erwin/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Wiki Activity Actions

Compare commits

base: erwin:f30cb2cc0167099b78cccc93032e34d469c41159
Branches Tags
erwin:main
...
compare: erwin:1438fdcff03612bf090271a4b25d0660e58bcc17
Branches Tags
erwin:main

17 commits
f30cb2cc01 ... 1438fdcff0

Author SHA1 Message Date
Erwin Boskma
1438fdcff0
Also use old TailScale IPv6 range 2024-06-04 11:01:45 +02:00
Erwin Boskma
0a23d2096e
fixup! meili: init 2024-06-04 10:56:41 +02:00
Erwin Boskma
4482c9fa5f
valkyrie: Disable blocky cache 2024-06-04 10:42:06 +02:00
Erwin Boskma
3b85c2866b
meili: init 2024-06-04 10:34:30 +02:00
Erwin Boskma
f5723fb0ce
loki: Enable river system-wide so it gets picked up by display managers 2024-06-04 09:43:10 +02:00
Erwin Boskma
5bf48d0618
loki: Update wireguard config to new config format 2024-06-04 09:42:34 +02:00
Erwin Boskma
612c68728a
regreet: Fix wrapper 2024-06-04 09:42:03 +02:00
Erwin Boskma
3985aae70d
river: Revert custom named keyboard layout (use variant instead) 2024-06-04 09:41:10 +02:00
Erwin Boskma
ed8dcd8c82
kea: Subnet IDs are now mandatory 2024-06-03 12:20:16 +02:00
Erwin Boskma
c0ed5156dc
guix: Init module 2024-06-03 12:20:05 +02:00
Erwin Boskma
1b17429c02
loki: Trying regreet again, remove some long time disabled attrs 2024-06-03 12:19:21 +02:00
Erwin Boskma
42c5dfc62d
Move regreet to separate module 2024-06-03 12:19:01 +02:00
Erwin Boskma
766712f7e7
Update systemd route configuration 2024-06-03 11:12:33 +02:00
Erwin Boskma
2d7e2e9150
valkyrie: Update TailScale auth key for coredns 2024-06-03 11:11:32 +02:00
Erwin Boskma
a0930c00b3
coredns: 1.11.1 -> 1.11.3 2024-06-03 11:11:18 +02:00
Erwin Boskma
ba990dbc8b
loki: Enable programs.appimage, programs.ryzen-monitor-ng 2024-06-03 11:10:59 +02:00
Erwin Boskma
c5e625827d
flake.lock: Update 
Flake lock file updates:

• Updated input 'attic':
    'github:zhaofengli/attic/4dbdbee45728d8ce5788db6461aaaa89d98081f0?narHash=sha256-0O4v6e4a1toxXZ2gf5INhg4WPE5C5T%2BSVvsBt%2B45Mcc%3D' (2024-03-29)
  → 'github:zhaofengli/attic/717cc95983cdc357bc347d70be20ced21f935843?narHash=sha256-kH04ReTjxOpQumgWnqy40vvQLSnLGxWP6RF3nq5Esrk%3D' (2024-06-01)
• Updated input 'attic/crane':
    'github:ipetkov/crane/7195c00c272fdd92fc74e7d5a0a2844b9fadb2fb?narHash=sha256-tWJqzajIvYcaRWxn%2BcLUB9L9Pv4dQ3Bfit/YjU5ze3g%3D' (2023-12-18)
  → 'github:ipetkov/crane/480dff0be03dac0e51a8dfc26e882b0d123a450e?narHash=sha256-dIubLa56W9sNNz0e8jGxrX3CAkPXsq7snuFA/Ie6dn8%3D' (2024-05-29)
• Updated input 'atuin':
    'github:atuinsh/atuin/15618f19ab85725462f19d52966594daee9b0414?narHash=sha256-I4y8R/jFA34yqz0XszLA0KHz3yn21lYRWWqJ0juQxrg%3D' (2024-05-29)
  → 'github:atuinsh/atuin/83637d96b04bed26fb222771baad51b081de1703?narHash=sha256-33wQ%2BdmdgOTXAlfdw6EkqU79r%2BmdmqCbEvVQnMHyeBs%3D' (2024-05-31)
• Updated input 'disko':
    'github:nix-community/disko/8ea5bcccc03111bdedaeaae9380dfab61e9deb33?narHash=sha256-s3Sis%2BM1qTSVIehHrEKBzHBpqprIFJli5V6WojkJnYE%3D' (2024-05-30)
  → 'github:nix-community/disko/39cd5a1fcd6d7a476eac2894b09122ead99f6efc?narHash=sha256-gwx3rVXnt2jNxl8L2DybYv41fA8QhWVGebe932pa2nw%3D' (2024-06-03)
• Updated input 'emacs-overlay':
    'github:nix-community/emacs-overlay/441ed86922224973b0853255785d3ce88b683b1a?narHash=sha256-m%2B5EQOjc7AKKrPYD%2BGkAn2W52z92%2B9IBdIVtTu0WJTY%3D' (2024-05-30)
  → 'github:nix-community/emacs-overlay/76082b226e29dd266a67b6f4df4fcaa771152f9c?narHash=sha256-EzL1xZoyj946hb7DtcPxXFkzuiGcQMSlSRr1%2BMzRfCA%3D' (2024-06-03)
• Updated input 'emacs-overlay/nixpkgs-stable':
    'github:NixOS/nixpkgs/9d29cd266cebf80234c98dd0b87256b6be0af44e?narHash=sha256-xim1b5/HZYbWaZKyI7cn9TJCM6ewNVZnesRr00mXeS4%3D' (2024-05-25)
  → 'github:NixOS/nixpkgs/a62e6edd6d5e1fa0329b8653c801147986f8d446?narHash=sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw%3D' (2024-05-31)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/8dc45382d5206bd292f9c2768b8058a8fd8311d9?narHash=sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78%3D' (2024-05-16)
  → 'github:hercules-ci/flake-parts/2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8?narHash=sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw%3D' (2024-06-01)
• Updated input 'flake-parts/nixpkgs-lib':
    '50eb7ecf4c.tar.gz?narHash=sha256-QBx10%2Bk6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94%3D' (2024-05-02)
  → 'eb9ceca17d.tar.gz?narHash=sha256-lIbdfCsf8LMFloheeE6N31%2BBMIeixqyQWbSr2vk79EQ%3D' (2024-06-01)
• Updated input 'home-manager':
    'github:nix-community/home-manager/60b85414b49d5d69816c2453865adb6cc39df33a?narHash=sha256-qwdpjHeB0IjZwiH57z2CvHMlcREKjv2zYpGV1aWb7Xk%3D' (2024-05-30)
  → 'github:nix-community/home-manager/9b53a10f4c91892f5af87cf55d08fba59ca086af?narHash=sha256-Xi0EpZcu39N0eW7apLjFfUOR9y80toyjYizez7J1wMI%3D' (2024-06-02)
• Updated input 'microvm':
    'github:astro/microvm.nix/fa4262c3c9197e7d62185858907f2e5acff3258d?narHash=sha256-L2Vni6dGDFWXWwY0rqkQWtZXt%2BqYQKUZr%2BFj%2BEpI97Q%3D' (2024-05-26)
  → 'github:astro/microvm.nix/16ec47e1fae62bcc2a76e164b7101152ad98849c?narHash=sha256-NBwB16qOv8TKaPg62UXfy%2BRojsDC%2BDLZPtohUqUyIM4%3D' (2024-06-01)
• Updated input 'naersk':
    'github:nix-community/naersk/c5037590290c6c7dae2e42e7da1e247e54ed2d49?narHash=sha256-CO8MmVDmqZX2FovL75pu5BvwhW%2BVugc7Q6ze7Hj8heI%3D' (2024-04-19)
  → 'github:nix-community/naersk/fa19d8c135e776dc97f4dcca08656a0eeb28d5c0?narHash=sha256-oIs5EF%2B6VpHJRvvpVWuqCYJMMVW/6h59aYUv9lABLtY%3D' (2024-05-30)
• Updated input 'nil':
    'github:oxalica/nil/2f3ed6348bbf1440fcd1ab0411271497a0fbbfa4?narHash=sha256-o4tqlTzi9kcVub167kTGXgCac9jM3kW4%2Bv9MH/ue4Hk%3D' (2024-05-01)
  → 'github:oxalica/nil/ab3ddb8f063774cf7e22eb610f5ecfdb77309f3c?narHash=sha256-GmsEQa4HZeMfec37LZnwG/Lt/XmqFLXsjv5QWojeNiM%3D' (2024-05-30)
• Updated input 'nix-ld-rs':
    'github:nix-community/nix-ld-rs/bca096389e440f0f20a6a795546f65e2f2f7410d?narHash=sha256-CwOldvBBXr1K2Zr6z5chHtieBBIQqk%2Bk5RKt3hkF1OU%3D' (2024-05-19)
  → 'github:nix-community/nix-ld-rs/62d5a9eb8ba0feb1d62292ca29de98785bcef04a?narHash=sha256-mQEWQOak0r8YEXK5IzvSfScmndpdODBKNvN0T8QydEg%3D' (2024-06-01)
• Updated input 'nixos-hardware':
    'github:NixOS/nixos-hardware/8251761f93d6f5b91cee45ac09edb6e382641009?narHash=sha256-uuEkErFVsFdg2K0cKbNQ9JlFSAm/xYqPr4rbPLI91Y8%3D' (2024-05-29)
  → 'github:NixOS/nixos-hardware/7b49d3967613d9aacac5b340ef158d493906ba79?narHash=sha256-e8X2eWjAHJQT82AAN%2BmCI0B68cIDBJpqJ156%2BVRrFO0%3D' (2024-06-01)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/9ca3f649614213b2aaf5f1e16ec06952fe4c2632?narHash=sha256-7EXDb5WBw%2Bd004Agt%2BJHC/Oyh/KTUglOaQ4MNjBbo5w%3D' (2024-05-27)
  → 'github:nixos/nixpkgs/57610d2f8f0937f39dbd72251e9614b1561942d8?narHash=sha256-yZKhxVIKd2lsbOqYd5iDoUIwsRZFqE87smE2Vzf6Ck0%3D' (2024-05-31)
• Updated input 'rust-overlay':
    'github:oxalica/rust-overlay/095702e63a40e86f339d11864da9dc965b70a01e?narHash=sha256-MzH%2ByjKULH3HCRj9QCTwBvqq4LZkR0ZqRE/QfGOGC2E%3D' (2024-05-30)
  → 'github:oxalica/rust-overlay/07098b424d114cd2dddec40be8d5586da339fddc?narHash=sha256-TcM4%2BoHTSLw8neTxk/Q0beODr8YiL%2BoI2j0ENYnNfk4%3D' (2024-06-03)
• Updated input 'sops':
    'github:Mic92/sops-nix/962797a8d7f15ed7033031731d0bb77244839960?narHash=sha256-sALodaA7Zkp/JD6ehgwc0UCBrSBfB4cX66uFGTsqeFU%3D' (2024-05-26)
  → 'github:Mic92/sops-nix/ab2a43b0d21d1d37d4d5726a892f714eaeb4b075?narHash=sha256-cZC2f68w5UrJ1f%2B2NWGV9Gx0dEYmxwomWN2B0lx0QRA%3D' (2024-06-02)
• Updated input 'sops/nixpkgs-stable':
    'github:NixOS/nixpkgs/59a450646ec8ee0397f5fa54a08573e8240eb91f?narHash=sha256-kQ25DAiCGigsNR/Quxm3v%2BJGXAEXZ8I7RAF4U94bGzE%3D' (2024-05-25)
  → 'github:NixOS/nixpkgs/3b1b4895b2c5f9f5544d02132896aeb9ceea77bc?narHash=sha256-IITcGd6xpNoyq9SZBigCkv4%2BqMHSqot0RDPR4xsZ2CA%3D' (2024-06-01)
• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/2fba33a182602b9d49f0b2440513e5ee091d838b?narHash=sha256-wJqHMg/K6X3JGAE9YLM0LsuKrKb4XiBeVaoeMNlReZg%3D' (2024-05-17)
  → 'github:numtide/treefmt-nix/3eb96ca1ae9edf792a8e0963cc92fddfa5a87706?narHash=sha256-u10aDdYrpiGOLoxzY/mJ9llST9yO8Q7K/UlROoNxzDw%3D' (2024-06-01)
 2024-06-03 09:39:45 +02:00
17 changed files with 371 additions and 149 deletions
Show stats Expand all files Collapse all files

7
.sops.yaml
View file

@ -7,6 +7,7 @@ keys:
- &gitea age1mh39yv2j3ltl50tjnqqgjctxth3nxa74ggwn29dpvcv08qd0psnssajsmd
- &gitea-runner age19jrte20w4e5u83m5s8m8c2ca6sha6e2l2k66g28jz4mpkfs0f3jq26rdp2
- &heimdall age1z94c897pvq4tx0xwsj6wr8emnlpmk6u0xks75rydga6r33dlapjqyqqacc
- &meili age1thyemgvua2at9mha5hxuqezxcrxvljh9tpwwmdylu0mrspppvamsunpeh2
- &mimir age192a3nepaclecjjkxssszueak6rxar49prceplvvxc5m4f3ww7g5qpfgdqj
- &minio age1cjxe2e7zemvs0jacjawug6k2qnmcpvnka3e04mfzp939h7hppydqrlp6l5
- &neo age1s95yw988he30l6wegfwquh4nh03jst2tvyu4ykng4g88h7s3a3rs5zh5fp
@ -57,6 +58,12 @@ creation_rules:
- *erwin
- *erwin_horus
- *mimir
- path_regex: machines/meili/[^/]+\.yaml$
key_groups:
- age:
- *erwin
- *erwin_horus
- *meili
- path_regex: machines/minio/[^/]+\.yaml$
key_groups:
- age:

116
flake.lock
View file

@ -30,11 +30,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1711742460,
"narHash": "sha256-0O4v6e4a1toxXZ2gf5INhg4WPE5C5T+SVvsBt+45Mcc=",
"lastModified": 1717279440,
"narHash": "sha256-kH04ReTjxOpQumgWnqy40vvQLSnLGxWP6RF3nq5Esrk=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "4dbdbee45728d8ce5788db6461aaaa89d98081f0",
"rev": "717cc95983cdc357bc347d70be20ced21f935843",
"type": "github"
},
"original": {
@ -54,11 +54,11 @@
]
},
"locked": {
"lastModified": 1717003177,
"narHash": "sha256-I4y8R/jFA34yqz0XszLA0KHz3yn21lYRWWqJ0juQxrg=",
"lastModified": 1717179219,
"narHash": "sha256-33wQ+dmdgOTXAlfdw6EkqU79r+mdmqCbEvVQnMHyeBs=",
"owner": "atuinsh",
"repo": "atuin",
"rev": "15618f19ab85725462f19d52966594daee9b0414",
"rev": "83637d96b04bed26fb222771baad51b081de1703",
"type": "github"
},
"original": {
@ -124,11 +124,11 @@
]
},
"locked": {
"lastModified": 1702918879,
"narHash": "sha256-tWJqzajIvYcaRWxn+cLUB9L9Pv4dQ3Bfit/YjU5ze3g=",
"lastModified": 1717025063,
"narHash": "sha256-dIubLa56W9sNNz0e8jGxrX3CAkPXsq7snuFA/Ie6dn8=",
"owner": "ipetkov",
"repo": "crane",
"rev": "7195c00c272fdd92fc74e7d5a0a2844b9fadb2fb",
"rev": "480dff0be03dac0e51a8dfc26e882b0d123a450e",
"type": "github"
},
"original": {
@ -195,11 +195,11 @@
]
},
"locked": {
"lastModified": 1717032306,
"narHash": "sha256-s3Sis+M1qTSVIehHrEKBzHBpqprIFJli5V6WojkJnYE=",
"lastModified": 1717378144,
"narHash": "sha256-gwx3rVXnt2jNxl8L2DybYv41fA8QhWVGebe932pa2nw=",
"owner": "nix-community",
"repo": "disko",
"rev": "8ea5bcccc03111bdedaeaae9380dfab61e9deb33",
"rev": "39cd5a1fcd6d7a476eac2894b09122ead99f6efc",
"type": "github"
},
"original": {
@ -219,11 +219,11 @@
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1717033835,
"narHash": "sha256-m+5EQOjc7AKKrPYD+GkAn2W52z92+9IBdIVtTu0WJTY=",
"lastModified": 1717379613,
"narHash": "sha256-EzL1xZoyj946hb7DtcPxXFkzuiGcQMSlSRr1+MzRfCA=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "441ed86922224973b0853255785d3ce88b683b1a",
"rev": "76082b226e29dd266a67b6f4df4fcaa771152f9c",
"type": "github"
},
"original": {
@ -394,11 +394,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1715865404,
"narHash": "sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78=",
"lastModified": 1717285511,
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8dc45382d5206bd292f9c2768b8058a8fd8311d9",
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github"
},
"original": {
@ -563,11 +563,11 @@
]
},
"locked": {
"lastModified": 1717049829,
"narHash": "sha256-qwdpjHeB0IjZwiH57z2CvHMlcREKjv2zYpGV1aWb7Xk=",
"lastModified": 1717316182,
"narHash": "sha256-Xi0EpZcu39N0eW7apLjFfUOR9y80toyjYizez7J1wMI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "60b85414b49d5d69816c2453865adb6cc39df33a",
"rev": "9b53a10f4c91892f5af87cf55d08fba59ca086af",
"type": "github"
},
"original": {
@ -587,11 +587,11 @@
"spectrum": "spectrum"
},
"locked": {
"lastModified": 1716754174,
"narHash": "sha256-L2Vni6dGDFWXWwY0rqkQWtZXt+qYQKUZr+Fj+EpI97Q=",
"lastModified": 1717281900,
"narHash": "sha256-NBwB16qOv8TKaPg62UXfy+RojsDC+DLZPtohUqUyIM4=",
"owner": "astro",
"repo": "microvm.nix",
"rev": "fa4262c3c9197e7d62185858907f2e5acff3258d",
"rev": "16ec47e1fae62bcc2a76e164b7101152ad98849c",
"type": "github"
},
"original": {
@ -607,11 +607,11 @@
]
},
"locked": {
"lastModified": 1713520724,
"narHash": "sha256-CO8MmVDmqZX2FovL75pu5BvwhW+Vugc7Q6ze7Hj8heI=",
"lastModified": 1717067539,
"narHash": "sha256-oIs5EF+6VpHJRvvpVWuqCYJMMVW/6h59aYUv9lABLtY=",
"owner": "nix-community",
"repo": "naersk",
"rev": "c5037590290c6c7dae2e42e7da1e247e54ed2d49",
"rev": "fa19d8c135e776dc97f4dcca08656a0eeb28d5c0",
"type": "github"
},
"original": {
@ -633,11 +633,11 @@
]
},
"locked": {
"lastModified": 1714571717,
"narHash": "sha256-o4tqlTzi9kcVub167kTGXgCac9jM3kW4+v9MH/ue4Hk=",
"lastModified": 1717086091,
"narHash": "sha256-GmsEQa4HZeMfec37LZnwG/Lt/XmqFLXsjv5QWojeNiM=",
"owner": "oxalica",
"repo": "nil",
"rev": "2f3ed6348bbf1440fcd1ab0411271497a0fbbfa4",
"rev": "ab3ddb8f063774cf7e22eb610f5ecfdb77309f3c",
"type": "github"
},
"original": {
@ -655,11 +655,11 @@
]
},
"locked": {
"lastModified": 1716116133,
"narHash": "sha256-CwOldvBBXr1K2Zr6z5chHtieBBIQqk+k5RKt3hkF1OU=",
"lastModified": 1717274471,
"narHash": "sha256-mQEWQOak0r8YEXK5IzvSfScmndpdODBKNvN0T8QydEg=",
"owner": "nix-community",
"repo": "nix-ld-rs",
"rev": "bca096389e440f0f20a6a795546f65e2f2f7410d",
"rev": "62d5a9eb8ba0feb1d62292ca29de98785bcef04a",
"type": "github"
},
"original": {
@ -670,11 +670,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1716987116,
"narHash": "sha256-uuEkErFVsFdg2K0cKbNQ9JlFSAm/xYqPr4rbPLI91Y8=",
"lastModified": 1717248095,
"narHash": "sha256-e8X2eWjAHJQT82AAN+mCI0B68cIDBJpqJ156+VRrFO0=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "8251761f93d6f5b91cee45ac09edb6e382641009",
"rev": "7b49d3967613d9aacac5b340ef158d493906ba79",
"type": "github"
},
"original": {
@ -701,14 +701,14 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1714640452,
"narHash": "sha256-QBx10+k6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94=",
"lastModified": 1717284937,
"narHash": "sha256-lIbdfCsf8LMFloheeE6N31+BMIeixqyQWbSr2vk79EQ=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
}
},
"nixpkgs-stable": {
@ -729,11 +729,11 @@
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1716633019,
"narHash": "sha256-xim1b5/HZYbWaZKyI7cn9TJCM6ewNVZnesRr00mXeS4=",
"lastModified": 1717159533,
"narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9d29cd266cebf80234c98dd0b87256b6be0af44e",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
},
"original": {
@ -761,11 +761,11 @@
},
"nixpkgs-stable_4": {
"locked": {
"lastModified": 1716655032,
"narHash": "sha256-kQ25DAiCGigsNR/Quxm3v+JGXAEXZ8I7RAF4U94bGzE=",
"lastModified": 1717265169,
"narHash": "sha256-IITcGd6xpNoyq9SZBigCkv4+qMHSqot0RDPR4xsZ2CA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "59a450646ec8ee0397f5fa54a08573e8240eb91f",
"rev": "3b1b4895b2c5f9f5544d02132896aeb9ceea77bc",
"type": "github"
},
"original": {
@ -777,11 +777,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1716769173,
"narHash": "sha256-7EXDb5WBw+d004Agt+JHC/Oyh/KTUglOaQ4MNjBbo5w=",
"lastModified": 1717196966,
"narHash": "sha256-yZKhxVIKd2lsbOqYd5iDoUIwsRZFqE87smE2Vzf6Ck0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9ca3f649614213b2aaf5f1e16ec06952fe4c2632",
"rev": "57610d2f8f0937f39dbd72251e9614b1561942d8",
"type": "github"
},
"original": {
@ -905,11 +905,11 @@
]
},
"locked": {
"lastModified": 1717035469,
"narHash": "sha256-MzH+yjKULH3HCRj9QCTwBvqq4LZkR0ZqRE/QfGOGC2E=",
"lastModified": 1717381101,
"narHash": "sha256-TcM4+oHTSLw8neTxk/Q0beODr8YiL+oI2j0ENYnNfk4=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "095702e63a40e86f339d11864da9dc965b70a01e",
"rev": "07098b424d114cd2dddec40be8d5586da339fddc",
"type": "github"
},
"original": {
@ -926,11 +926,11 @@
"nixpkgs-stable": "nixpkgs-stable_4"
},
"locked": {
"lastModified": 1716692524,
"narHash": "sha256-sALodaA7Zkp/JD6ehgwc0UCBrSBfB4cX66uFGTsqeFU=",
"lastModified": 1717297459,
"narHash": "sha256-cZC2f68w5UrJ1f+2NWGV9Gx0dEYmxwomWN2B0lx0QRA=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "962797a8d7f15ed7033031731d0bb77244839960",
"rev": "ab2a43b0d21d1d37d4d5726a892f714eaeb4b075",
"type": "github"
},
"original": {
@ -1008,11 +1008,11 @@
]
},
"locked": {
"lastModified": 1715940852,
"narHash": "sha256-wJqHMg/K6X3JGAE9YLM0LsuKrKb4XiBeVaoeMNlReZg=",
"lastModified": 1717278143,
"narHash": "sha256-u10aDdYrpiGOLoxzY/mJ9llST9yO8Q7K/UlROoNxzDw=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "2fba33a182602b9d49f0b2440513e5ee091d838b",
"rev": "3eb96ca1ae9edf792a8e0963cc92fddfa5a87706",
"type": "github"
},
"original": {

4
home-manager/modules/river/default.nix
View file

@ -89,7 +89,7 @@ in
hide-cursor = "when-typing enabled";
set-cursor-warp = "on-output-change";
keyboard-layout = "kyria";
keyboard-layout = "-variant kyria us";
map = {
normal =
@ -220,7 +220,7 @@ in
'';
};
xdg.configFile."xkb/symbols/kyria" = {
xdg.configFile."xkb/symbols/us" = {
source = ./keyboard-layout.xkb;
};
};

10
machines/default.nix
View file

@ -49,7 +49,6 @@ inputs: {
k3s-test = {
config = import ./k3s-test/configuration.nix inputs;
deploy = {
# host = "10.0.0.167";
# host = "10.0.0.208";
host = "k3s-test.barn-beaver.ts.net";
targetUser = "erwin";
@ -59,6 +58,15 @@ inputs: {
loki = {
config = import ./loki/configuration.nix inputs;
};
meili = {
config = import ./meili/configuration.nix inputs;
deploy = {
# host = "10.0.0.214";
host = "meili.barn-beaver.ts.net";
targetUser = "erwin";
tags = [ "container" ];
};
};
mimir = {
config = import ./mimir/configuration.nix inputs;
};

16
machines/heimdall/configuration.nix
View file

@ -64,18 +64,14 @@
routes = [
{
routeConfig = {
Destination = "172.31.1.1/32";
Scope = "link";
Protocol = "static";
};
Destination = "172.31.1.1/32";
Scope = "link";
Protocol = "static";
}
{
routeConfig = {
Destination = "fe80::1/128";
Scope = "link";
Protocol = "static";
};
Destination = "fe80::1/128";
Scope = "link";
Protocol = "static";
}
];
};

71
machines/loki/configuration.nix
View file

@ -49,18 +49,12 @@
fonts.enable = true;
gnome.enable = true;
greetd = {
enable = true;
enable = false;
sway = true;
river = true;
wallpaper = ../../wallpapers/river-2560.png;
};
libvirtd.enable = false;
livebook = {
enable = false;
dataDir = "/home/erwin/workspace/livebook";
userMapping = "1000:100";
};
lxd.enable = false;
guix.enable = true;
networking = {
enable = true;
};
@ -69,7 +63,11 @@
cross-systems = [ "aarch64-linux" ];
};
podman.enable = true;
tablet.enable = false;
regreet = {
enable = true;
wallpaper = ../../wallpapers/river-2560.png;
wayvnc = true;
};
tailscale.enable = true;
sound = {
enable = true;
@ -258,17 +256,15 @@
wireguardPeers = [
{
wireguardPeerConfig = {
PublicKey = "6faxlUG8+F7uVrKk/OJqqy5k2+OzrhXc/cV6Zsfbl0c=";
AllowedIPs = [
"192.168.4.0/23"
"192.168.6.0/24"
"192.168.7.0/24"
"192.168.8.0/24"
];
Endpoint = "212.45.34.195:51820";
PersistentKeepalive = 25;
};
PublicKey = "6faxlUG8+F7uVrKk/OJqqy5k2+OzrhXc/cV6Zsfbl0c=";
AllowedIPs = [
"192.168.4.0/23"
"192.168.6.0/24"
"192.168.7.0/24"
"192.168.8.0/24"
];
Endpoint = "212.45.34.195:51820";
PersistentKeepalive = 25;
}
];
};
@ -307,28 +303,20 @@
routes = [
{
routeConfig = {
Destination = "192.168.4.0/23";
Scope = "link";
};
Destination = "192.168.4.0/23";
Scope = "link";
}
{
routeConfig = {
Destination = "192.168.6.0/24";
Scope = "link";
};
Destination = "192.168.6.0/24";
Scope = "link";
}
{
routeConfig = {
Destination = "192.168.7.0/24";
Scope = "link";
};
Destination = "192.168.7.0/24";
Scope = "link";
}
{
routeConfig = {
Destination = "192.168.8.0/24";
Scope = "link";
};
Destination = "192.168.8.0/24";
Scope = "link";
}
];
};
@ -404,6 +392,8 @@
swayidle
];
};
river.enable = true;
gnome-disks.enable = true;
# ssh.startAgent = true;
@ -419,6 +409,14 @@
};
};
};
appimage = {
enable = true;
binfmt = true;
};
ryzen-monitor-ng.enable = true;
nix-ld = {
enable = true;
package = nix-ld-rs.packages.${pkgs.hostPlatform.system}.nix-ld-rs;
@ -488,7 +486,6 @@
# WLR_RENDERER = "vulkan";
};
systemPackages = with pkgs; [
appimage-run
incus
tailscale
];

90
machines/meili/configuration.nix Normal file
View file

@ -0,0 +1,90 @@
{ self, caddy-with-plugins, ... }:
{ pkgs, modulesPath, ... }:
{
imports = [
(modulesPath + "/virtualisation/lxc-container.nix")
../../users/root
../../users/erwin
./geoserver
];
eboskma = {
users.erwin = {
enable = true;
server = true;
};
nix-common = {
enable = true;
remote-builders = true;
};
caddy-proxy = {
enable = true;
package = caddy-with-plugins.packages.${pkgs.system}.caddy-with-cloudflare;
proxyHosts = [
{
externalHostname = "meili.datarift.nl";
proxyAddress = "localhost:8080";
}
];
};
tailscale.enable = true;
};
boot.isContainer = true;
time.timeZone = "Europe/Amsterdam";
system.configurationRevision = self.inputs.nixpkgs.lib.mkIf (self ? rev) self.rev;
networking = {
hostName = "meili";
useDHCP = false;
useHostResolvConf = false;
networkmanager.enable = false;
useNetworkd = true;
nftables.enable = false;
firewall = {
trustedInterfaces = [ "tailscale0" ];
};
};
systemd.network = {
enable = true;
wait-online.anyInterface = true;
networks = {
"40-eth0" = {
matchConfig = {
Name = "eth0";
};
networkConfig = {
Address = "10.0.0.214/24";
Gateway = "10.0.0.1";
DNS = "10.0.0.206";
DHCP = "no";
};
};
};
};
security = {
sudo-rs = {
enable = true;
execWheelOnly = true;
wheelNeedsPassword = false;
};
sudo.enable = false;
};
sops.defaultSopsFile = ./secrets.yaml;
sops.secrets = {
caddy-env = { };
};
system.stateVersion = "24.11";
}

20
machines/meili/geoserver/default.nix Normal file
View file

@ -0,0 +1,20 @@
{ pkgs, ... }:
let
geoserver-war = pkgs.fetchzip {
url = "https://downloads.sourceforge.net/sourceforge/geoserver/GeoServer/2.25.1/geoserver-2.25.1-war.zip";
sha256 = "O9XDjx3csW9HZzSYROPUCyl3sYlrKLMpHztUKYIEabs=";
stripRoot = false;
};
in
{
services.tomcat = {
enable = true;
virtualHosts = [
{
name = "meili.datarift.nl";
webapps = [ "${geoserver-war}/geoserver.war" ];
}
];
purifyOnStart = true;
};
}

39
machines/meili/secrets.yaml Normal file
View file

@ -0,0 +1,39 @@
caddy-env: ENC[AES256_GCM,data:KFoPLa9L43IbhXTft5VNB/4MetDxJsFX7phSsx1bDbr5e3wJynI2mLbTNkQexb+MUtWqK5JB,iv:vAoBGavDDlYT5UlVFgd/FYmU0w00mla8/fVatGEIjPg=,tag:L1YTfvWTkdhBLVBL4YL0iw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1h7ddyj66gcqt5vnzphjfn6y5tul79q0glcdl0et9w44z2evl999qe02wht
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzQ0dvR2x3R0VQc3NBY2pk
TExQOXlOU1FDNzFrVWJHcnlmZ2EvS1NpOVFNClBhVzhsOEdhc2FDZnRPN2RkcUZO
QU1sQ09scVdlY2NDcGg1SGJ1aG1rTmsKLS0tIGYvNW9EMEpKajE1Q2ZoYXd1QlAy
SGZGOXcvZUZhMkRjVDVtaG1aVjlvdTQKUJEntauITelHgLUIUXC7+LI6fias7GRM
avdmHwn7X/ReE/DivsLDNxvakSO3QJAQtrV2O0RPO+FPj6JFOu8CUQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1435gxhlpu55pp86r8pullhc6wg43nv6qm5l3g2vl5000xhn8apdqtlf8cg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDMWJMMU9qK2tNN1p2cnJw
OVBRVDY1TWdyMkE0KzhIRGkwa2pyQU9wWFVvClp2M0NPRjBQS3pab1FSekpYYUpa
SU9NejRFeG9sV2YrUXhJRGhWenUrZHMKLS0tIFMwTUNzYSt2SDc2N2F1SXhkdnBR
c2Zjb1NlQ1dOV1NWVEpBaWJkcVZnWk0KfvUBb7bpml7jBw15gA+TK/9dok8KFvt0
ouiiTExF41nYCKjfeBf99bKpUCykZxPSz8sReapyO6tZ8dDycXb2UA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1thyemgvua2at9mha5hxuqezxcrxvljh9tpwwmdylu0mrspppvamsunpeh2
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArdkh5a281aFBnWWhpUVNS
bElPZXBuOWV1YWZFMVZzdmRkMWtsNFUrM1F3ClI1SEpsMWRnRFlXVEhnRjQ0T3VJ
WjIyMzVFbXlaeHNLbkVOZGlGbVk4dmsKLS0tIFIxOWY2clVjZ3BJb3dqQThTSExI
TW1rUEFLNVFYUFo2VFEwd3JxSXFsYzQKbxzHXaU2KVBVWbU4kgpjaETw2wm/6cx+
LL+d17IAkAv85Qh9ZoWwXluufrwwN1+12xsqQMSpwpWMyQgbNPCwRQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-06-04T07:47:43Z"
mac: ENC[AES256_GCM,data:tkvtSOGCMsAV48p/PGp/R+M7rME21TbEdIVTzTp7hv2bdHxgq0T8tdYAsdqdzkPvqjqvf61w7AzV8JsD8+T41lb2Wt16SHAsJVHGo+cePFztC1d2xf0EmimO41Py4m/ZxWnpPFnDyTXMw2mAspZeLBAjgB7+tjX4IFjCOk3HmkU=,iv:QnqXcAooViz7QH/6sM+IkyOASxMpe9yQ+WvGUB1lxdo=,tag:Ulph5M86R+N4hXxjm4c0BQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

5
machines/valkyrie/blocky/default.nix
View file

@ -12,6 +12,7 @@
default = [ "127.0.0.1:5335" ];
"100.64.0.0/10" = [ "127.0.0.1:5454" ];
"fd7a:115c:a1e0::/96" = [ "127.0.0.1:5454" ];
"fd7a:115c:a1e0:ab12::/64" = [ "127.0.0.1:5454" ];
};
};
@ -28,6 +29,10 @@
};
};
caching = {
maxTime = -1;
};
customDNS = {
mapping = {
"home.datarift.nl" = "10.0.0.251";

1
machines/valkyrie/kea/default.nix
View file

@ -63,6 +63,7 @@
subnet4 = [
{
id = 1;
pools = [ { pool = "10.0.0.150 - 10.0.0.200"; } ];
subnet = "10.0.0.0/24";
option-data = [

6
machines/valkyrie/secrets.yaml
View file

@ -1,4 +1,4 @@
coredns-env: ENC[AES256_GCM,data:RIudDPucGYo1UXMnzR8Xwz+X4WKEXVTvhv6teiPFgQYdJuh3anV3tDisi1ouTschu4OgNUgrqxQvPJh2D4z3Io4yFepTmRuZ7SE=,iv:Zwgz2CDtpqZV6VQPn7lxCJT+1VbekP9YZJ3Gp3NMJKs=,tag:zT+YuThW0UMguDEL1aUqwA==,type:str]
coredns-env: ENC[AES256_GCM,data:vsLJBvRJZPgvlny9IQb0WJai/D+JHFk5plz2L1y1Q6VDJQpSuFB1hene2JHXBGniij3ytUDVWOIeXjYxb0fyVDb0q7t9EDA5u1M=,iv:/HISs3OOAv996rFxsADdW74DiOogozRvD+l6+sFqbL0=,tag:ndIHOdTKPutyd+LqKMoVyA==,type:str]
sops:
kms: []
gcp_kms: []
@ -32,8 +32,8 @@ sops:
MmRsQU43UDUyQ2ZVbWxvRWdBajYwWlEKDNaV/6gjIszP31b8kT+JZxiTWILqbQdR
OKdTbC3XIiFBGpslr5QKJzj26dKsgYvmzEHuHgglZdvuX5EDmzTf5w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-05-08T16:31:24Z"
mac: ENC[AES256_GCM,data:LL+pM7yuj7/3efaFJ3BzlJqZmgTvWwYilyqCZO5dmhs4OtEwhu7s0PVnZiikD46FrJ/OY6CzFzc88vBnBs48Scp6UtzujAJZkWECNKj0R/ECqUiGudt9osnYvKCCsTMj8zlnJ2xd8ncRGsVthSj9tKbORd4jCLQMeUZudLxYiIs=,iv:0UR5bWuqZZf3aNxyM1qCNRxRi0pJV4QsiwDHT19BLwA=,tag:njCNGVDXcKgMx8rbJ1LbWw==,type:str]
lastmodified: "2024-06-03T09:07:22Z"
mac: ENC[AES256_GCM,data:AoDPnZopNrWnA6KZQ07We+Znl3yF7DRr2gF6HSL1M1Tnlqy1h8++/M3DNCOZgfZ6Dxluedy3JAuRyznJkbHgrB3qBUn8S3bf+M4UlXCR7ovXIqaQkfwRiCz4/RwOk0KYNO0YbYhdI9wFNVwqji40RfDLK8YY2SqOXC7yIzIB4p8=,iv:qmygqqj/iiDVJHrZB4ZlCYG5IkZsvC0Ixl937jLDeqY=,tag:3skyAFGytXJYRxlK3ukdvA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

2
modules/caddy-proxy/default.nix
View file

@ -40,7 +40,7 @@ let
mkLocalProxyHost = target: {
extraConfig = ''
@local_or_ts {
remote_ip 10.0.0.0/24 100.64.0.0/10
remote_ip 10.0.0.0/24 100.64.0.0/10 fd7a:115c:a1e0::/96 fd7a:115c:a1e0:ab12::/64
}
handle @local_or_ts {
reverse_proxy ${target}

31
modules/greetd/default.nix
View file

@ -71,39 +71,8 @@ in
};
};
programs.regreet = {
enable = false;
settings = {
background = {
path = cfg.wallpaper;
fit = "Cover";
};
GTK = {
application_prefer_dark_theme = true;
theme_name = "elementary";
cursor_theme = "elementary";
icon_theme_name = "elementary";
font_name = "Iosevka Aile 16";
};
commands = {
reboot = [
"systemctl"
"reboot"
];
poweroff = [
"systemctl"
"poweroff"
];
};
};
};
security.pam.services.greetd.u2fAuth = false;
# exec "${pkgs.greetd.regreet}/bin/regreet; swaymsg exit"
networking.firewall.allowedTCPPorts = lib.mkIf (cfg.wayvnc && !config.services.tailscale.enable) [
5900
];

16
modules/guix/default.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, lib, ... }:
with lib;
let
cfg = config.eboskma.guix;
in
{
options.eboskma.guix = {
enable = mkEnableOption "guix";
};
config = mkIf cfg.enable {
services.guix = {
enable = true;
};
};
}

71
modules/regreet/default.nix Normal file
View file

@ -0,0 +1,71 @@
{
pkgs,
config,
lib,
...
}:
with lib;
let
cfg = config.eboskma.regreet;
regreetWrapperText = lib.concatStringsSep "\n" (
(lib.optional cfg.wayvnc "${pkgs.wayvnc}/bin/wayvnc 0.0.0.0 &")
++ [ "${lib.getExe pkgs.greetd.regreet}" ]
);
regreetWrapper = pkgs.writeShellScriptBin "regreet-wrapper" regreetWrapperText;
in
{
options.eboskma.regreet = {
enable = mkEnableOption "regreet";
wayvnc = mkEnableOption "wayvnc";
wallpaper = mkOption {
description = "Path to an image to use as wallpaper";
type = types.path;
};
};
config = mkIf cfg.enable {
programs.regreet = {
enable = true;
package = regreetWrapper;
settings = {
background = {
path = cfg.wallpaper;
fit = "Cover";
};
GTK = {
application_prefer_dark_theme = true;
theme_name = "elementary";
cursor_theme = "elementary";
icon_theme_name = "elementary";
font_name = "Iosevka Aile 16";
};
commands = {
reboot = [
"systemctl"
"reboot"
];
poweroff = [
"systemctl"
"poweroff"
];
};
};
};
security.pam.services.greetd.u2fAuth = false;
networking.firewall.allowedTCPPorts = lib.mkIf (cfg.wayvnc && !config.services.tailscale.enable) [
5900
];
environment = {
systemPackages = with pkgs; [
pantheon.elementary-gtk-theme
pantheon.elementary-icon-theme
];
};
};
}

15
pkgs/coredns/default.nix
View file

@ -7,18 +7,20 @@
installShellFiles,
}:
let
version = "1.11.1";
version = "1.11.3";
externalPlugins = [
{
name = "tailscale";
repo = "github.com/damomurf/coredns-tailscale";
version = "750df081a3cc63f325ecfde6c30a974dc0e4bf56";
version = "c1a2b9d941edc6f701223d6e31be4edf46c9746f";
}
];
attrsToPlugins = attrs: builtins.map ({ name, repo, ... }: "${name}:${repo}") attrs;
attrsToSources = attrs: builtins.map ({ repo, version, ... }: "${repo}@${version}") attrs;
attrsToPlugins =
attrs: builtins.map ({ name, repo, ... }: lib.escapeShellArg "${name}:${repo}") attrs;
attrsToSources =
attrs: builtins.map ({ repo, version, ... }: lib.escapeShellArg "${repo}@${version}") attrs;
in
buildGoModule {
pname = "coredns";
@ -28,11 +30,12 @@ buildGoModule {
owner = "coredns";
repo = "coredns";
rev = "v${version}";
sha256 = "sha256-Mn8hOsODTlnl6PJaevMcyIKkIx/1Lk2HGA7fSSizR20=";
# sha256 = lib.fakeSha256;
sha256 = "8LZMS1rAqEZ8k1IWSRkQ2O650oqHLP0P31T8oUeE4fw=";
};
# vendorHash = lib.fakeHash;
vendorHash = "sha256-ba8Krc8FVrylsV0n/3JNRTrL3bP8UJRdKF2fy8SYU3o=";
vendorHash = "sha256-9oq+oNxOmHuFDIn1hQu7BBb76s615B6Mm3JxqSpEOuI=";
nativeBuildInputs = [ installShellFiles ];