diff --git a/flake.lock b/flake.lock index 8fe19319..cf46d60b 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1664140963, - "narHash": "sha256-pFxDtOLduRFlol0Y4ShE+soRQX4kbhaCNBtDOvx7ykw=", + "lastModified": 1665870395, + "narHash": "sha256-Tsbqb27LDNxOoPLh0gw2hIb6L/6Ow/6lIBvqcHzEKBI=", "owner": "ryantm", "repo": "agenix", - "rev": "6acb1fe5f8597d5ce63fc82bc7fcac7774b1cdf0", + "rev": "a630400067c6d03c9b3e0455347dc8559db14288", "type": "github" }, "original": { @@ -42,11 +42,11 @@ ] }, "locked": { - "lastModified": 1664210064, - "narHash": "sha256-df6nKVZe/yAhmJ9csirTPahc0dldwm3HBhCVNA6qWr0=", + "lastModified": 1668784520, + "narHash": "sha256-gGgVAMwYPPmrfnvnoRi6OkEB5KRsNTb9uYzEceLdO/g=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "02d2551c927b7d65ded1b3c7cd13da5cc7ae3fcf", + "rev": "6349b99bc2b96ded34d068a88c7c5ced406b7f7f", "type": "github" }, "original": { @@ -85,11 +85,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1659725433, - "narHash": "sha256-1ZxuK67TL29YLw88vQ18Y2Y6iYg8Jb7I6/HVzmNB6nM=", + "lastModified": 1668797197, + "narHash": "sha256-0w6iD3GSSQbIeSFVDzAAQZB+hDq670ZTms3d9XI+BtM=", "owner": "serokell", "repo": "deploy-rs", - "rev": "41f15759dd8b638e7b4f299730d94d5aa46ab7eb", + "rev": "2a3c5f70eee04a465aa534d8bd4fcc9bb3c4a8ce", "type": "github" }, "original": { @@ -120,6 +120,31 @@ "type": "github" } }, + "devshell_2": { + "inputs": { + "flake-utils": [ + "keycloak-theme-pub-solar", + "flake-utils" + ], + "nixpkgs": [ + "keycloak-theme-pub-solar", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1667210711, + "narHash": "sha256-IoErjXZAkzYWHEpQqwu/DeRNJGFdR7X2OGbkhMqMrpw=", + "owner": "numtide", + "repo": "devshell", + "rev": "96a9dd12b8a447840cc246e17a47b81a4268bba7", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, "digga": { "inputs": { "blank": "blank", @@ -256,11 +281,11 @@ }, "flake-utils_3": { "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { @@ -270,6 +295,21 @@ } }, "flake-utils_4": { + "locked": { + "lastModified": 1667077288, + "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_5": { "locked": { "lastModified": 1653893745, "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", @@ -284,6 +324,22 @@ "type": "github" } }, + "fork": { + "locked": { + "lastModified": 1669519260, + "narHash": "sha256-eXuHtd+D2/gOQ1QcMbb7InKdwYPPp/+CwQxSo0fW3s4=", + "owner": "teutat3s", + "repo": "nixpkgs", + "rev": "9836531dcac8630bbe54b6a4897de7b1ce8a2858", + "type": "github" + }, + "original": { + "owner": "teutat3s", + "ref": "fix/gitea-needs-gpg-in-path", + "repo": "nixpkgs", + "type": "github" + } + }, "home": { "inputs": { "nixpkgs": [ @@ -291,11 +347,11 @@ ] }, "locked": { - "lastModified": 1656169755, - "narHash": "sha256-Nlnm4jeQWEGjYrE6hxi/7HYHjBSZ/E0RtjCYifnNsWk=", + "lastModified": 1667907331, + "narHash": "sha256-bHkAwkYlBjkupPUFcQjimNS8gxWSWjOTevEuwdnp5m0=", "owner": "nix-community", "repo": "home-manager", - "rev": "4a3d01fb53f52ac83194081272795aa4612c2381", + "rev": "6639e3a837fc5deb6f99554072789724997bc8e5", "type": "github" }, "original": { @@ -305,6 +361,29 @@ "type": "github" } }, + "keycloak-theme-pub-solar": { + "inputs": { + "devshell": "devshell_2", + "flake-utils": "flake-utils_3", + "nixpkgs": [ + "nixos" + ] + }, + "locked": { + "lastModified": 1669558652, + "narHash": "sha256-97WIgaqh8LHlerRn83JCOUwejy/p8h44y8Suth22/t4=", + "ref": "main", + "rev": "3c8ef7c3d2c025a4dced88190dec2307641e8b26", + "revCount": 11, + "type": "git", + "url": "https://git.pub.solar/pub-solar/keycloak-theme" + }, + "original": { + "ref": "main", + "type": "git", + "url": "https://git.pub.solar/pub-solar/keycloak-theme" + } + }, "latest": { "locked": { "lastModified": 1657265485, @@ -323,11 +402,11 @@ }, "latest_2": { "locked": { - "lastModified": 1664538465, - "narHash": "sha256-EnlC7dDKX7X1wlnXkB1gmn9rBZQ0J9+biVTZHw//8us=", + "lastModified": 1669411043, + "narHash": "sha256-LfPd3+EY+jaIHTRIEOUtHXuanxm59YKgUacmSzaqMLc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "10ecda252ce1b3b1d6403caeadbcc8f30d5ab796", + "rev": "5dc7114b7b256d217fe7752f1614be2514e61bb8", "type": "github" }, "original": { @@ -374,11 +453,11 @@ }, "nixos": { "locked": { - "lastModified": 1664594436, - "narHash": "sha256-YHowMADGzdi7fKnGlg47qe0PIljq+11VqLarmXDuKxQ=", + "lastModified": 1669418739, + "narHash": "sha256-T86oFvcUIRwHWBWUt7WjaP4BP/3lDGbv5AppQSI1FkI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9cac45850280978a21a3eb67b15a18f34cbffa2d", + "rev": "695b3515251873e0a7e2021add4bba643c56cde3", "type": "github" }, "original": { @@ -394,11 +473,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1660727616, - "narHash": "sha256-zYTIvdPMYMx/EYqXODAwIIU30RiEHqNHdgarIHuEYZc=", + "lastModified": 1669065280, + "narHash": "sha256-3+pq1oJWjGDLfd8G/vR3IIFZ+EQ/aglukA0bTiMlf3o=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "adccd191a0e83039d537e021f19495b7bad546a1", + "rev": "50aeec40f2072d2ab267c8ec8a345573704ec110", "type": "github" }, "original": { @@ -409,11 +488,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1664628729, - "narHash": "sha256-A1J0ZPhBfZZiWI6ipjKJ8+RpMllzOMu/An/8Tk3t4oo=", + "lastModified": 1669146234, + "narHash": "sha256-HEby7EG1yaq1oT2Ze6Cvok9CFju1XHkSvVHmkptLW9U=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "3024c67a2e9a35450558426c42e7419ab37efd95", + "rev": "0099253ad0b5283f06ffe31cf010af3f9ad7837d", "type": "github" }, "original": { @@ -469,17 +548,17 @@ "nvfetcher": { "inputs": { "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "nixpkgs": [ "nixos" ] }, "locked": { - "lastModified": 1664550666, - "narHash": "sha256-eXfMRd9uItEp3PsYI31FSVGPG9dVC6yF++65ZrGwW8A=", + "lastModified": 1667620329, + "narHash": "sha256-v1Zk7rtEbAGpevBGPZvZBKpwbmw4I+uVwxvd+pBlp3o=", "owner": "berberman", "repo": "nvfetcher", - "rev": "9763ad40d59a044e90726653d9253efaeeb053b2", + "rev": "294826951113dcd3aa9abbcacfb1aa5b95a19116", "type": "github" }, "original": { @@ -494,7 +573,9 @@ "darwin": "darwin", "deploy": "deploy", "digga": "digga", + "fork": "fork", "home": "home", + "keycloak-theme-pub-solar": "keycloak-theme-pub-solar", "latest": "latest_2", "naersk": "naersk", "nixos": "nixos", @@ -507,18 +588,18 @@ }, "triton-vmtools": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_5", "nixpkgs": [ "nixos" ] }, "locked": { "dir": "vmtools", - "lastModified": 1664803886, - "narHash": "sha256-M2mk5H0PTSSQqdMqQWg/IGOARWwiPlaM8lSn3ObRPWU=", + "lastModified": 1668514320, + "narHash": "sha256-P+wzdarT2l+91VPf9hsYtKJad7WHttN5oFFlGQHJ5mQ=", "ref": "main", - "rev": "d79cc27c907062540594ea8998f17674ece1ca64", - "revCount": 23, + "rev": "8648709ed952423e82d62eb634918de1b1cfdc82", + "revCount": 27, "type": "git", "url": "https://git.b12f.io/pub-solar/infra?dir=vmtools" }, diff --git a/flake.nix b/flake.nix index 1ec91886..a7b22b97 100644 --- a/flake.nix +++ b/flake.nix @@ -10,6 +10,7 @@ # Track channels with commits tested and built by hydra nixos.url = "github:nixos/nixpkgs/nixos-22.05"; latest.url = "github:nixos/nixpkgs/nixos-unstable"; + fork.url = "github:teutat3s/nixpkgs/fix/gitea-needs-gpg-in-path"; digga.url = "github:pub-solar/digga/fix/bootstrap-iso"; digga.inputs.nixpkgs.follows = "nixos"; @@ -41,6 +42,9 @@ triton-vmtools.url = "git+https://git.b12f.io/pub-solar/infra?ref=main&dir=vmtools"; triton-vmtools.inputs.nixpkgs.follows = "nixos"; + + keycloak-theme-pub-solar.url = "git+https://git.pub.solar/pub-solar/keycloak-theme?ref=main"; + keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixos"; }; outputs = @@ -54,6 +58,7 @@ , nvfetcher , deploy , triton-vmtools + , keycloak-theme-pub-solar , ... } @ inputs: digga.lib.mkFlake @@ -72,6 +77,7 @@ overlays = [ ]; }; latest = { }; + fork = { }; }; lib = import ./lib { lib = digga.lib // nixos.lib; }; @@ -153,9 +159,9 @@ homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations; deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { - flora6 = { + flora-6 = { sshUser = "barkeeper"; - hostname = "infra-1.pub.solar"; + hostname = "flora-6.pub.solar"; }; }; }; diff --git a/hosts/flora-6/default.nix b/hosts/flora-6/default.nix index 96070967..931ec771 100644 --- a/hosts/flora-6/default.nix +++ b/hosts/flora-6/default.nix @@ -1,6 +1,6 @@ { ... }: { imports = [ - ./flora6.nix + ./flora-6.nix ]; } diff --git a/hosts/flora-6/flora-6.nix b/hosts/flora-6/flora-6.nix index d7fca297..4864bc3f 100644 --- a/hosts/flora-6/flora-6.nix +++ b/hosts/flora-6/flora-6.nix @@ -1,4 +1,13 @@ -{ config, inputs, lib, pkgs, profiles, latestModulesPath, self, ... }: +{ config +, forkModulesPath +, latestModulesPath +, lib +, inputs +, pkgs +, profiles +, self +, ... +}: let psCfg = config.pub-solar; in @@ -13,8 +22,12 @@ in profiles.users.barkeeper "${latestModulesPath}/services/web-apps/keycloak.nix" + "${forkModulesPath}/services/misc/gitea.nix" + ]; + disabledModules = [ + "services/web-apps/keycloak.nix" + "services/misc/gitea.nix" ]; - disabledModules = [ "services/web-apps/keycloak.nix" ]; config = { # # # @@ -82,6 +95,9 @@ in http-port = 8080; proxy = "edge"; }; + themes = { + "pub.solar" = inputs.keycloak-theme-pub-solar.legacyPackages.${pkgs.system}.keycloak-theme-pub-solar; + }; }; # gitea diff --git a/secrets/secrets.nix b/secrets/secrets.nix index ba00b0ac..5c522962 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -1,9 +1,9 @@ let # set ssh public keys here for your system and user teutat3s = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms"; - flora6 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP1InpTBN4AlF/4V8HHumAMLJzeO8DpzjUv9Co/+J09 root@pub-solar-infra-vm-1"; - allKeys = [ flora6 teutat3s ]; - deployKeys = [ flora6 teutat3s ]; + flora-6 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP1InpTBN4AlF/4V8HHumAMLJzeO8DpzjUv9Co/+J09 root@pub-solar-infra-vm-1"; + allKeys = [ flora-6 teutat3s ]; + deployKeys = [ flora-6 teutat3s ]; in { "gitea-database-password.age".publicKeys = deployKeys;