";
directions = {
left = "n";
down = "e";
up = "i";
right = "o";
};
catppuccin = {
rosewater = "0xf5e0dc";
flamingo = "0xf2cdcd";
pink = "0xf5c2e7";
mauve = "0xcba6f7";
red = "0xf38ba8";
maroon = "0xeba0ac";
peach = "0xfab387";
yellow = "0xf9e2af";
green = "0xa6e3a1";
teal = "0x94e2d5";
sky = "0x89dceb";
sapphire = "0x74c7ec";
blue = "0x89b4fa";
lavender = "0xb4befe";
text = "0xcdd6f4";
subtext1 = "0xbac2de";
subtext0 = "0xa6adc8";
overlay2 = "0x9399b2";
overlay1 = "0x7f849c";
overlay0 = "0x6c7086";
surface2 = "0x585b70";
surface1 = "0x45475a";
surface0 = "0x313244";
base = "0x1e1e2e";
mantle = "0x181825";
crust = "0x11111b";
};
bit = b: (foldl (x: _: x * 2) 1 (builtins.genList (n: n + 1) b));
tags = map (num: {
value = bit num;
index = toString (num + 1);
}) (builtins.genList (n: n) 9);
in
{
options.eboskma.programs.river = {
enable = mkEnableOption "river";
package = mkPackageOption pkgs "river" { };
wallpaper = mkOption {
description = "Desired wallpaper";
type = types.path;
};
};
config = mkIf cfg.enable {
wayland.windowManager.river = {
enable = true;
settings = {
declare-mode = [
"normal"
"locked"
"passthrough"
];
input = {
pointer-1390-268-ELECOM_TrackBall_Mouse_HUGE_TrackBall = {
accel-profile = "adaptive";
natural-scroll = "enabled";
};
};
hide-cursor = "when-typing enabled";
set-cursor-warp = "on-output-change";
keyboard-layout-file = toString ./keyboard-layout;
map = {
normal =
{
"${mod} Return" = "spawn ${pkgs.foot}/bin/foot";
"${mod}+Shift q" = "close";
"${mod} s" = "spawn ${menu}";
"${mod} ${directions.left}" = "focus-view left";
"${mod} ${directions.right}" = "focus-view right";
"${mod} ${directions.up}" = "focus-view up";
"${mod} ${directions.down}" = "focus-view down";
"${mod}+Shift ${directions.left}" = "move left";
"${mod}+Shift ${directions.right}" = "move right";
"${mod}+Shift ${directions.up}" = "move up";
"${mod}+Shift ${directions.down}" = "move down";
"${mod}+Control ${directions.left}" = "snap left";
"${mod}+Control ${directions.right}" = "snap right";
"${mod}+Control ${directions.up}" = "snap up";
"${mod}+Control ${directions.down}" = "snap down";
"${mod} a" = "zoom";
"${mod}+Shift Space" = "toggle-float";
"${mod} t" = "toggle-fullscreen";
# Scratchpad
"${mod}+Shift minus" = "toggle-view-tags ${toString (bit 20)}";
"${mod} minus" = "toggle-focused-tags ${toString (bit 20)}";
"${mod} Print" = "spawn '${pkgs.grim}/bin/grim'";
"${mod} l" = "spawn '${lockcmd}'";
# Enable passthrough mode
"${mod} Pause" = "enter-mode passthrough";
"None XF86AudioRaiseVolume" = "spawn '${pkgs.pamedia}/bin/pamedia up'";
"None XF86AudioLowerVolume" = "spawn '${pkgs.pamedia}/bin/pamedia down'";
"None XF86AudioMute" = "spawn '${pkgs.pamedia}/bin/pamedia mute'";
"None XF86Calculator" = "spawn ${pkgs.gnome.gnome-calculator}/bin/gnome-calculator";
"${mod} c" = mkIf config.eboskma.programs.emacs.enable "spawn '${config.eboskma.programs.emacs.package}/bin/emacsclient -c'";
"${mod} d" = "spawn '${pkgs.swaynotificationcenter}/bin/swaync-client --toggle-panel --skip-wait'";
"${mod}+Shift d" = "spawn '${pkgs.swaynotificationcenter}/bin/swaync-client --toggle-dnd --skip-wait'";
"${mod}+Shift f" = "spawn ${rofiPower}/bin/rofi-power";
"${mod}+Shift+Alt ${directions.left}" = "send-layout-cmd rivertile 'main-ratio -0.05'";
"${mod}+Shift+Alt ${directions.right}" = "send-layout-cmd rivertile 'main-ratio +0.05'";
"${mod}+Shift+Control ${directions.left}" = "send-layout-cmd rivertile 'main-location left'";
"${mod}+Shift+Control ${directions.right}" = "send-layout-cmd rivertile 'main-location right'";
"${mod}+Shift+Control ${directions.up}" = "send-layout-cmd rivertile 'main-location top'";
"${mod}+Shift+Control ${directions.down}" = "send-layout-cmd rivertile 'main-location bottom'";
}
// builtins.listToAttrs (
map (tag: {
name = "${mod} ${toString tag.index}";
value = "set-focused-tags ${toString tag.value}";
}) tags
)
// builtins.listToAttrs (
map (tag: {
name = "${mod}+Control ${toString tag.index}";
value = "toggle-view-tags ${toString tag.value}";
}) tags
)
// builtins.listToAttrs (
map (tag: {
name = "${mod}+Shift ${toString tag.index}";
value = "set-view-tags ${toString tag.value}";
}) tags
);
passthrough = {
"${mod} Pause" = "enter-mode normal";
};
};
map-pointer = {
normal = {
"${mod} BTN_LEFT" = "move-view";
"${mod} BTN_RIGHT" = "resize-view";
};
};
spawn-tagmask = toString (builtins.bitXor ((bit 32) - 1) (bit 20));
spawn = [
# "'${ewwDaemon} --restart open bar-home'"
"'${pkgs.swaybg}/bin/swaybg --image ${cfg.wallpaper} --mode fill'"
];
rule-add = {
"-app-id" = {
"org.gnome.Calculator" = "float";
};
};
default-layout = "rivertile";
border-width = 1;
border-color-focused = catppuccin.lavender;
border-color-unfocused = catppuccin.overlay0;
border-color-urgent = catppuccin.peach;
# target title bg text indicator border
# client.focused $lavender $base $text $rosewater $lavender
# client.focused_inactive $overlay0 $base $text $rosewater $overlay0
# client.unfocused $overlay0 $base $text $rosewater $overlay0
# client.urgent $peach $base $peach $overlay0 $peach
# client.placeholder $overlay0 $base $text $overlay0 $overlay0
# client.background $base
};
extraConfig = ''
${cfg.package}/bin/rivertile -view-padding 10 -outer-padding 5 &
'';
};
};
}

View file

@ -0,0 +1,9 @@
// mode: c-ts-mode
default partial alphanumeric_keys;
xkb_symbols "basic" {
include "us(altgr-intl)";
include "eurosign(5)";
name[Group1] = "English (US, international with AltGr and Euro sign)";
};

View file

@ -0,0 +1,59 @@
# shellcheck disable=SC2148
confirm() {
rofi -dmenu \
-i \
-no-fixed-num-lines \
-p "Are you sure? [y/n]: " \
-theme power
}
# Options
shutdown="󰐥" # Icon: power
reboot="󰜉" # Icon: restart
lock="󰌾" # Icon: lock
hibernate="󰤄" # Icon: power_sleep
exit_wm="󰗼" # Icon: exit_to_app
#shutdown="S"
#reboot="R"
#lock="L"
#hibernate="S"
#exit_wm="E"
# Variable passed to rofi
options="${shutdown}\n${reboot}\n${lock}\n${hibernate}\n${exit_wm}"
uptime=$(uptime | awk '{print $1}' || true)
lockcmd="swaylock --ignore-empty-password --daemonize --show-failed-attempts --indicator-caps-lock --image {WALLPAPER} --scaling fill"
chosen="$(echo -e "${options}" | rofi -theme power -p "Uptime: ${uptime}" -dmenu -selected-row 2)"
if [[ ${chosen} == "" ]]; then
exit 0
fi
if [[ ${chosen} == "${lock}" ]]; then
${lockcmd}
exit 0
fi
answer=$(confirm)
if [[ ${answer} == "y" ]]; then
case "${chosen}" in
"${shutdown}")
systemctl poweroff
;;
"${reboot}")
systemctl reboot
;;
"${hibernate}")
${lockcmd}
systemctl hibernate
;;
"${exit_wm}")
riverctl exit
;;
*) ;;
esac
fi

View file

@ -347,8 +347,11 @@ in
timeouts =
let
resumeMessages = builtins.concatStringsSep ", " (
builtins.map (name: "output ${name} power on") (builtins.attrNames cfg.output)
poweroffOpts = builtins.concatStringsSep " " (
builtins.map (name: "--output ${name} --off") (builtins.attrNames cfg.output)
);
resumeOpts = builtins.concatStringsSep " " (
builtins.map (name: "--output ${name} --on") (builtins.attrNames cfg.output)
);
in
[
@ -358,8 +361,8 @@ in
}
{
timeout = 1200;
command = "${cfg.package}/bin/swaymsg 'output * power off'";
resumeCommand = "${cfg.package}/bin/swaymsg '${resumeMessages}'";
command = "${pkgs.wlr-randr}/bin/wlr-randr ${poweroffOpts}";
resumeCommand = "${pkgs.wlr-randr}/bin/wlr-randr '${resumeOpts}'";
}
];
};

View file

@ -23,25 +23,26 @@ in
height = 32;
modules-left = [
"sway/workspaces"
"wlr/workspaces"
"river/tags"
"river/mode"
"sway/workspaces"
"sway/mode"
"custom/now_playing"
];
modules-center = [
"sway/window"
"hyprland/window"
"river/window"
];
modules-right = [
"network"
"memory"
"cpu"
"temperature"
"custom/keyboard-layout"
"wireplumber"
"tray"
"clock#date"
"clock#time"
"tray"
"idle_inhibitor"
"custom/notifications"
];
@ -67,15 +68,6 @@ in
};
};
"custom/keyboard-layout" = {
exec = ''${pkgs.sway}/bin/swaymsg -t get_inputs | ${pkgs.jaq}/bin/jaq -r '.[] | select(.identifier == "36125:40349:splitkb_Kyria_rev1") | .xkb_active_layout_name' '';
interval = 30;
format = "󰌌 {}"; # Icon: keyboard
# Signal sent by Sway key binding (~/.config/sway/key-bindings)
signal = 1; # SIGHUP
tooltip = false;
};
"memory" = {
interval = 5;
format = "󰍛 {}%"; # Icon: memory
@ -93,12 +85,6 @@ in
tooltip-format = "{ifname}: {ipaddr}";
};
"sway/mode" = {
format = ''<span style="italic">󰁌 {}</span>''; # Icon: arrow_expand_all
tooltip = false;
};
# TODO: package as nix thingy
"custom/now_playing" = {
exec = "${pkgs.ha-now-playing}/bin/ha-now-playing --host home.datarift.nl --entity media_player.sonos_woonkamer --token-file /run/secrets/ha_now_playing_token";
exec-on-event = false;
@ -111,6 +97,11 @@ in
on-scroll-up = "${pkgs.ha-now-playing}/bin/ha-now-playing --host home.datarift.nl --entity media_player.sonos_woonkamer --token-file /run/secrets/ha_now_playing_token volume-down";
};
"sway/mode" = {
format = ''<span style="italic">󰁌 {}</span>''; # Icon: arrow_expand_all
tooltip = false;
};
"sway/window" = {
format = "{}";
max-length = 120;
@ -128,6 +119,16 @@ in
};
};
"river/mode" = {
format = ''<span style="italic">󰁌 {}</span>''; # Icon: arrow_expand_all
};
"river/tags" = { };
"river/window" = {
max-length = 120;
};
"wlr/workspaces" = {
all-outputs = false;
# disable-scroll = true;
@ -206,198 +207,7 @@ in
}
];
style = ''
@keyframes blink-warning {
70% {
color: white;
}
to {
color: white;
background-color: orange;
}
}
@keyframes blink-critical {
70% {
color: white;
}
to {
color: white;
background-color: red;
}
}
* {
border: none;
border-radius: 0;
min-height: 0;
margin: 0;
padding: 0;
}
#waybar {
background: rgba(0, 0, 0, 0.8);
color: white;
font-family: "Iosevka Nerd Font", sans-serif;
font-size: 13px;
}
#battery,
#clock,
#cpu,
#custom-keyboard-layout,
#memory,
#mode,
#network,
#pulseaudio,
#temperature,
#tray,
#custom-now_playing,
#idle_inhibitor {
padding-left: 10px;
padding-right: 10px;
}
#battery {
animation-timing-function: linear;
animation-iteration-count: infinite;
animation-direction: alternate;
}
#battery.warning {
color: orange;
}
#battery.critical {
color: red;
}
#battery.warning.discharging {
animation-name: blink-warning;
animation-duration: 3s;
}
#battery.critical.discharging {
animation-name: blink-critical;
animation-duration: 2s;
}
#clock {
font-weight: bold;
}
#cpu {
/* No styles */
}
#cpu.warning {
color: orange;
}
#cpu.critical {
color: red;
}
#memory {
animation-timing-function: linear;
animation-iteration-count: infinite;
animation-direction: alternate;
}
#memory.warning {
color: orange;
}
#memory.critical {
color: red;
animation-name: blink-critical;
animation-duration: 2s;
}
#mode {
background: #64727D;
border-top: 2px solid white;
/* To compensate for the top border and still have vertical centering */
padding-bottom: 2px;
}
#network {
/* No styles */
}
#network.disconnected {
color: orange;
}
#pulseaudio {
/* No styles */
}
#pulseaudio.muted {
/* No styles */
}
#custom-spotify {
color: rgb(102, 220, 105);
}
#temperature {
/* No styles */
}
#temperature.critical {
color: red;
}
#tray {
/* No styles */
}
#window {
font-weight: bold;
}
#workspaces button {
border-top: 2px solid transparent;
/* To compensate for the top border and still have vertical centering */
padding-bottom: 2px;
padding-left: 10px;
padding-right: 10px;
color: #888888;
}
#workspaces button.focused, #workspaces button.active {
border-color: #4c7899;
color: white;
background-color: #285577;
}
#workspaces button.urgent {
border-color: #c9545d;
color: #c9545d;
}
#idle_inhibitor {
background-color: transparent;
font-weight: bold;
padding-right: 10px;
}
#idle_inhibitor.activated {
background-color: #c9545d;
color: #ffffff;
}
#custom-now_playing {
font-weight: bold;
}
#custom-notifications {
padding: 0 10px;
}
'';
style = ./style.css;
};
};
}

View file

@ -0,0 +1,247 @@
@define-color rosewater #f5e0dc;
@define-color flamingo #f2cdcd;
@define-color pink #f5c2e7;
@define-color mauve #cba6f7;
@define-color red #f38ba8;
@define-color maroon #eba0ac;
@define-color peach #fab387;
@define-color yellow #f9e2af;
@define-color green #a6e3a1;
@define-color teal #94e2d5;
@define-color sky #89dceb;
@define-color sapphire #74c7ec;
@define-color blue #89b4fa;
@define-color lavender #b4befe;
@define-color text #cdd6f4;
@define-color subtext1 #bac2de;
@define-color subtext0 #a6adc8;
@define-color overlay2 #9399b2;
@define-color overlay1 #7f849c;
@define-color overlay0 #6c7086;
@define-color surface2 #585b70;
@define-color surface1 #45475a;
@define-color surface0 #313244;
@define-color base #1e1e2e;
@define-color mantle #181825;
@define-color crust #11111b;
@keyframes blink-warning {
70% {
color: @text;
}
to {
color: @text;
background-color: orange;
}
}
@keyframes blink-critical {
70% {
color: @text;
}
to {
color: @text;
background-color: red;
}
}
* {
border: none;
border-radius: 0;
color: @text;
min-height: 0;
margin: 0;
padding: 0;
}
#waybar {
background: @base;
color: @text;
font-family: "Iosevka Nerd Font", sans-serif;
font-size: 14px;
}
#battery,
#clock,
#cpu,
#custom-keyboard-layout,
#memory,
#mode,
#network,
#pulseaudio,
#temperature,
#tray,
#custom-now_playing,
#idle_inhibitor {
padding-left: 10px;
padding-right: 10px;
}
#battery {
animation-timing-function: linear;
animation-iteration-count: infinite;
animation-direction: alternate;
}
#battery.warning {
color: @peach;
}
#battery.critical {
color: @red;
}
#battery.warning.discharging {
animation-name: blink-warning;
animation-duration: 3s;
}
#battery.critical.discharging {
animation-name: blink-critical;
animation-duration: 2s;
}
#clock {
font-weight: bold;
}
#cpu {
/* No styles */
}
#cpu.warning {
color: @peach;
}
#cpu.critical {
color: @red;
}
#memory {
animation-timing-function: linear;
animation-iteration-count: infinite;
animation-direction: alternate;
}
#memory.warning {
color: @peach;
}
#memory.critical {
color: @red;
animation-name: blink-critical;
animation-duration: 2s;
}
#mode {
background: @surface0;
border-top: 2px solid @text;
/* To compensate for the top border and still have vertical centering */
padding-bottom: 2px;
}
#mode.normal {
font-size: 0;
min-width: 0;
min-height: 0;
margin: -17px;
padding: 0;
border: 0;
opacity: 0;
box-shadow: none;
background-color: transparent;
}
#network {
/* No styles */
}
#network.disconnected {
color: @peach;
}
#pulseaudio {
/* No styles */
}
#pulseaudio.muted {
/* No styles */
}
#custom-spotify {
color: rgb(102, 220, 105);
}
#temperature {
/* No styles */
}
#temperature.critical {
color: @red;
}
#tray {
/* No styles */
}
#window {
font-weight: bold;
}
#tags button,
#workspaces button {
border-top: 2px solid transparent;
/* To compensate for the top border and still have vertical centering */
padding-bottom: 2px;
padding-left: 10px;
padding-right: 10px;
color: @overlay1;
}
#tags button.focused,
#tags button.active,
#workspaces button.focused,
#workspaces button.active {
border-color: @surface2;
color: @text;
background-color: @surface0;
}
#tags button.urgent,
#workspaces button.urgent {
border-color: @red;
color: @text;
}
#tags button:not(.occupied):not(.focused) {
font-size: 0;
min-width: 0;
min-height: 0;
margin: -17px;
padding: 0;
border: 0;
opacity: 0;
box-shadow: none;
background-color: transparent;
}
#idle_inhibitor {
background-color: transparent;
font-weight: bold;
padding-right: 10px;
}
#idle_inhibitor.activated {
background-color: @red;
color: @text;
}
#custom-now_playing {
font-weight: bold;
}
#custom-notifications {
padding: 0 10px;
}

View file

@ -56,6 +56,5 @@ rec {
inputs.home-manager.nixosModules.home-manager
inputs.sops.nixosModules.sops
inputs.sunshine.nixosModules.sunshine
];
}

View file

@ -16,8 +16,6 @@ inputs: {
# host = "10.0.0.205";
host = "frigate.barn-beaver.ts.net";
targetUser = "erwin";
buildOn = "local";
substituteOnTarget = true;
tags = [ "container" ];
};
};
@ -27,8 +25,6 @@ inputs: {
# host = "10.0.0.203";
host = "gitea.barn-beaver.ts.net";
targetUser = "erwin";
buildOn = "local";
substituteOnTarget = true;
tags = [ "container" ];
};
};
@ -38,8 +34,6 @@ inputs: {
# host = "10.0.0.210";
host = "gitea-runner.barn-beaver.ts.net";
targetUser = "erwin";
buildOn = "local";
substituteOnTarget = true;
tags = [ "container" ];
};
};
@ -49,8 +43,6 @@ inputs: {
# host = "heimdall.datarift.nl";
host = "heimdall.barn-beaver.ts.net";
targetUser = "erwin";
buildOn = "local";
substituteOnTarget = true;
tags = [ "metal" ];
};
};
@ -60,8 +52,6 @@ inputs: {
# host = "10.0.0.167";
host = "10.0.0.208";
targetUser = "erwin";
buildOn = "local";
substituteOnTarget = true;
tags = [ "container" ];
};
};
@ -77,8 +67,15 @@ inputs: {
# host = "10.0.0.204";
host = "minio.barn-beaver.ts.net";
targetUser = "erwin";
buildOn = "local";
substituteOnTarget = true;
tags = [ "container" ];
};
};
neo = {
config = import ./neo/configuration.nix inputs;
deploy = {
# host = "10.0.0.213";
host = "neo.barn-beaver.ts.net";
targetUser = "erwin";
tags = [ "container" ];
};
};
@ -96,8 +93,6 @@ inputs: {
deploy = {
# host = "10.0.0.252";
host = "odin.barn-beaver.ts.net";
buildOn = "local";
substituteOnTarget = true;
tags = [ "metal" ];
};
};
@ -107,8 +102,6 @@ inputs: {
# host = "10.0.0.251";
host = "proxy.barn-beaver.ts.net";
targetUser = "erwin";
buildOn = "local";
substituteOnTarget = true;
tags = [ "container" ];
};
};
@ -131,8 +124,6 @@ inputs: {
# # deploy = {
# # host = "10.0.0.198";
# # targetUser = "erwin";
# # buildOn = "local";
# # substituteOnTarget = true;
# # };
# };
unifi = {
@ -141,8 +132,6 @@ inputs: {
# host = "10.0.0.207";
host = "unifi.barn-beaver.ts.net";
targetUser = "erwin";
buildOn = "local";
substituteOnTarget = true;
tags = [ "container" ];
};
};
@ -152,8 +141,6 @@ inputs: {
# host = "10.0.0.206";
host = "valkyrie.barn-beaver.ts.net";
targetUser = "erwin";
buildOn = "local";
substituteOnTarget = true;
tags = [ "container" ];
};
};

View file

@ -0,0 +1,44 @@
{
services.caddy = {
virtualHosts = {
"datarift.nl" = {
extraConfig = ''
@webfinger-erwin {
path /.well-known/webfinger
query resource=acct:erwin@datarift.nl
}
respond @webfinger-erwin 200 {
body `{"subject":"acct:erwin@datarift.nl","links":[{"rel":"http://openid.net/specs/connect/1.0/issuer","href":"https://id.datarift.nl/realms/datarift"}]}`
close
}
'';
};
"git.datarift.nl" = {
extraConfig = ''
reverse_proxy gitea.barn-beaver.ts.net:3000
'';
};
"boskma.frl" = {
extraConfig = ''
header /.well-known/matrix/* Content-Type application/json
header /.well-known/matrix/* Access-Control-Allow-Origin *
respond /.well-known/matrix/server `{"m.server":"matrix.boskma.frl:443"}`
respond /.well-known/matrix/client `{"m.homeserver": {"base_url":"https://matrix.boskma.frl"},"org.matrix.msc3575.proxy":{"url":"https://syncv3.boskma.frl"}}`
'';
};
"matrix.boskma.frl" = {
extraConfig = ''
reverse_proxy neo.barn-beaver.ts.net:8008
'';
};
"syncv3.boskma.frl" = {
extraConfig = ''
reverse_proxy neo.barn-beaver.ts.net:8009
'';
};
};
};
}

View file

@ -9,6 +9,8 @@
../../users/root
../../users/erwin
./caddy
];
eboskma = {
@ -122,28 +124,6 @@
enable = true;
permitCertUid = "caddy";
};
caddy = {
virtualHosts = {
"datarift.nl" = {
extraConfig = ''
@webfinger-erwin {
path /.well-known/webfinger
query resource=acct:erwin@datarift.nl
}
respond @webfinger-erwin 200 {
body `{"subject":"acct:erwin@datarift.nl","links":[{"rel":"http://openid.net/specs/connect/1.0/issuer","href":"https://id.datarift.nl/realms/datarift"}]}`
close
}
'';
};
"git.datarift.nl" = {
extraConfig = ''
reverse_proxy gitea.barn-beaver.ts.net:3000
'';
};
};
};
};
security = {

View file

@ -46,6 +46,7 @@
greetd = {
enable = true;
sway = true;
river = true;
wallpaper = ../../wallpapers/river-2560.png;
};
libvirtd.enable = false;
@ -171,9 +172,6 @@
# SteamLink
27036
27037
# Sunshine
48010
];
allowedUDPPorts = [
@ -194,11 +192,6 @@
];
allowedTCPPortRanges = [
# Sunshine
{
from = 47984;
to = 47990;
}
# Sonos / noson
{
from = 1400;
@ -377,7 +370,8 @@
teamviewer.enable = true;
sunshine = {
enable = true;
user = "erwin";
capSysAdmin = true;
# user = "erwin";
openFirewall = true;
};
nfs.server = {

View file

@ -0,0 +1,83 @@
{ self, ... }:
{ modulesPath, lib, ... }:
{
imports = [
(modulesPath + "/virtualisation/lxc-container.nix")
../../users/root
../../users/erwin
./dendrite
./matrix-sliding-sync
./postgresql
];
eboskma = {
users.erwin = {
enable = true;
server = true;
};
nix-common = {
enable = true;
remote-builders = true;
};
tailscale.enable = true;
};
boot = {
isContainer = true;
};
time.timeZone = "Europe/Amsterdam";
system.configurationRevision = lib.mkIf (self ? rev) self.rev;
networking = {
hostName = "neo";
useDHCP = false;
useHostResolvConf = false;
networkmanager.enable = false;
useNetworkd = true;
nftables.enable = true;
firewall.trustedInterfaces = [ "tailscale0" ];
};
systemd.network = {
enable = true;
wait-online.anyInterface = true;
networks = {
"40-eth0" = {
matchConfig = {
Name = "eth0";
};
networkConfig = {
Address = "10.0.0.213/24";
Gateway = "10.0.0.1";
DNS = "10.0.0.206";
DHCP = "no";
};
};
};
};
security = {
sudo-rs = {
enable = true;
execWheelOnly = true;
wheelNeedsPassword = false;
};
sudo.enable = false;
};
sops.defaultSopsFile = ./secrets.yaml;
sops.secrets = {
dendrite-env = { };
dendrite-private-key = { };
matrix-sliding-sync-env = { };
};
system.stateVersion = "24.05";
}

View file

@ -0,0 +1,139 @@
{
pkgs,
lib,
config,
...
}:
let
settingsFormat = pkgs.formats.yaml { };
configurationYaml = settingsFormat.generate "dendrite.yaml" settings;
workingDir = "/var/lib/dendrite";
environmentFile = config.sops.secrets.dendrite-env.path;
httpPort = 8008;
settings = {
global = {
server_name = "boskma.frl";
private_key = "$CREDENTIALS_DIRECTORY/private_key";
database = {
connection_string = "postgresql:///dendrite?host=/run/postgresql";
max_open_conns = 90;
max_idle_conns = 5;
conn_max_lifetime = -1;
};
trusted_third_party_id_servers = [
"matrix.org"
"vector.im"
];
disable_federation = false;
presence = {
inbound = true;
outbound = true;
};
server_notices = {
enabled = true;
local_part = "_server";
display_part = "Tidingen";
room_name = "Tidingen";
};
metrics = {
enabled = true;
basic_auth = {
username = "metrics";
password = "metrics";
};
};
};
client_api = {
registration_shared_secret = "$REGISTRATION_SECRET";
};
federation_api = {
key_perspectives = [
{
server_name = "matrix.org";
keys = [
{
key_id = "ed25519:auto";
public_key = "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw";
}
{
key_id = "ed25519:a_RXGa";
public_key = "l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ";
}
];
}
];
};
sync_api = {
real_ip_header = "X-Forwarded-For";
};
media_api = {
base_path = "${workingDir}/media_store";
max_file_size_bytes = 25 * 1024 * 1024;
thumbnail_sizes = [
{
height = 32;
method = "crop";
width = 32;
}
{
height = 96;
method = "crop";
width = 96;
}
{
height = 480;
method = "scale";
width = 640;
}
];
};
logging = [
{
type = "std";
level = "info";
}
];
};
in
{
systemd.services.dendrite = {
description = "Dendrite Matrix homeserver";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
DynamicUser = true;
StateDirectory = "dendrite";
WorkingDirectory = workingDir;
RuntimeDirectory = "dendrite";
RuntimeDirectoryMode = "0700";
LimitNOFILE = 65535;
EnvironmentFile = environmentFile;
LoadCredential = [ "private_key:${config.sops.secrets.dendrite-private-key.path}" ];
ExecStartPre = [
''
${pkgs.envsubst}/bin/envsubst \
-i ${configurationYaml} \
-o /run/dendrite/dendrite.yaml
''
];
ExecStart = lib.strings.concatStringsSep " " ([
"${pkgs.dendrite}/bin/dendrite"
"--config /run/dendrite/dendrite.yaml"
"--http-bind-address :${builtins.toString httpPort}"
]);
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Restart = "on-failure";
};
};
}

View file

@ -0,0 +1,15 @@
{ config, ... }:
{
services.matrix-sliding-sync = {
enable = true;
createDatabase = true;
environmentFile = config.sops.secrets.matrix-sliding-sync-env.path;
settings = {
SYNCV3_SERVER = "http://127.0.0.1:8008";
SYNCV3_BINDADDR = "0.0.0.0:8009";
};
};
}

View file

@ -0,0 +1,39 @@
{ pkgs, ... }:
{
services = {
postgresql = {
enable = true;
# version is tied to stateVersion
# manual update required
# MIGRATION REQUIRED WHEN UPDATING
package = pkgs.postgresql_15;
ensureDatabases = [
"dendrite"
"matrix-sliding-sync"
];
ensureUsers = [
{
name = "dendrite";
ensureDBOwnership = true;
}
{
name = "matrix-sliding-sync";
ensureDBOwnership = true;
}
];
};
postgresqlBackup = {
enable = true;
backupAll = true;
# borg will do compression and deduplication
compression = "none";
startAt = "*-*-* 02:00:00";
};
};
}

41
machines/neo/secrets.yaml Normal file
View file

@ -0,0 +1,41 @@
dendrite-private-key: ENC[AES256_GCM,data:gA2xpUfmXUGaT5bPxBZTNTH2w+6Ovmzp3zUClV8+zlpo4Fyf15rd8nd0AJ70HhteYEFK+unlULWYrJtzrm+gAMQ/TAHbE4+y4aCOrr/pryDc+GXZ59maEXKif9PYvpI6b5l1S3SQIZDP3YNrh2LwkVn39CJceGZ0xfBqj2QFZYvWnT5rIzUSomc=,iv:ifiF9DzOibbtaXkERcP/A3Ty6EjNKoJ3XlOF4YCsJQ4=,tag:VDsMfuwGkJOSM3Y9nhGURA==,type:str]
dendrite-env: ENC[AES256_GCM,data:iETLbUzHKla+8zmftTM/asiDT2F6LUxRjFtKiWTMpl+p0nb7rMdpxTO9Wi4C23a0SZz4gcpvywpjd55ASpBGsNfTcnZ0ITKrtS5QkCcL2VR6S/3HaAH91cT7x/LwvszyeQdFmVUnWsauq/vd+Qp+RU0TcaiBsFHw3FrCfxeilvUtUAnbXmWj3g/YVQ6sZ8C8MoDinbE=,iv:HZK6AQcrb1LNW2YIBZQkJGsvIjULePhHex01DsiB26M=,tag:iMFi5lMMNZ8MGH3EWaG1Eg==,type:str]
matrix-sliding-sync-env: ENC[AES256_GCM,data:2K5d58v+hbIGto2PFnDLD05NL9cvp+vOIpyUInnZpU7MxfHo3rZtY5OJeDCjysLBChe7kIwoh9FR44IRq9xzWuc44B2eo7ByPTzgk4RWOA==,iv:NDSYRO5oLkimwhomCCP4vV9Hq8UchdNnpTkH/3ntBmA=,tag:W+iPqpEfWG8Aehasy8PN1Q==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1h7ddyj66gcqt5vnzphjfn6y5tul79q0glcdl0et9w44z2evl999qe02wht
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTZ3ByVUIyTjhUdURYMnZE
eDlQeEg0VE8weHhhd1BibllqTE1RVXRaZjJBCjZqZ1Y4dVcydGZ4alhoc0lLQWdr
KzNtTkEvajdxbmpaKzl5cERxQnFjL00KLS0tIFk2MHMvUjBDTGNBZzJJdXJpWkRp
Y25MQXp4WXBNYkZXM0grVkNYM0lKWFUKUaK3hDN7WbDiu9EgfJ5wmArjmM8PRtbY
TVIAp0htw+efC7PbCbaa0SaDltAR0Q19lIROUfccoLLpUCyk5mQvjg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1435gxhlpu55pp86r8pullhc6wg43nv6qm5l3g2vl5000xhn8apdqtlf8cg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhWkZpd3ZvWWM3ZjRkbnc4
NGRiZi9rMDJoaGRENjRDWHUwZllibEQ5aDBJCllFeE9XbTNlMnFSZTZBY1FVSmph
Z2cxTzdGSEdlQ0UzeWpzUENjM1Fpd2MKLS0tIGUvVUpjZTFqa2RvY2U3TlBXaXNB
VkdHS1FSdmlXKzdNRmltZDdmUWVZc0kK0TQeKRVafkIY2v0OBnxIQr48v9ilOEld
PpqwtEtH1HcSFwxhaFymUQpqg5Uvh5eXoPB/bnxOnOPlDYB+/HZQ0w==
-----END AGE ENCRYPTED FILE-----
- recipient: age1s95yw988he30l6wegfwquh4nh03jst2tvyu4ykng4g88h7s3a3rs5zh5fp
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxbCt0NDAvT0pCVmxpOUNh
TXpIanhKK01jN3FuaUdDeWJHZkFRdXBjMUhJCmNqWVNkN1owWnFOakJ6NWovQVZw
dnB5Vm4zMWpvZkZkODJqS2hxRVRaaDQKLS0tIERlMkozL2xBWVp4NWRlZnpiVVk5
cnZiZ1YvTlBWUVdoSjNqYkVXaGZHTlEKe7w9qbDkzfxoW4CVxH2hmO9JFuCYCcgp
bguCZbLQpyjiS6LjpX5AqXQH9tRqWNnqhq8QTbB9v4VIw5rz7S9Hpw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-04-24T12:22:54Z"
mac: ENC[AES256_GCM,data:kyB5rwsn6gVutITtzmBwPFHY0x42SbsZMy98JF0wVGBfjDrfmwmxAeFOJ9KmvR0rUaEr7RPMOFCwT5w/zUUsColF7Dy5uoOSpV7JxPi6suVGUmz5BkGaPB5HvIQhtb/75owUx+9Fvjq4Vmnh8UX9vk/0Gj/ay0p3BFiypJegyuI=,iv:5mJC3xoeTyw6jv7+hSTyUUz9luffSuN6TrKPohTT95M=,tag:iq8aBa9dTjmC7z7DrcP3JQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

View file

@ -10,6 +10,7 @@
upstreams = {
groups = {
default = [ "127.0.0.1:5335" ];
"100.64.0.0/10" = [ "127.0.0.1:5454" ];
};
};

View file

@ -7,8 +7,9 @@
../../users/root
../../users/erwin
./kea
./blocky
./coredns
./kea
./unbound
];
@ -82,5 +83,12 @@
sudo.enable = false;
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
coredns-env = { };
};
};
system.stateVersion = "23.11";
}

View file

@ -0,0 +1,44 @@
{ pkgs, config, ... }:
{
services.coredns = {
enable = true;
package = pkgs.coredns.override {
externalPlugins = [
{
name = "tailscale";
repo = "github.com/damomurf/coredns-tailscale";
version = "750df081a3cc63f325ecfde6c30a974dc0e4bf56";
}
];
vendorHash = "sha256-tuHr5oYmx3HNmsO6ZOO14vORArk8YHZBsodCiydf6k8=";
};
config = ''
datarift.nl:5454 {
bind 127.0.0.1 ::1
tailscale datarift.nl {
authkey {$TS_AUTHKEY}
}
log
errors
}
.:5454 {
bind 127.0.0.1 ::1
forward . 127.0.0.1:5335
log
errors
}
'';
};
systemd.services.coredns = {
environment = {
HOME = "%S/coredns";
};
serviceConfig = {
StateDirectory = "coredns";
EnvironmentFile = [ config.sops.secrets.coredns-env.path ];
};
};
}

View file

@ -0,0 +1,39 @@
coredns-env: ENC[AES256_GCM,data:1tkYhD2VHExWMt2y3G/eSkP5aISkPgqY5soNE6nNfCiewVWYBATqvs/GyBVM6GyXBYudl1myYU11MHheQ3w2T2kRj8PDDr31Ygs=,iv:1JeXTP8OYP990U8ctbZFxmjt92AxKoHLBmdC6P/osV4=,tag:+pN8MrjQTgkcStfwnlSU6A==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1h7ddyj66gcqt5vnzphjfn6y5tul79q0glcdl0et9w44z2evl999qe02wht
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQNmhVa3hSLzhOSzRtckI0
ZzF0NU5PMTZ1NXM3Y21OM3BNVE15SmlLQlVzClZsL2FnOU9hS3VoR1dJeXh5TE82
L0hMRlpUcW1NczhpVVh0R01LVVNxWDgKLS0tIHpXNEtRYTU4Y0N3aWJPUUp0WTVW
Y0FVS2dWTzlZR2RQZ05YOWhGWHQzdG8KSfliwDisp097xCNWUbxT688514YPdPg7
CvUbeyDjQOZJLjzP9kaE1lOLPZ+iM+kq0yJfK/jShhPav+lSJ3uwvQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1435gxhlpu55pp86r8pullhc6wg43nv6qm5l3g2vl5000xhn8apdqtlf8cg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoRFBBZ2pPS2xZT09ETWpH
SXlDc091RTZlc0ZuMWJMcjBvWGpwN05QQkhrCmpwNk90QmhlTHN3RVFzTGdOUjNZ
STU5V3BNQndMSHdkdUh6a1hqZzF2eEUKLS0tIGdHQVZTdDVwazRHaUt2aXFBOExO
Z3hDalpXcTlQbC9MNEh6YVp1YXdabWMKkx/MaVPRRez1TMPSncDbng4eCMFrBdxq
fasCMZh1yii9oPajnZXWQqxa8RtNpkxeYFSp3UCgPjw54K0ycEBfUQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age139zg5z02dx3j70tl6sn2l9kq0nfz2ddkffx0grlh7gg28dafhq6qd2sj6f
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwYTNFcWpXZ0FmUkdzWVFC
YTRFc0tOU0Y2cElCMmJoZkZkQUlrcm5nQ2lZCk1LYTJLTFhwSy9UNHdHcHYwemMr
WEh5Mmk2ZFdlTllLbks5VFptSWF1Vk0KLS0tIHZqcVliY1ZaY2wwd0NtbDFvcVp6
MmRsQU43UDUyQ2ZVbWxvRWdBajYwWlEKDNaV/6gjIszP31b8kT+JZxiTWILqbQdR
OKdTbC3XIiFBGpslr5QKJzj26dKsgYvmzEHuHgglZdvuX5EDmzTf5w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-04-22T15:38:55Z"
mac: ENC[AES256_GCM,data:M1N8u+mFB3SsQ1PxIoLjVUPyoBoziEX35YDI93MLN81iWT/1IcwR3xmggsYHfoIoFvAQ1yp8Cwp8FSyOT+uvafVJ70npxPJKPZ4PdcxAJWcySIItu0L/PRV2wOvkfeWbfBetCAjl9u+EDZrbJjaKodOkbee5fVakFN6/3q5tseM=,iv:TneZgE0AtEzijzAfSTXg2J2yXUA78OdHrmf4dVRAHUA=,tag:FcmDIvOzDJx3g91/tdYdTw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

View file

@ -41,6 +41,7 @@ in
options.eboskma.greetd = {
enable = mkEnableOption "enable greetd";
sway = mkEnableOption "sway";
river = mkEnableOption "river";
steam = mkEnableOption "steam";
wayvnc = mkEnableOption "wayvnc";
output = mkOption {
@ -131,6 +132,7 @@ in
"greetd/environments" = {
text = concatStringsSep "\n" (
(optional cfg.sway "${swaySession}")
++ (optional cfg.river "${pkgs.river}/bin/river")
++ (optional cfg.steam "${steam-gamescope}")
++ [ "${pkgs.bash}/bin/bash" ]
);

View file

@ -14,12 +14,12 @@ buildMavenPackage {
owner = "keycloak";
repo = "keycloak";
rev = version;
sha256 = "FP3BtkimEy4eAEYsuQ/56zonE1FVjxEJVRENXGbGhnQ=";
sha256 = "u9A/enVJwXqPRXyCsuSCloKcoYSKtEfuaJWJeNYsgVk=";
};
sourceRoot = "source/integration/admin-client";
mvnHash = "sha256-pH4LNVq7+ERi/Hm5T3AOacamDZR5POQxMFOYLCXL0OM=";
mvnHash = "sha256-XTXdDxNO9rwRFbfLG1+gHExddJnNbhjRuIQJDrgmhxI=";
# mvnHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
installPhase = ''

View file

@ -107,6 +107,10 @@ in
}
];
};
river = {
enable = true;
wallpaper = "${homeCfg.home.homeDirectory}/.wallpapers/river-2560.png";
};
rofi = {
enable = true;
package = pkgs.rofi-wayland;
@ -131,6 +135,7 @@ in
input = {
"36125:40349:splitkb.com_Kyria_rev1" = {
xkb_layout = "us";
xkb_variant = "altgr-intl";
xkb_options = "lv3:ralt_switch_multikey,eurosign:5";
};
"1133:49291:Logitech_G502_HERO_SE" = {
@ -161,7 +166,7 @@ in
};
};
tmux.enable = true;
waybar.enable = false;
waybar.enable = true;
zathura.enable = true;
zellij = {
enable = true;