Compare commits
No commits in common. "f5de5bea15b08c6270585801ffc6b7bb306d804c" and "00d9b7925a0406f4eebab7b50a7a4f44f0abfcc5" have entirely different histories.
f5de5bea15
...
00d9b7925a
13 changed files with 55 additions and 284 deletions
|
@ -13,7 +13,6 @@ keys:
|
||||||
- &neo age1s95yw988he30l6wegfwquh4nh03jst2tvyu4ykng4g88h7s3a3rs5zh5fp
|
- &neo age1s95yw988he30l6wegfwquh4nh03jst2tvyu4ykng4g88h7s3a3rs5zh5fp
|
||||||
- &nix-cache age1ffpkfl4ged52ym7ynyhjc40t9v2g6pgjp4ue670lxcr6mxy7mdtqt5qjlq
|
- &nix-cache age1ffpkfl4ged52ym7ynyhjc40t9v2g6pgjp4ue670lxcr6mxy7mdtqt5qjlq
|
||||||
- &proxy age1yz7k9s5plamjq425memjh00y4sdldgdhpwxqpx9gk9wutttx9scsdg3qd5
|
- &proxy age1yz7k9s5plamjq425memjh00y4sdldgdhpwxqpx9gk9wutttx9scsdg3qd5
|
||||||
- &read age193v7jejqu7dxk4xejs9cfcatz7605wf4fmytxst424xel2e4z48qj8fflj
|
|
||||||
- &saga age10advysga7fpkh7uuv9a7phs77c5khswf5c9q9txvrauxtqr4yu0sk2r75v
|
- &saga age10advysga7fpkh7uuv9a7phs77c5khswf5c9q9txvrauxtqr4yu0sk2r75v
|
||||||
- &valkyrie age139zg5z02dx3j70tl6sn2l9kq0nfz2ddkffx0grlh7gg28dafhq6qd2sj6f
|
- &valkyrie age139zg5z02dx3j70tl6sn2l9kq0nfz2ddkffx0grlh7gg28dafhq6qd2sj6f
|
||||||
creation_rules:
|
creation_rules:
|
||||||
|
@ -89,12 +88,6 @@ creation_rules:
|
||||||
- *erwin
|
- *erwin
|
||||||
- *erwin_horus
|
- *erwin_horus
|
||||||
- *proxy
|
- *proxy
|
||||||
- path_regex: machines/read/[^/]+\.ya?ml$
|
|
||||||
key_groups:
|
|
||||||
- age:
|
|
||||||
- *erwin
|
|
||||||
- *erwin_horus
|
|
||||||
- *read
|
|
||||||
- path_regex: machines/saga/[^/]+\.ya?ml$
|
- path_regex: machines/saga/[^/]+\.ya?ml$
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
|
|
92
flake.lock
92
flake.lock
|
@ -31,11 +31,11 @@
|
||||||
"nixpkgs-stable": "nixpkgs-stable"
|
"nixpkgs-stable": "nixpkgs-stable"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720542474,
|
"lastModified": 1717279440,
|
||||||
"narHash": "sha256-aKjJ/4l2I9+wNGTaOGRsuS3M1+IoTibqgEMPDikXm04=",
|
"narHash": "sha256-kH04ReTjxOpQumgWnqy40vvQLSnLGxWP6RF3nq5Esrk=",
|
||||||
"owner": "zhaofengli",
|
"owner": "zhaofengli",
|
||||||
"repo": "attic",
|
"repo": "attic",
|
||||||
"rev": "6139576a3ce6bb992e0f6c3022528ec233e45f00",
|
"rev": "717cc95983cdc357bc347d70be20ced21f935843",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -56,11 +56,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721067121,
|
"lastModified": 1720438061,
|
||||||
"narHash": "sha256-T+kLHwraj0u238/MoqYKrtz4rKZT4a4UAzEs+ZGqLsQ=",
|
"narHash": "sha256-sZVo8ngBpot1XrSqAEj7jou8DOuh1yH9mGveR8SA0vs=",
|
||||||
"owner": "atuinsh",
|
"owner": "atuinsh",
|
||||||
"repo": "atuin",
|
"repo": "atuin",
|
||||||
"rev": "7eb985b616c12aed261fbef74a47c5a928c03e61",
|
"rev": "6d254c694677af6189159fad1c7737f2e06e4a78",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -197,11 +197,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721007199,
|
"lastModified": 1720402389,
|
||||||
"narHash": "sha256-Gof4Lj1rgTrX59bNu5b/uS/3X/marUGM7LYw31NoXEA=",
|
"narHash": "sha256-zJv6euDOrJWMHBhxfp/ay+Dvjwpe8YtMuEI5b09bxmo=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "disko",
|
"repo": "disko",
|
||||||
"rev": "bad376945de7033c7adc424c02054ea3736cf7c4",
|
"rev": "f1a00e7f55dc266ef286cc6fc8458fa2b5ca2414",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -221,11 +221,11 @@
|
||||||
"nixpkgs-stable": "nixpkgs-stable_2"
|
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721063376,
|
"lastModified": 1720429744,
|
||||||
"narHash": "sha256-di+YqstcANGipdJP+lQ/vPOlB+UIFNSZjg6rlpMOyFs=",
|
"narHash": "sha256-DFDThlsRInZPkbReZgXOhDv3CqsOkf8KEs1RkGTb4R4=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "emacs-overlay",
|
"repo": "emacs-overlay",
|
||||||
"rev": "7c521a93160b3f3deb2325ba5485eabaecc76100",
|
"rev": "743e01cc6f5be48230b99178e3f14b34da84022e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -587,11 +587,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720734513,
|
"lastModified": 1720327769,
|
||||||
"narHash": "sha256-neWQ8eNtLTd+YMesb7WjKl1SVCbDyCm46LUgP/g/hdo=",
|
"narHash": "sha256-kAsg3Lg4YKKpGw+f1W2s5hzjP8B0y/juowvjK8utIag=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "90ae324e2c56af10f20549ab72014804a3064c7f",
|
"rev": "6b7ce96f34b324e4e104abc30d06955d216bac71",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -679,11 +679,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721014541,
|
"lastModified": 1720354748,
|
||||||
"narHash": "sha256-CaL618a842JxU69/c9U7TysASx51LeFR4TwAai3YBfI=",
|
"narHash": "sha256-QyuNREH5M0FZG0iVeOB3pUABIz9kqN+a1MYLzl3978Q=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nix-ld-rs",
|
"repo": "nix-ld-rs",
|
||||||
"rev": "befdf953399eeff2c4e7c5a2b63af964ad209269",
|
"rev": "45eec25fe63b5c421c9439a743a2416a6cdea00b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -694,11 +694,11 @@
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720737798,
|
"lastModified": 1720429258,
|
||||||
"narHash": "sha256-G/OtEAts7ZUvW5lrGMXSb8HqRp2Jr9I7reBuvCOL54w=",
|
"narHash": "sha256-d6JI5IgJ1xdrk7DvYVx7y8ijcYz5I1nhCwOiDP6cq00=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "c5013aa7ce2c7ec90acee5d965d950c8348db751",
|
"rev": "72d3c007024ce47d838bb38693c8773812f54bf2",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -753,11 +753,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-stable_2": {
|
"nixpkgs-stable_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720954236,
|
"lastModified": 1720244366,
|
||||||
"narHash": "sha256-1mEKHp4m9brvfQ0rjCca8P1WHpymK3TOr3v34ydv9bs=",
|
"narHash": "sha256-WrDV0FPMVd2Sq9hkR5LNHudS3OSMmUrs90JUTN+MXpA=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "53e81e790209e41f0c1efa9ff26ff2fd7ab35e27",
|
"rev": "49ee0e94463abada1de470c9c07bfc12b36dcf40",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -769,27 +769,27 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-stable_3": {
|
"nixpkgs-stable_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720386169,
|
"lastModified": 1718811006,
|
||||||
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
|
"narHash": "sha256-0Y8IrGhRmBmT7HHXlxxepg2t8j1X90++qRN3lukGaIk=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
|
"rev": "03d771e513ce90147b65fe922d87d3a0356fc125",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"ref": "nixos-24.05",
|
"ref": "nixos-23.11",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-stable_4": {
|
"nixpkgs-stable_4": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720915306,
|
"lastModified": 1720282526,
|
||||||
"narHash": "sha256-6vuViC56+KSr+945bCV8akHK+7J5k6n/epYg/W3I5eQ=",
|
"narHash": "sha256-dudRkHPRivMNOhd04YI+v4sWvn2SnN5ODSPIu5IVbco=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "74348da2f3a312ee25cea09b98cdba4cb9fa5d5d",
|
"rev": "550ac3e955c30fe96dd8b2223e37e0f5d225c927",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -801,11 +801,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720957393,
|
"lastModified": 1720031269,
|
||||||
"narHash": "sha256-oedh2RwpjEa+TNxhg5Je9Ch6d3W1NKi7DbRO1ziHemA=",
|
"narHash": "sha256-rwz8NJZV+387rnWpTYcXaRNvzUSnnF9aHONoJIYmiUQ=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "693bc46d169f5af9c992095736e82c3488bf7dbb",
|
"rev": "9f4128e00b0ae8ec65918efeba59db998750ead6",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -853,11 +853,11 @@
|
||||||
"nixpkgs-stable": "nixpkgs-stable_3"
|
"nixpkgs-stable": "nixpkgs-stable_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721042469,
|
"lastModified": 1720450253,
|
||||||
"narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=",
|
"narHash": "sha256-1in42htN3g3MnE3/AO5Qgs6pMWUzmtPQ7s675brO8uw=",
|
||||||
"owner": "cachix",
|
"owner": "cachix",
|
||||||
"repo": "git-hooks.nix",
|
"repo": "git-hooks.nix",
|
||||||
"rev": "f451c19376071a90d8c58ab1a953c6e9840527fd",
|
"rev": "2b6bd3c87d3a66fb0b8f2f06c985995e04b4fb96",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -943,11 +943,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721010111,
|
"lastModified": 1720405186,
|
||||||
"narHash": "sha256-GuPw2xhJZ+eszIJFu7z7AtqUmirSWPHpxuCpG6dSOic=",
|
"narHash": "sha256-7D57KwmTIbsopE/1g8hFeIbVoeJGgU3wfuGYvTlNQG4=",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "rust-overlay",
|
"repo": "rust-overlay",
|
||||||
"rev": "3ef018b6d0f62eb59580a8e9fe141e37bf1d972d",
|
"rev": "f0ca58b37ff4179ce4587589c32205764d9b4a4f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -964,11 +964,11 @@
|
||||||
"nixpkgs-stable": "nixpkgs-stable_4"
|
"nixpkgs-stable": "nixpkgs-stable_4"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720926522,
|
"lastModified": 1720321395,
|
||||||
"narHash": "sha256-eTpnrT6yu1vp8C0B5fxHXhgKxHoYMoYTEikQx///jxY=",
|
"narHash": "sha256-kcI8q9Nh8/CSj0ygfWq1DLckHl8IHhFarL8ie6g7OEk=",
|
||||||
"owner": "Mic92",
|
"owner": "Mic92",
|
||||||
"repo": "sops-nix",
|
"repo": "sops-nix",
|
||||||
"rev": "0703ba03fd9c1665f8ab68cc3487302475164617",
|
"rev": "c184aca4db5d71c3db0c8cbfcaaec337a5d065ea",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -1061,11 +1061,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721059077,
|
"lastModified": 1720436211,
|
||||||
"narHash": "sha256-gCICMMX7VMSKKt99giDDtRLkHJ0cwSgBtDijJAqTlto=",
|
"narHash": "sha256-/cKXod0oGLl+vH4bKBZnTV3qxrw4jgOLnyQ8KXey5J8=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"rev": "0fb28f237f83295b4dd05e342f333b447c097398",
|
"rev": "6fc8bded78715cdd43a3278a14ded226eb3a239e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -1315,16 +1315,7 @@ Add [[https://melpa.org/#/cmake-mode][cmake-mode]]
|
||||||
#+begin_src emacs-lisp
|
#+begin_src emacs-lisp
|
||||||
(use-package cmake-mode
|
(use-package cmake-mode
|
||||||
:after eglot
|
:after eglot
|
||||||
:hook
|
:hook (cmake-mode . eglot-ensure))
|
||||||
((cmake-mode cmake-ts-mode) . eglot-ensure))
|
|
||||||
#+end_src
|
|
||||||
|
|
||||||
Add =neocmakelsp= to language servers
|
|
||||||
|
|
||||||
#+begin_src emacs-lisp
|
|
||||||
(with-eval-after-load 'eglot
|
|
||||||
(add-to-list 'eglot-server-programs
|
|
||||||
'(cmake-ts-mode . ("neocmakelsp" "--stdio"))))
|
|
||||||
#+end_src
|
#+end_src
|
||||||
|
|
||||||
*** YAML
|
*** YAML
|
||||||
|
|
|
@ -105,14 +105,6 @@ inputs: {
|
||||||
tags = [ "metal" ];
|
tags = [ "metal" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
read = {
|
|
||||||
config = import ./read/configuration.nix inputs;
|
|
||||||
deploy = {
|
|
||||||
# host = "10.0.0.101";
|
|
||||||
host = "read.barn-beaver.ts.net";
|
|
||||||
tags = [ "container" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
proxy = {
|
proxy = {
|
||||||
config = import ./proxy/configuration.nix inputs;
|
config = import ./proxy/configuration.nix inputs;
|
||||||
deploy = {
|
deploy = {
|
||||||
|
|
|
@ -1,103 +0,0 @@
|
||||||
{ self, caddy-with-plugins, ... }:
|
|
||||||
{
|
|
||||||
modulesPath,
|
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
(modulesPath + "/virtualisation/lxc-container.nix")
|
|
||||||
../../users/root
|
|
||||||
../../users/erwin
|
|
||||||
|
|
||||||
./miniflux
|
|
||||||
];
|
|
||||||
|
|
||||||
eboskma = {
|
|
||||||
users.erwin = {
|
|
||||||
enable = true;
|
|
||||||
server = true;
|
|
||||||
};
|
|
||||||
nix-common = {
|
|
||||||
enable = true;
|
|
||||||
remote-builders = true;
|
|
||||||
};
|
|
||||||
caddy-proxy = {
|
|
||||||
enable = true;
|
|
||||||
package = caddy-with-plugins.packages.${pkgs.system}.caddy-with-cloudflare;
|
|
||||||
proxyHosts = [
|
|
||||||
{
|
|
||||||
externalHostname = "read.datarift.nl";
|
|
||||||
proxyAddress = "http://${config.services.miniflux.config.LISTEN_ADDR}";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
tailscale.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
boot = {
|
|
||||||
isContainer = true;
|
|
||||||
kernel.sysctl = {
|
|
||||||
"net.core.rmem_max" = 7500000;
|
|
||||||
"net.core.wmem_max" = 7500000;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
time.timeZone = "Europe/Amsterdam";
|
|
||||||
|
|
||||||
system.configurationRevision = self.inputs.nixpkgs.lib.mkIf (self ? rev) self.rev;
|
|
||||||
|
|
||||||
networking = {
|
|
||||||
hostName = "read";
|
|
||||||
useDHCP = false;
|
|
||||||
useHostResolvConf = false;
|
|
||||||
networkmanager.enable = false;
|
|
||||||
useNetworkd = true;
|
|
||||||
nftables.enable = true;
|
|
||||||
|
|
||||||
firewall.trustedInterfaces = [ "tailscale0" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd = {
|
|
||||||
services.logrotate-checkconf.enable = false;
|
|
||||||
|
|
||||||
network = {
|
|
||||||
enable = true;
|
|
||||||
|
|
||||||
wait-online.anyInterface = true;
|
|
||||||
|
|
||||||
networks = {
|
|
||||||
"40-eth0" = {
|
|
||||||
matchConfig = {
|
|
||||||
Name = "eth0";
|
|
||||||
};
|
|
||||||
|
|
||||||
networkConfig = {
|
|
||||||
Address = "10.0.0.207/24";
|
|
||||||
Gateway = "10.0.0.1";
|
|
||||||
DNS = "10.0.0.206";
|
|
||||||
DHCP = "no";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
security = {
|
|
||||||
sudo-rs = {
|
|
||||||
enable = true;
|
|
||||||
execWheelOnly = true;
|
|
||||||
wheelNeedsPassword = false;
|
|
||||||
};
|
|
||||||
sudo.enable = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
sops.defaultSopsFile = ./secrets.yaml;
|
|
||||||
sops.secrets = {
|
|
||||||
caddy-env = { };
|
|
||||||
miniflux-env = { };
|
|
||||||
};
|
|
||||||
|
|
||||||
system.stateVersion = "24.11";
|
|
||||||
}
|
|
|
@ -1,15 +0,0 @@
|
||||||
{ config, ... }:
|
|
||||||
{
|
|
||||||
services.miniflux = {
|
|
||||||
enable = true;
|
|
||||||
config = {
|
|
||||||
BASE_URL = "https://read.datarift.nl";
|
|
||||||
POLLING_SCHEDULER = "entry_frequency";
|
|
||||||
OAUTH2_PROVIDER = "oidc";
|
|
||||||
OAUTH2_REDIRECT_URL = "https://read.datarift.nl/oauth2/oidc/callback";
|
|
||||||
OAUTH2_OIDC_DISCOVERY_ENDPOINT = "https://id.datarift.nl/realms/datarift";
|
|
||||||
WEBAUTHN = 1;
|
|
||||||
};
|
|
||||||
adminCredentialsFile = config.sops.secrets.miniflux-env.path;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,40 +0,0 @@
|
||||||
caddy-env: ENC[AES256_GCM,data:gw+QSN+c2Lp2F4wNzhTXklq9sUrDT389KLAh2YRpZbqxWpodx4LPJ1uIUsMC1TdeYmq+lkI+,iv:iXjLwOfQo9wEa9bBlE5HYUKDNriJgcm7hxPsBys62hk=,tag:DbutFgWz5ZqHE1/aP4+7Ag==,type:str]
|
|
||||||
miniflux-env: ENC[AES256_GCM,data:5H+/yRuPW6BodnHaq3E7bcqD7xSRLHwle6BdSpsyFPUY9lw7JT4445lnQlV/uliGJJTu0H9N3G5KhsDQbvvU8vw+5yQvX4EgYQnJfYMyEn8LmQE+ErGz5Lpx3A6sjFuy0KHCqbFJwf5jjfZwuxvNdTKv34gnR2u9+4Vyg5qjwAP4jw==,iv:HfLie5OUOkEKjSmm7rBfOtVhkIq9GA3NRfwDg5AD7MQ=,tag:1ysgjaklV6twaLPe5na+hw==,type:str]
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age:
|
|
||||||
- recipient: age1h7ddyj66gcqt5vnzphjfn6y5tul79q0glcdl0et9w44z2evl999qe02wht
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYRHo4TVNEeWhySXlVOWZs
|
|
||||||
amRZOWRCUzlvenNkeXY0MzFtNUl6dzJiR1hnCkJzZno4NE5lQzAzb3U5TGN5NnlG
|
|
||||||
dlh4VmxQWVRrZUFGUEs5OVFzV3FYbFUKLS0tIFJnMTVFVFlja2FNM1VPa0d5MDVZ
|
|
||||||
OG80aHp3OWRwWTZqWFBlSUhuZWFLRHcKjLMykruXBQxp5ncKqGJ6R1xcFx0xRJjW
|
|
||||||
+svOHaCOb+j7J8AFr/wLn1Cz9lhinqAfKL+rncCn+sq2tTsH1L0nrA==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
- recipient: age1435gxhlpu55pp86r8pullhc6wg43nv6qm5l3g2vl5000xhn8apdqtlf8cg
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhMnVwSnhTNk9jM2pYWmVP
|
|
||||||
Q0t2RnJJNnZPRXpCQXlHQzB1YUl5aXpSc0RvClB5Q0xTemJpb3o3MUFjMlNuYlFO
|
|
||||||
LzZwRHZnVlU3OVB0bFZIektFMitiZXMKLS0tIHNKSzBVOVh5TXoySWxlOXFaQ25N
|
|
||||||
ZFlhanZ3WTZuR3Zoa3FiMGNHMXlkZFUKSR5yoXow2D07xpBIrgo2mDwjiWbWp1L9
|
|
||||||
svyLVXtkxwSun0PqvZ4vg9dl7qLX3IwdaqtWvdetFF9ps7QEsnHzOg==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
- recipient: age193v7jejqu7dxk4xejs9cfcatz7605wf4fmytxst424xel2e4z48qj8fflj
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWSjJKRHV1azVyUGF6NVpL
|
|
||||||
NHlyWDBnbjRhdjRRR2ZxZy8rcDM1Q0Z4Um5RCjRjOExKWHJPSjExeSsxOEJLQlpI
|
|
||||||
Q0JkYlZGbVZuSy9yZTdRbFd2OGJwU00KLS0tIE1vbERsbDNOVWR3UHAxQVl2ZEts
|
|
||||||
alprbldiMEtZQ29DaUJzaEZlWmxXTmMKPYHIg4fMR5fbCoCAyHHuL/WGfn4D6mXJ
|
|
||||||
yulfOqthMxvvWr+9sOBeAWIWSCcc0DBmDjvUTaDqVA7pnhZE+hQ2mw==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2024-07-15T22:03:26Z"
|
|
||||||
mac: ENC[AES256_GCM,data:T4BUMEd6lxXtndOH52M2SGqMm08kW6tG4VDcpaBv5De+DmSaXX2cojM2MIOVBnQjNxCT6534RZAvnG4cQkUiIgaqP+PDyb1w0cYnv+zfgE/yHQ/AkBXlnr4jblJLYtU/04HpFm5OGvjYxqXDrrcWu/tZD6lZgiDcqLO5R+V0Azg=,iv:/WNzbV8YJpdVD7nF+AFQz/why5QFKGYidIgh1V8VLGA=,tag:RyyZRIsF7kyg+ZgDD+7DhQ==,type:str]
|
|
||||||
pgp: []
|
|
||||||
unencrypted_suffix: _unencrypted
|
|
||||||
version: 3.9.0
|
|
|
@ -1,6 +1,6 @@
|
||||||
$ORIGIN datarift.nl.
|
$ORIGIN datarift.nl.
|
||||||
$TTL 3600
|
$TTL 3600
|
||||||
@ IN SOA gabe.ns.cloudflare.com. dns.cloudflare.com. 5 3600 900 86400 1800
|
@ IN SOA gabe.ns.cloudflare.com. dns.cloudflare.com. 3 3600 900 86400 1800
|
||||||
|
|
||||||
home IN A 10.0.0.251
|
home IN A 10.0.0.251
|
||||||
frigate IN A 10.0.0.251
|
frigate IN A 10.0.0.251
|
||||||
|
@ -10,7 +10,5 @@ minio IN A 10.0.0.251
|
||||||
minio-admin IN A 10.0.0.251
|
minio-admin IN A 10.0.0.251
|
||||||
mqtt IN A 10.0.0.254
|
mqtt IN A 10.0.0.254
|
||||||
nix-cache IN A 10.0.0.209
|
nix-cache IN A 10.0.0.209
|
||||||
read IN A 10.0.0.207
|
|
||||||
saga IN A 10.0.0.251
|
saga IN A 10.0.0.251
|
||||||
vidz IN A 10.0.0.211
|
vidz IN A 10.0.0.211
|
||||||
unifi IN A 10.0.0.1
|
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
.:5454 {
|
.:5454 {
|
||||||
bind lo
|
bind lo
|
||||||
reload 5s
|
reload 5s
|
||||||
file /etc/coredns/tailscale.zone datarift.nl {
|
file ${./tailscale.zone} datarift.nl {
|
||||||
reload 10s
|
reload 10s
|
||||||
}
|
}
|
||||||
forward . 127.0.0.1:5335
|
forward . 127.0.0.1:5335
|
||||||
|
@ -21,7 +21,7 @@
|
||||||
.:5455 {
|
.:5455 {
|
||||||
bind lo
|
bind lo
|
||||||
reload 5s
|
reload 5s
|
||||||
file /etc/coredns/datarift.zone datarift.nl {
|
file ${./datarift.zone} datarift.nl {
|
||||||
reload 10s
|
reload 10s
|
||||||
}
|
}
|
||||||
forward . 127.0.0.1:5335
|
forward . 127.0.0.1:5335
|
||||||
|
@ -32,17 +32,6 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.etc = {
|
|
||||||
"coredns/datarift.zone" = {
|
|
||||||
source = ./datarift.zone;
|
|
||||||
mode = "0644";
|
|
||||||
};
|
|
||||||
"coredns/tailscale.zone" = {
|
|
||||||
source = ./tailscale.zone;
|
|
||||||
mode = "0644";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.coredns = {
|
systemd.services.coredns = {
|
||||||
environment = {
|
environment = {
|
||||||
HOME = "%S/coredns";
|
HOME = "%S/coredns";
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
$TTL 3600
|
$TTL 3600
|
||||||
@ IN SOA gabe.ns.cloudflare.com. dns.cloudflare.com. 14 3600 900 86400 1800
|
@ IN SOA gabe.ns.cloudflare.com. dns.cloudflare.com. 11 3600 900 86400 1800
|
||||||
|
|
||||||
home.datarift.nl. IN CNAME proxy.barn-beaver.ts.net.
|
home.datarift.nl. IN CNAME proxy.barn-beaver.ts.net.
|
||||||
frigate.datarift.nl. IN CNAME frigate.barn-beaver.ts.net.
|
frigate.datarift.nl. IN CNAME frigate.barn-beaver.ts.net.
|
||||||
|
@ -9,7 +9,6 @@ minio.datarift.nl. IN CNAME minio.barn-beaver.ts.net.
|
||||||
minio-admin.datarift.nl. IN CNAME minio.barn-beaver.ts.net.
|
minio-admin.datarift.nl. IN CNAME minio.barn-beaver.ts.net.
|
||||||
mqtt.datarift.nl. IN CNAME homeassistant.barn-beaver.ts.net.
|
mqtt.datarift.nl. IN CNAME homeassistant.barn-beaver.ts.net.
|
||||||
nix-cache.datarift.nl. IN CNAME nix-cache.barn-beaver.ts.net.
|
nix-cache.datarift.nl. IN CNAME nix-cache.barn-beaver.ts.net.
|
||||||
read.datarift.nl. IN CNAME read.barn-beaver.ts.net.
|
|
||||||
saga.datarift.nl. IN CNAME saga.barn-beaver.ts.net.
|
saga.datarift.nl. IN CNAME saga.barn-beaver.ts.net.
|
||||||
vidz.datarift.nl. IN CNAME vidz.barn-beaver.ts.net.
|
vidz.datarift.nl. IN CNAME vidz.barn-beaver.ts.net.
|
||||||
heimdall.datarift.nl. IN CNAME heimdall.barn-beaver.ts.net.
|
heimdall.datarift.nl. IN CNAME heimdall.barn-beaver.ts.net.
|
||||||
|
@ -18,4 +17,3 @@ odin.datarift.nl. IN CNAME odin.barn-beaver.ts.net.
|
||||||
id.datarift.nl. IN CNAME heimdall.barn-beaver.ts.net.
|
id.datarift.nl. IN CNAME heimdall.barn-beaver.ts.net.
|
||||||
garfield.datarift.nl. IN CNAME heimdall.barn-beaver.ts.net.
|
garfield.datarift.nl. IN CNAME heimdall.barn-beaver.ts.net.
|
||||||
|
|
||||||
unifi.datarift.nl. IN A 10.0.0.1
|
|
||||||
|
|
|
@ -15,6 +15,7 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
|
sound.enable = true;
|
||||||
services = {
|
services = {
|
||||||
pipewire = {
|
pipewire = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
final: prev: {
|
_final: prev: {
|
||||||
backscrub = prev.pkgs.callPackage ../pkgs/backscrub {
|
backscrub = prev.pkgs.callPackage ../pkgs/backscrub {
|
||||||
inherit (prev.pkgs)
|
inherit (prev.pkgs)
|
||||||
gcc
|
gcc
|
||||||
|
@ -19,38 +19,4 @@ final: prev: {
|
||||||
);
|
);
|
||||||
|
|
||||||
git-repo-go = prev.pkgs.callPackage ../pkgs/git-repo-go { };
|
git-repo-go = prev.pkgs.callPackage ../pkgs/git-repo-go { };
|
||||||
|
|
||||||
# Temporary until nixos-unstable is fixed for Python 3.12
|
|
||||||
python312 = prev.python312.override {
|
|
||||||
packageOverrides = _finalPkgs: prevPkgs: {
|
|
||||||
nose = prevPkgs.nose.overrideAttrs {
|
|
||||||
patches = [
|
|
||||||
(final.fetchpatch2 {
|
|
||||||
url = "https://github.com/NixOS/nixpkgs/raw/599e471d78801f95ccd2c424a37e76ce177e50b9/pkgs/development/python-modules/nose/0001-nose-python-3.12-fixes.patch";
|
|
||||||
hash = "sha256-aePOvO5+TJL4JzXywc7rEiYRzfdObSI9fg9Cfrp+e2o=";
|
|
||||||
})
|
|
||||||
];
|
|
||||||
};
|
|
||||||
wxpython = prevPkgs.wxpython.overrideAttrs {
|
|
||||||
disabled = false;
|
|
||||||
postPatch =
|
|
||||||
let
|
|
||||||
waf_2_0_25 = prev.fetchurl {
|
|
||||||
url = "https://waf.io/waf-2.0.25";
|
|
||||||
hash = "sha256-IRmc0iDM9gQ0Ez4f0quMjlIXw3mRmcgnIlQ5cNyOONU=";
|
|
||||||
};
|
|
||||||
in
|
|
||||||
''
|
|
||||||
cp ${waf_2_0_25} bin/waf-2.0.25
|
|
||||||
chmod +x bin/waf-2.0.25
|
|
||||||
substituteInPlace build.py \
|
|
||||||
--replace-fail "wafCurrentVersion = '2.0.24'" "wafCurrentVersion = '2.0.25'" \
|
|
||||||
--replace-fail "wafMD5 = '698f382cca34a08323670f34830325c4'" "wafMD5 = 'a4b1c34a03d594e5744f9e42f80d969d'" \
|
|
||||||
--replace-fail "distutils.dep_util" "setuptools.modified"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
python-hglib = prevPkgs.python-hglib.overrideAttrs { dontUseSetuptoolsCheck = "1"; };
|
|
||||||
};
|
|
||||||
};
|
|
||||||
python312Packages = final.python312.pkgs;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -43,7 +43,7 @@ in
|
||||||
wayland = true;
|
wayland = true;
|
||||||
};
|
};
|
||||||
eww = {
|
eww = {
|
||||||
enable = false;
|
enable = true;
|
||||||
};
|
};
|
||||||
firefox = {
|
firefox = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -177,6 +177,7 @@ in
|
||||||
easyeffects
|
easyeffects
|
||||||
element-desktop
|
element-desktop
|
||||||
fd
|
fd
|
||||||
|
freecad
|
||||||
ffmpeg_5-full
|
ffmpeg_5-full
|
||||||
helvum
|
helvum
|
||||||
imagemagick
|
imagemagick
|
||||||
|
|
Loading…
Reference in a new issue