reset later
This commit is contained in:
parent
19afde40e3
commit
f4b49fdcde
55
flake.lock
55
flake.lock
|
@ -7,11 +7,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1662241716,
|
||||
"narHash": "sha256-urqPvSvvGUhkwzTDxUI8N1nsdMysbAfjmBNZaTYBZRU=",
|
||||
"lastModified": 1673301561,
|
||||
"narHash": "sha256-gRUWHbBAtMuPDJQXotoI8u6+3DGBIUZHkyQWpIv7WpM=",
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"rev": "c96da5835b76d3d8e8d99a0fec6fe32f8539ee2e",
|
||||
"rev": "42d371d861a227149dc9a7e03350c9ab8b8ddd68",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -27,11 +27,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1661882940,
|
||||
"narHash": "sha256-4LaVFnV22WrOA0aolqqk9dXrM8crikcrLQt29G18F7M=",
|
||||
"lastModified": 1673295039,
|
||||
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
|
||||
"owner": "LnL7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "80cec5115aae74accc4ccfb9f84306d7863f0632",
|
||||
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -51,11 +51,11 @@
|
|||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1659725433,
|
||||
"narHash": "sha256-1ZxuK67TL29YLw88vQ18Y2Y6iYg8Jb7I6/HVzmNB6nM=",
|
||||
"lastModified": 1674127017,
|
||||
"narHash": "sha256-QO1xF7stu5ZMDLbHN30LFolMAwY6TVlzYvQoUs1RD68=",
|
||||
"owner": "serokell",
|
||||
"repo": "deploy-rs",
|
||||
"rev": "41f15759dd8b638e7b4f299730d94d5aa46ab7eb",
|
||||
"rev": "8c9ea9605eed20528bf60fae35a2b613b901fd77",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -218,11 +218,11 @@
|
|||
},
|
||||
"latest": {
|
||||
"locked": {
|
||||
"lastModified": 1662019588,
|
||||
"narHash": "sha256-oPEjHKGGVbBXqwwL+UjsveJzghWiWV0n9ogo1X6l4cw=",
|
||||
"lastModified": 1674641431,
|
||||
"narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "2da64a81275b68fdad38af669afeda43d401e94b",
|
||||
"rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -239,11 +239,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1662101674,
|
||||
"narHash": "sha256-Yn4jpQ3xMn2U8E/hZiaCulFn7NkUTZ5PMMPY8ClMJD4=",
|
||||
"lastModified": 1673395322,
|
||||
"narHash": "sha256-Xwaoz3+/+kCu8Przi1W3MWdQcOQ9wLVrr8nfBN6L6wA=",
|
||||
"owner": "musnix",
|
||||
"repo": "musnix",
|
||||
"rev": "c28a81cfdc33cbe95bce3aa853da5d8e5d8f5d00",
|
||||
"rev": "46d6e6435edcfa2a4adcfdd95d576979b710f4cb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -269,11 +269,11 @@
|
|||
},
|
||||
"nixos": {
|
||||
"locked": {
|
||||
"lastModified": 1674868155,
|
||||
"narHash": "sha256-eFNm2h6fNbgD7ZpO4MHikCB5pSnCJ7DTmwPisjetmwc=",
|
||||
"lastModified": 1674781052,
|
||||
"narHash": "sha256-nseKFXRvmZ+BDAeWQtsiad+5MnvI/M2Ak9iAWzooWBw=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "ce20e9ebe1903ea2ba1ab006ec63093020c761cb",
|
||||
"rev": "cc4bb87f5457ba06af9ae57ee4328a49ce674b1b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -289,11 +289,11 @@
|
|||
"nixpkgs": "nixpkgs"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1660727616,
|
||||
"narHash": "sha256-zYTIvdPMYMx/EYqXODAwIIU30RiEHqNHdgarIHuEYZc=",
|
||||
"lastModified": 1674666581,
|
||||
"narHash": "sha256-KNI2s/xrL7WOYaPJAWKBtb7cCH3335rLfsL+B+ssuGY=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixos-generators",
|
||||
"rev": "adccd191a0e83039d537e021f19495b7bad546a1",
|
||||
"rev": "6a5dc1d3d557ea7b5c19b15ff91955124d0400fa",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -304,11 +304,11 @@
|
|||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1662458987,
|
||||
"narHash": "sha256-hcDwRlsXZMp2Er3vQk1JEUZWhBPLVC9vTT4xHvhpcE0=",
|
||||
"lastModified": 1674550793,
|
||||
"narHash": "sha256-ljJlIFQZwtBbzWqWTmmw2O5BFmQf1A/DspwMOQtGXHk=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "504b32caf83986b7e6b9c79c1c13008f83290f19",
|
||||
"rev": "b7ac0a56029e4f9e6743b9993037a5aaafd57103",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -385,6 +385,7 @@
|
|||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 0,
|
||||
"narHash": "sha256-koC6DBYmLCrgXA+AMHVaODf1uHYPmvcFygHfy3eg6vI=",
|
||||
"path": "/nix/store/6mfkswqi67m35qwv0vh7kpk8rypbl2rq-source",
|
||||
"type": "path"
|
||||
|
@ -413,11 +414,11 @@
|
|||
},
|
||||
"utils": {
|
||||
"locked": {
|
||||
"lastModified": 1648297722,
|
||||
"narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=",
|
||||
"lastModified": 1667395993,
|
||||
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade",
|
||||
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -183,7 +183,7 @@
|
|||
redpanda = hensoko;
|
||||
|
||||
# home pc
|
||||
harrison = hensoko ++ [ daw graphical non-free social work ];
|
||||
harrison = hensoko ++ [ daw gaming graphical non-free social work ];
|
||||
|
||||
# work laptop
|
||||
norman = hensoko ++ [ graphical non-free social virtualisation work ];
|
||||
|
@ -192,7 +192,7 @@
|
|||
falcone = hensoko-iot;
|
||||
|
||||
# surface
|
||||
surfplace = hensoko ++ [ graphical non-free social work ];
|
||||
surfplace = hensoko ++ [ graphical non-free social ];
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -229,8 +229,8 @@
|
|||
};
|
||||
|
||||
companion = { sshUser = "iot"; };
|
||||
cox = { };
|
||||
giggles = { };
|
||||
cox = { sshUser = "iot"; };
|
||||
giggles = { sshUser = "iot"; };
|
||||
ringo = { };
|
||||
cube = {
|
||||
sshUser = "iot";
|
||||
|
|
|
@ -10,6 +10,8 @@ in
|
|||
];
|
||||
|
||||
config = {
|
||||
nixpkgs.crossSystem.system = "aarch64-linux";
|
||||
|
||||
boot.plymouth.enable = lib.mkForce false;
|
||||
pub-solar.nextcloud.enable = lib.mkForce false;
|
||||
};
|
||||
|
|
|
@ -2,13 +2,14 @@
|
|||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, lib, ... }:
|
||||
{ inputs, pkgs, builtins, config, lib, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
./hardware-configuration.nix
|
||||
./home-controller.nix
|
||||
./paperless.nix
|
||||
];
|
||||
|
||||
boot.loader.timeout = lib.mkForce 0;
|
||||
|
@ -20,6 +21,10 @@
|
|||
efiSupport = true;
|
||||
efiInstallAsRemovable = true;
|
||||
device = "nodev";
|
||||
|
||||
extraInstallCommands = ''
|
||||
cp -r ${inputs.nixpkgs-hensoko.packages.aarch64-linux.raspberrypi4_firmware_uefi}/share/raspberrypi4-firmware-uefi/* /boot/
|
||||
'';
|
||||
};
|
||||
|
||||
# Set your time zone.
|
||||
|
@ -29,23 +34,11 @@
|
|||
# Per-interface useDHCP will be mandatory in the future, so this generated config
|
||||
# replicates the default behaviour.
|
||||
networking.useDHCP = false;
|
||||
networking.interfaces.eth0.useDHCP = true;
|
||||
networking.interfaces.wlan0.useDHCP = false;
|
||||
networking.interfaces.enabcm6e4ei0.useDHCP = true;
|
||||
networking.networkmanager.enable = lib.mkForce false;
|
||||
|
||||
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||
|
||||
nix = {
|
||||
extraOptions = lib.optionalString (config.nix.package == pkgs.nixFlakes) "experimental-features = nix-command flakes";
|
||||
};
|
||||
|
||||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
environment.systemPackages = with pkgs; [
|
||||
vim
|
||||
wget
|
||||
];
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall.allowedTCPPorts = [ 2380 6443 ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
|
|
|
@ -5,57 +5,61 @@
|
|||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "uas" ];
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "uas" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.initrd.supportedFilesystems = [ "zfs" ];
|
||||
boot.supportedFilesystems = [ "zfs" ];
|
||||
|
||||
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_5_18;
|
||||
boot.kernelParams = [ "usb-storage.quirks=2109:0716:u,174c:55aa:u" ];
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
cryptroot = {
|
||||
device = "/dev/disk/by-uuid/3bbde916-e12a-46a7-9eea-4f5e2aef7883";
|
||||
keyFile = "/dev/disk/by-id/usb-SanDisk_Cruzer_Blade_04017028021722045451-0:0-part1";
|
||||
bypassWorkqueues = true;
|
||||
fallbackToPassword = true;
|
||||
};
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot.supportedFilesystems = [ ];
|
||||
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
efiInstallAsRemovable = true;
|
||||
device = "nodev";
|
||||
};
|
||||
|
||||
boot.loader.efi.canTouchEfiVariables = false;
|
||||
|
||||
boot.loader.systemd-boot.enable = false;
|
||||
boot.loader.generic-extlinux-compatible.enable = false;
|
||||
boot.loader.timeout = 0;
|
||||
|
||||
boot.initrd.luks.devices."cryptroot" = {
|
||||
device = "/dev/disk/by-uuid/2538df0f-9d17-4651-a7ee-26d6f28e4e71";
|
||||
keyFile = "/dev/disk/by-id/usb-SanDisk_Cruzer_Blade_04017028021722045451-0:0-part1";
|
||||
fallbackToPassword = true;
|
||||
bypassWorkqueues = true;
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "zroot/root";
|
||||
fsType = "zfs";
|
||||
{ device = "/dev/disk/by-label/root";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/5552-1B21";
|
||||
{ device = "/dev/disk/by-uuid/5552-1B21";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
fileSystems."/var/lib/rancher/k3s/storage" =
|
||||
{
|
||||
device = "zroot/kubernetes-localstorage";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[{ device = "/dev/disk/by-uuid/0545db4a-0494-44d7-927a-4c78351c4303"; }];
|
||||
[ { device = "/dev/disk/by-label/swap"; }
|
||||
];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = false;
|
||||
networking.interfaces.eth0.useDHCP = lib.mkDefault true;
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
|
||||
networking.hostId = "71f2d82a";
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
{
|
||||
config = {
|
||||
age.secrets.home_controller_k3s_token.file = "${self}/secrets/home_controller_k3s_server_token.age";
|
||||
#age.secrets.home_controller_k3s_token.file = "${self}/secrets/home_controller_k3s_server_token.age";
|
||||
age.secrets.home_controller_wireguard.file = "${self}/secrets/home_controller_companion_wireguard_key.age";
|
||||
|
||||
pub-solar.home-controller = {
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
./backup.nix
|
||||
./hardware-configuration.nix
|
||||
./home-controller.nix
|
||||
./paperless.nix
|
||||
];
|
||||
|
||||
boot.loader.timeout = 0;
|
||||
|
|
|
@ -5,57 +5,59 @@
|
|||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "uas" ];
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "uas" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.initrd.supportedFilesystems = [ "zfs" ];
|
||||
boot.supportedFilesystems = [ "zfs" ];
|
||||
|
||||
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_5_18;
|
||||
boot.kernelPackages = pkgs.linuxPackages_6_1;
|
||||
boot.supportedFilesystems = [ ];
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
cryptroot = {
|
||||
device = "/dev/disk/by-uuid/bf333b74-875f-4187-922e-4b433fb53aa2";
|
||||
keyFile = "/dev/disk/by-id/usb-SanDisk_Cruzer_Blade_03024516121421043657-0:0-part1";
|
||||
bypassWorkqueues = true;
|
||||
fallbackToPassword = true;
|
||||
};
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
efiInstallAsRemovable = true;
|
||||
device = "nodev";
|
||||
};
|
||||
|
||||
boot.loader.efi.canTouchEfiVariables = false;
|
||||
|
||||
boot.loader.systemd-boot.enable = false;
|
||||
boot.loader.generic-extlinux-compatible.enable = false;
|
||||
boot.loader.timeout = 0;
|
||||
|
||||
boot.initrd.luks.devices."cryptroot" = {
|
||||
device = "/dev/disk/by-uuid/d86a20a6-686c-4bf8-bd3b-911901272742";
|
||||
keyFile = "/dev/disk/by-id/usb-SanDisk_Cruzer_Blade_03024516121421043657-0:0-part1";
|
||||
fallbackToPassword = true;
|
||||
bypassWorkqueues = true;
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "zroot/root";
|
||||
fsType = "zfs";
|
||||
{ device = "/dev/disk/by-uuid/6a419f58-bef1-4dd9-9b4f-389e35ba686a";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/6CB3-6DB8";
|
||||
{ device = "/dev/disk/by-uuid/6CB3-6DB8";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
fileSystems."/var/lib/rancher/k3s/storage" =
|
||||
{
|
||||
device = "zroot/kubernetes-localstorage";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[{ device = "/dev/disk/by-uuid/7ef4a3f8-f4a6-42f5-a57d-21f502ed3dba"; }];
|
||||
[ { device = "/dev/disk/by-uuid/ea401985-e25f-4d13-8d72-5a5660c4384f"; }
|
||||
];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = false;
|
||||
#networking.useDHCP = lib.mkDefault true;
|
||||
networking.interfaces.eth0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
|
||||
networking.hostId = "71f2d82a";
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
{
|
||||
config = {
|
||||
age.secrets.home_controller_k3s_token.file = "${self}/secrets/home_controller_k3s_server_token.age";
|
||||
#age.secrets.home_controller_k3s_token.file = "${self}/secrets/home_controller_k3s_server_token.age";
|
||||
age.secrets.home_controller_wireguard.file = "${self}/secrets/home_controller_cox_wireguard_key.age";
|
||||
|
||||
pub-solar.home-controller = {
|
||||
|
|
112
hosts/cox/paperless.nix
Normal file
112
hosts/cox/paperless.nix
Normal file
|
@ -0,0 +1,112 @@
|
|||
{ pkgs, config, ... }:
|
||||
|
||||
let
|
||||
containerStateDir = "/data";
|
||||
hostStateDir = "/opt/documents/paperless";
|
||||
httpPort = 80;
|
||||
paperlessPort = 8080;
|
||||
ftpListenPort = 20021;
|
||||
ftpPasvMinPort = 22021;
|
||||
ftpPasvMaxPort = 24021;
|
||||
domain = "cox.local";
|
||||
in
|
||||
{
|
||||
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [
|
||||
httpPort
|
||||
ftpListenPort
|
||||
];
|
||||
|
||||
allowedTCPPortRanges = [ { from = ftpPasvMinPort; to = ftpPasvMaxPort; } ];
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."${domain}" = {
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString paperlessPort}";
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
proxy_read_timeout 300s;
|
||||
proxy_set_header Host ''$host;
|
||||
proxy_set_header X-Forwarded-For ''$remote_addr;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
containers."paperless" = {
|
||||
autoStart = true;
|
||||
ephemeral = true;
|
||||
|
||||
tmpfs = [ "/tmp:size=2G" ];
|
||||
|
||||
bindMounts."${containerStateDir}" = {
|
||||
hostPath = hostStateDir;
|
||||
isReadOnly = false;
|
||||
};
|
||||
|
||||
config = { config, pkgs, ... }: {
|
||||
networking.firewall.enable = false;
|
||||
|
||||
users.users."paperless".extraGroups = [ "ftp" ];
|
||||
|
||||
services.paperless = {
|
||||
enable = true;
|
||||
dataDir = "/data";
|
||||
consumptionDir = "/data/ftp/consume";
|
||||
consumptionDirIsPublic = true;
|
||||
port = paperlessPort;
|
||||
extraConfig = {
|
||||
PAPERLESS_OCR_LANGUAGE = "deu+eng";
|
||||
PAPERLESS_ALLOWED_HOSTS = "${domain}";
|
||||
PAPERLESS_CSRF_TRUSTED_ORIGINS = "http://${domain}";
|
||||
PAPERLESS_CORS_ALLOWED_HOSTS = "http://${domain}";
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
services.vsftpd = {
|
||||
enable = true;
|
||||
anonymousUser = true;
|
||||
anonymousUserNoPassword = true;
|
||||
anonymousUserHome = "/data/ftp";
|
||||
anonymousUploadEnable = true;
|
||||
anonymousUmask = "007";
|
||||
writeEnable = true;
|
||||
extraConfig = ''
|
||||
listen=YES
|
||||
listen_ipv6=NO
|
||||
listen_port=${toString ftpListenPort}
|
||||
chown_uploads=YES
|
||||
chown_username=paperless
|
||||
download_enable=NO
|
||||
pasv_min_port=${toString ftpPasvMinPort}
|
||||
pasv_max_port=${toString ftpPasvMaxPort}
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.services.nextcloud-autosync = {
|
||||
unitConfig = {
|
||||
Description = "Auto sync Nextcloud";
|
||||
After = "network-online.target";
|
||||
};
|
||||
serviceConfig = {
|
||||
User = "paperless";
|
||||
Type = "simple";
|
||||
ExecStart= "${pkgs.nextcloud-client}/bin/nextcloudcmd -h -n --path Documents/_paperless /data/media/documents https://data.gssws.de";
|
||||
TimeoutStopSec = "180";
|
||||
KillMode = "process";
|
||||
KillSignal = "SIGINT";
|
||||
};
|
||||
wantedBy = ["multi-user.target"];
|
||||
};
|
||||
systemd.timers.nextcloud-autosync = {
|
||||
unitConfig.Description = "Automatic sync files with Nextcloud when booted up after 5 minutes then rerun every 60 minutes";
|
||||
timerConfig.OnUnitActiveSec = "60min";
|
||||
wantedBy = ["multi-user.target" "timers.target"];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -13,7 +13,7 @@
|
|||
./wireguard.nix
|
||||
|
||||
./invoiceplane.nix
|
||||
./tang.nix
|
||||
#./tang.nix
|
||||
#./whiteboard.nix
|
||||
];
|
||||
|
||||
|
|
|
@ -15,6 +15,8 @@
|
|||
boot.extraModulePackages = [ ];
|
||||
boot.extraModprobeConfig = "options kvm_intel nested=1";
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_6_1;
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/715ef65c-6cb3-4455-99ed-fe7408935d00";
|
||||
|
|
|
@ -1,98 +1,84 @@
|
|||
{ self, pkgs, config, lib, ... }:
|
||||
|
||||
let
|
||||
notify_push = pkgs.fetchzip {
|
||||
sha256 = "7q1I4V2xUkRUK8qfEwxPNW/srkrGPPXiS1Y1Ew22zls=";
|
||||
url = "https://github.com/nextcloud-releases/notify_push/releases/download/v0.5.2/notify_push-v0.5.2.tar.gz";
|
||||
};
|
||||
in
|
||||
{
|
||||
services.nextcloud.extraApps = {
|
||||
"bookmarks" = pkgs.fetchzip {
|
||||
sha256 = "sha256-sX/2cd0lw2/fHwFUG3WUJ6E0AUzPqELHWCcdOYIbFzA=";
|
||||
url = "https://github.com/nextcloud/bookmarks/releases/download/v11.0.3/bookmarks-11.0.3.tar.gz";
|
||||
systemd.services.nextcloud-notify-push = {
|
||||
enable = true;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
Environment = [
|
||||
"PORT=7867"
|
||||
"NEXTCLOUD_URL=https://data.gssws.de"
|
||||
];
|
||||
ExecStart = "${notify_push}/bin/x86_64/notify_push /mnt/internal/nextcloud/config/config.php";
|
||||
User = "nextcloud";
|
||||
};
|
||||
};
|
||||
|
||||
services.nextcloud.extraApps = with pkgs.nextcloud25Packages.apps; {
|
||||
inherit bookmarks calendar contacts deck keeweb news tasks;
|
||||
inherit notify_push;
|
||||
|
||||
"bruteforcesettings" = pkgs.fetchzip {
|
||||
sha256 = "8Sev4B7AOzLGPX6a4in0BEXJ5oL6m2EYGuBExSCnfok=";
|
||||
url = "https://github.com/nextcloud-releases/bruteforcesettings/releases/download/v2.4.0/bruteforcesettings-v2.4.0.tar.gz";
|
||||
};
|
||||
"calendar" = pkgs.fetchzip {
|
||||
sha256 = "JBFujtDVRWn6ELl7fZU80go86/WLln5oRJTupTz9//s=";
|
||||
url = "https://github.com/nextcloud-releases/calendar/releases/download/v3.5.0/calendar-v3.5.0.tar.gz";
|
||||
};
|
||||
"contacts" = pkgs.fetchzip {
|
||||
sha256 = "eTc51pkg3OdHJB7X4/hD39Ce+9vKzw1nlJ7BhPOzdy0=";
|
||||
url = "https://github.com/nextcloud-releases/contacts/releases/download/v4.2.2/contacts-v4.2.2.tar.gz";
|
||||
};
|
||||
"cookbook" = pkgs.fetchzip {
|
||||
sha256 = "QBmzGtjH8vciUxiku1HGnWw0P0oCySilEWciLoslDAU=";
|
||||
url = "https://github.com/nextcloud/cookbook/releases/download/v0.9.15/Cookbook-0.9.15.tar.gz";
|
||||
sha256 = "j7nAprAIY4NMPD6kXfmXVW+PgpRiyx5SRPSe6IEB/vY=";
|
||||
url = "https://github.com/nextcloud/cookbook/releases/download/v0.10.1/Cookbook-0.10.1.tar.gz";
|
||||
};
|
||||
"cospend" = pkgs.fetchzip {
|
||||
sha256 = "Vtg7CVf8KxGbFk9ghTvy86xOh9PD7o/c2//2mqqHARA=";
|
||||
url = "https://github.com/eneiluj/cospend-nc/releases/download/v1.4.10/cospend-1.4.10.tar.gz";
|
||||
};
|
||||
"deck" = pkgs.fetchzip {
|
||||
sha256 = "hK+uI4Qolx37FYeY7m8BXheEIWp3I4cFooMUnpuVfOk=";
|
||||
url = "https://github.com/nextcloud-releases/deck/releases/download/v1.7.1/deck-v1.7.1.tar.gz";
|
||||
sha256 = "vGjK9Sy+q4ycS5MWeTTrwDGPTOp6t4leH+rF/Y54d0c=";
|
||||
url = "https://github.com/eneiluj/cospend-nc/releases/download/v1.5.5/cospend-1.5.5.tar.gz";
|
||||
};
|
||||
"files_accesscontrol" = pkgs.fetchzip {
|
||||
sha256 = "D9hVQrOMPsyTBbr7B92aePzUOYpnNu5XnpqK4W86514=";
|
||||
url = "https://github.com/nextcloud-releases/files_accesscontrol/releases/download/v1.14.1/files_accesscontrol-v1.14.1.tar.gz";
|
||||
sha256 = "34goKXWLUym5p7alby3WEyFzr346psHUeJ/+OZtfGmc=";
|
||||
url = "https://github.com/nextcloud-releases/files_accesscontrol/releases/download/v1.15.1/files_accesscontrol-v1.15.1.tar.gz";
|
||||
};
|
||||
"files_automatedtagging" = pkgs.fetchzip {
|
||||
sha256 = "MdS63VELoM7kGzjzbEKfcH1KqX98KyGvDEvLgwvVld0=";
|
||||
url = "https://github.com/nextcloud-releases/files_automatedtagging/releases/download/v1.14.0/files_automatedtagging-v1.14.0.tar.gz";
|
||||
sha256 = "PmcqHojtfww3wNIFoLM+hVXAjoo4zqzK6sUMeveHYa0=";
|
||||
url = "https://github.com/nextcloud-releases/files_automatedtagging/releases/download/v1.15.0/files_automatedtagging-v1.15.0.tar.gz";
|
||||
};
|
||||
"files_fulltextsearch" = pkgs.fetchzip {
|
||||
sha256 = "+1asXhTn62fpUlIi+B9ALKdrXxaYYymfhxPTB+C5obM=";
|
||||
url = "https://github.com/nextcloud-releases/files_fulltextsearch/releases/download/v24.0.1/files_fulltextsearch-v24.0.1.tar.gz";
|
||||
};
|
||||
"files_markdown" = pkgs.fetchzip {
|
||||
sha256 = "vv/PVDlQOm7Rjhzv8KXxkGpEnyidrV2nsl+Z2fdAFLY=";
|
||||
url = "https://github.com/icewind1991/files_markdown/releases/download/v2.3.6/files_markdown.tar.gz";
|
||||
sha256 = "DEl/CbCvwiWvkNQOuKtHWzifq3AMrhL5wLHmSMuL4TU=";
|
||||
url = "https://github.com/nextcloud-releases/files_fulltextsearch/releases/download/25.0.0/files_fulltextsearch-25.0.0.tar.gz";
|
||||
};
|
||||
"files_mindmap" = pkgs.fetchzip {
|
||||
sha256 = "gJK+XCWDc1jpHZBR0NL6UdHab9V/X/tRNmSw5tl751Q=";
|
||||
url = "https://github.com/ACTom/files_mindmap/releases/download/v0.0.26/files_mindmap-0.0.26.tar.gz";
|
||||
sha256 = "/u1H2QvyKfdGjelFAkLc3rRGQlm3T+OajAbpUF0+cdY=";
|
||||
url = "https://github.com/ACTom/files_mindmap/releases/download/v0.0.27/files_mindmap-0.0.27.tar.gz";
|
||||
};
|
||||
"fulltextsearch" = pkgs.fetchzip {
|
||||
sha256 = "6uZhK4rItVqIJfEpOWxgmVXYsWMeHKxHQ8GY/g5Wj/s=";
|
||||
url = "https://github.com/nextcloud-releases/fulltextsearch/releases/download/v24.0.0/fulltextsearch-v24.0.0.tar.gz";
|
||||
sha256 = "1LVo5Cv6Gf4M/laVlHfm5wAQ8I8EsdLIThVm/jUj6uA=";
|
||||
url = "https://github.com/nextcloud-releases/fulltextsearch/releases/download/25.0.0/fulltextsearch-25.0.0.tar.gz";
|
||||
};
|
||||
"groupfolders" = pkgs.fetchzip {
|
||||
sha256 = "99DqybcYR2tTSNFyZ6QtIQmd3XyHyFy2PL1fGsq48kQ=";
|
||||
url = "https://github.com/nextcloud/groupfolders/releases/download/v12.0.2/groupfolders.tar.gz";
|
||||
};
|
||||
"impersonate" = pkgs.fetchzip {
|
||||
sha256 = "XevbFa2Xyu0qAwtpvSd9CulsejrBj4AeIkV7GuWoOMw=";
|
||||
url = "https://github.com/nextcloud-releases/impersonate/releases/download/v1.11.0/impersonate-v1.11.0.tar.gz";
|
||||
};
|
||||
"keeweb" = pkgs.fetchzip {
|
||||
sha256 = "Fdx3+APQaJQ/uQH/gnkiPmsOqzX5GNJWjPfTyUobtfA=";
|
||||
url = "https://github.com/jhass/nextcloud-keeweb/releases/download/v0.6.9/keeweb-0.6.9.tar.gz";
|
||||
sha256 = "CGGt5QEzdJqOJywZQTQYeKIy/2JhHYGACHrfAmH9LD0=";
|
||||
url = "https://github.com/nextcloud-releases/groupfolders/releases/download/v13.1.0/groupfolders-v13.1.0.tar.gz";
|
||||
};
|
||||
"maps" = pkgs.fetchzip {
|
||||
sha256 = "2w7Mm+L9cHYq9BLpBpWhMv+V4h3OKCh68Cl6iHt65js=";
|
||||
url = "https://github.com/nextcloud/maps/releases/download/v0.2.1/maps-0.2.1.tar.gz";
|
||||
};
|
||||
"news" = pkgs.fetchzip {
|
||||
sha256 = "jbuqQJWLdE0olIaXLzjUEsPON4ZzMe9RKpH50HZZQsc=";
|
||||
url = "https://github.com/nextcloud/news/releases/download/18.2.0/news.tar.gz";
|
||||
};
|
||||
"notes" = pkgs.fetchzip {
|
||||
sha256 = "WdteA8pDSZ7ba+kngmveHC2KgzyLSB+PomFEZ7/uCC0=";
|
||||
url = "https://github.com/nextcloud/notes/releases/download/v4.5.1/notes.tar.gz";
|
||||
sha256 = "8HNew2sIlMd+wt2a6jXa1tZpub56AnB5gfBs/cYlkcI=";
|
||||
url = "https://github.com/nextcloud/maps/releases/download/v0.2.4/maps-0.2.4.tar.gz";
|
||||
};
|
||||
#"notify_push" = pkgs.fetchzip {
|
||||
# sha256 = "7q1I4V2xUkRUK8qfEwxPNW/srkrGPPXiS1Y1Ew22zls=";
|
||||
# url = "https://github.com/nextcloud-releases/notify_push/releases/download/v0.5.2/notify_push-v0.5.2.tar.gz";
|
||||
#};
|
||||
"quota_warning" = pkgs.fetchzip {
|
||||
sha256 = "ugiz1/dhpRoL401h/u3fQykP5zBqVby3nhHfQwyIIIQ=";
|
||||
url = "https://github.com/nextcloud-releases/quota_warning/releases/download/v1.14.0/quota_warning-v1.14.0.tar.gz";
|
||||
sha256 = "If4tW4yJbJ1xgfOyN0wxcgHLxXUrtKPdphRhbQOM6b4=";
|
||||
url = "https://github.com/nextcloud-releases/quota_warning/releases/download/v1.15.0/quota_warning-v1.15.0.tar.gz";
|
||||
};
|
||||
"richdocuments" = pkgs.fetchzip {
|
||||
sha256 = "4B0johygJOiC/nbXiW5KU+7hweCin//rUGfFprYzRQU=";
|
||||
url = "https://github.com/nextcloud-releases/richdocuments/releases/download/v6.2.0/richdocuments-v6.2.0.tar.gz";
|
||||
};
|
||||
"tasks" = pkgs.fetchzip {
|
||||
sha256 = "HMNd8U2KsSzT5xCKh/mA5GwIfYIcA6KTFVF3ca8xc2A=";
|
||||
url = "https://github.com/nextcloud/tasks/releases/download/v0.14.4/tasks.tar.gz";
|
||||
};
|
||||
"twofactor_totp" = pkgs.fetchzip {
|
||||
sha256 = "F7h2VytPLwkVZxJZd1o9pWuhndh02z3i0pOUw5kzBIU=";
|
||||
url = "https://github.com/nextcloud-releases/twofactor_totp/releases/download/v6.4.0/twofactor_totp-v6.4.0.tar.gz";
|
||||
sha256 = "I6Y3lyZADiUCpmnkRS7Muc54uOOvKpWdlQ189EKzesA=";
|
||||
url = "https://github.com/nextcloud-releases/richdocuments/releases/download/v7.0.2/richdocuments-v7.0.2.tar.gz";
|
||||
};
|
||||
#"twofactor_totp" = pkgs.fetchzip {
|
||||
# sha256 = "p3Ft3sQ/2HPXCFE03dm8pBL39b7bWCi2iAxHkbOK2V4=";
|
||||
# url = "https://github.com/nextcloud-releases/twofactor_totp/releases/download/v6.4.1/twofactor_totp-v6.4.1.tar.gz";
|
||||
#};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{ self, pkgs, config, lib, ... }:
|
||||
|
||||
let
|
||||
notifyPushPort = 7867;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./nextcloud-apps.nix
|
||||
|
@ -28,6 +31,11 @@
|
|||
virtualHosts."data.gssws.de" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
||||
locations."^~ /push/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString notifyPushPort}";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -103,7 +111,7 @@
|
|||
};
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
package = pkgs.nextcloud24;
|
||||
package = pkgs.nextcloud25;
|
||||
hostName = "data.gssws.de";
|
||||
https = true;
|
||||
datadir = "/mnt/internal/nextcloud";
|
||||
|
|
64
hosts/cube/tang-container.nix
Normal file
64
hosts/cube/tang-container.nix
Normal file
|
@ -0,0 +1,64 @@
|
|||
{ pkgs, config, ... }:
|
||||
|
||||
let
|
||||
containerStateDir = "/data";
|
||||
hostStateDir = "/opt/tangd";
|
||||
domain = "";
|
||||
serviceAddress = "10.10.42.12";
|
||||
in
|
||||
{
|
||||
services.nginx.virtualHosts."${domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://${serviceAddress}:${toString servicePort}";
|
||||
};
|
||||
};
|
||||
|
||||
containers."tang" = {
|
||||
autoStart = true;
|
||||
ephemeral = true;
|
||||
bindMounts."${containerStateDir}" = {
|
||||
hostPath = hostStateDir;
|
||||
isReadOnly = false;
|
||||
};
|
||||
|
||||
config = { config, pkgs, ... }: {
|
||||
networking.firewall.enable = false;
|
||||
|
||||
users.groups."_tang" = {} ;
|
||||
|
||||
users.users."_tang" = {
|
||||
group = "_tang";
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = [ "${pkgs.jose}" ];
|
||||
|
||||
systemd.services."tangd@" = {
|
||||
enable = true;
|
||||
serviceConfig = {
|
||||
ExecStartPre = "${pkgs.bash}/bin/bash -c \"mkdir -p ${containerStateDir}/tang-db\"";
|
||||
ExecStart = "${pkgs.tang}/libexec/tangd ${containerStateDir}/tang-db";
|
||||
StandardInput = "socket";
|
||||
StandardOutput = "socket";
|
||||
StandardError = "journal";
|
||||
User = "_tang";
|
||||
Group = "_tang";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.sockets."tangd" = {
|
||||
enable = true;
|
||||
listenStreams = [ "${toString servicePort}" ];
|
||||
wantedBy = [ "sockets.target" ];
|
||||
socketConfig = {
|
||||
Accept = true;
|
||||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "22.11";
|
||||
};
|
||||
|
||||
};
|
||||
}
|
23
hosts/cube/tang.nix
Normal file
23
hosts/cube/tang.nix
Normal file
|
@ -0,0 +1,23 @@
|
|||
{ self, config, pkgs, ... }:
|
||||
|
||||
let
|
||||
domain = "t.gssws.de";
|
||||
servicePort = 63080;
|
||||
in
|
||||
{
|
||||
services.nginx.virtualHosts."${domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:${builtins.toString(servicePort)}";
|
||||
};
|
||||
};
|
||||
|
||||
virtualisation.oci-containers.containers."tang" = {
|
||||
image = "cloggo/tangd";
|
||||
ports = [ "127.0.0.1:${builtins.toString(servicePort)}:8080" ];
|
||||
environment = {
|
||||
IP_WHITELIST = "172.17.0.1";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -12,20 +12,9 @@
|
|||
|
||||
pub-solar.core.disk-encryption-active = false;
|
||||
|
||||
boot.loader.timeout = lib.mkForce 0;
|
||||
|
||||
boot.loader.generic-extlinux-compatible.enable = lib.mkForce false;
|
||||
|
||||
boot.loader.grub = {
|
||||
enable = lib.mkForce true;
|
||||
efiSupport = true;
|
||||
efiInstallAsRemovable = true;
|
||||
device = "nodev";
|
||||
|
||||
extraInstallCommands = ''
|
||||
cp -r ${inputs.nixpkgs-hensoko.packages.aarch64-linux.raspberrypi4_firmware_uefi}/share/raspberrypi4-firmware-uefi/* /boot/
|
||||
'';
|
||||
};
|
||||
boot.loader.grub.enable = lib.mkForce false;
|
||||
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||
boot.loader.generic-extlinux-compatible.enable = lib.mkForce true;
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
@ -35,13 +24,15 @@
|
|||
# replicates the default behaviour.
|
||||
networking.useDHCP = false;
|
||||
networking.interfaces.eth0.useDHCP = true;
|
||||
networking.interfaces.wlan0.useDHCP = false;
|
||||
networking.networkmanager.enable = lib.mkForce false;
|
||||
|
||||
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||
boot.initrd.network = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall.allowedTCPPorts = [ 2380 6443 ];
|
||||
#networking.firewall.allowedTCPPorts = [ ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
# Or disable the firewall altogether.
|
||||
# networking.firewall.enable = false;
|
||||
|
|
|
@ -16,20 +16,26 @@
|
|||
#boot.initrd.supportedFilesystems = [ "zfs" ];
|
||||
#boot.supportedFilesystems = [ "zfs" ];
|
||||
|
||||
#boot.kernelPackages = lib.mkForce pkgs.linuxPackages_5_18;
|
||||
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_5_19;
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-label/NIXOS_SD";
|
||||
{
|
||||
device = "/dev/disk/by-uuid/9f3208ae-ee05-44b8-a0bc-dc1e7499bdb8";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/997A-7FBA";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = false;
|
||||
networking.interfaces.eth0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
}
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
./home-controller.nix
|
||||
./tang-container.nix
|
||||
];
|
||||
|
||||
boot.loader.timeout = 0;
|
||||
|
|
|
@ -5,57 +5,53 @@
|
|||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "uas" ];
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "uas" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.initrd.supportedFilesystems = [ "zfs" ];
|
||||
boot.supportedFilesystems = [ "zfs" ];
|
||||
|
||||
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_5_18;
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot.supportedFilesystems = [ ];
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
cryptroot = {
|
||||
device = "/dev/disk/by-uuid/ef5804e2-2b07-4434-8144-6ae7d9f615e2";
|
||||
keyFile = "/dev/disk/by-id/usb-SanDisk_Cruzer_Blade_04020116120721075123-0:0-part1";
|
||||
bypassWorkqueues = true;
|
||||
fallbackToPassword = true;
|
||||
};
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
efiInstallAsRemovable = true;
|
||||
device = "nodev";
|
||||
};
|
||||
|
||||
boot.loader.efi.canTouchEfiVariables = false;
|
||||
|
||||
boot.loader.systemd-boot.enable = false;
|
||||
boot.loader.generic-extlinux-compatible.enable = false;
|
||||
boot.loader.timeout = 0;
|
||||
|
||||
boot.initrd.luks.devices."cryptroot" = {
|
||||
device = "/dev/disk/by-uuid/5edec8af-5f84-4d9f-9755-8abbb55e00af";
|
||||
keyFile = "/dev/disk/by-id/usb-SanDisk_Cruzer_Blade_04020116120721075123-0:0-part1";
|
||||
fallbackToPassword = true;
|
||||
bypassWorkqueues = true;
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "zroot/root";
|
||||
fsType = "zfs";
|
||||
{ device = "/dev/disk/by-label/root";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/2F05-9B4A";
|
||||
{ device = "/dev/disk/by-label/boot";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
fileSystems."/var/lib/rancher/k3s/storage" =
|
||||
{
|
||||
device = "zroot/kubernetes-localstorage";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[{ device = "/dev/disk/by-uuid/ddad2310-57b5-4851-a7bd-280d7182bcec"; }];
|
||||
[ { device = "/dev/disk/by-label/swap"; }
|
||||
];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = false;
|
||||
networking.interfaces.eth0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
|
||||
networking.hostId = "71f2d82a";
|
||||
networking.interfaces.enabcm6e4ei0.useDHCP = true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
}
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
{
|
||||
config = {
|
||||
age.secrets.home_controller_k3s_token.file = "${self}/secrets/home_controller_k3s_server_token.age";
|
||||
age.secrets.home_controller_wireguard.file = "${self}/secrets/home_controller_giggles_wireguard_key.age";
|
||||
|
||||
pub-solar.home-controller = {
|
||||
|
|
47
hosts/giggles/lrad.nix
Normal file
47
hosts/giggles/lrad.nix
Normal file
|
@ -0,0 +1,47 @@
|
|||
{ pkgs, config, ... }:
|
||||
|
||||
let
|
||||
serviceAddress = "10.10.41.11";
|
||||
containerStateDir = "/data";
|
||||
hostStateDir = "/srv/container/lrad";
|
||||
in
|
||||
{
|
||||
containers."lrad" = {
|
||||
privateNetwork = true;
|
||||
hostAddress = "10.10.41.1";
|
||||
localAddress = serviceAddress;
|
||||
|
||||
bindMounts."${containerStateDir}" = {
|
||||
hostPath = hostStateDir;
|
||||
isReadOnly = false;
|
||||
};
|
||||
|
||||
config = { config, pkgs, ... }: {
|
||||
networking.firewall.allowedTCPPorts = [ 63080 ];
|
||||
|
||||
#users.users."tang".isSystemUser = true;
|
||||
|
||||
systemd.services."tangd" = {
|
||||
enable = true;
|
||||
# TODO: require data/tangd to exist
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.tang}/bin/tangd ${containerStateDir}/data/tangd";
|
||||
StandardInput = "socket";
|
||||
StandardOutput = "socket";
|
||||
StandardError = "journal";
|
||||
User = "tang";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.sockets."tangd" = {
|
||||
enable = true;
|
||||
listenStreams = [ "63080" ];
|
||||
wantedBy = [ "sockets.target" ];
|
||||
socketConfig = {
|
||||
Accept = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
}
|
54
hosts/giggles/tang-container.nix
Normal file
54
hosts/giggles/tang-container.nix
Normal file
|
@ -0,0 +1,54 @@
|
|||
{ pkgs, config, ... }:
|
||||
|
||||
let
|
||||
containerStateDir = "/data";
|
||||
hostStateDir = "/opt/tangd";
|
||||
servicePort = 8081;
|
||||
in
|
||||
{
|
||||
networking.firewall.allowedTCPPorts = [ servicePort ];
|
||||
|
||||
containers."tang" = {
|
||||
autoStart = true;
|
||||
ephemeral = true;
|
||||
bindMounts."${containerStateDir}" = {
|
||||
hostPath = hostStateDir;
|
||||
isReadOnly = false;
|
||||
};
|
||||
|
||||
config = { config, pkgs, ... }: {
|
||||
networking.firewall.enable = false;
|
||||
|
||||
users.groups."_tang" = {} ;
|
||||
|
||||
users.users."_tang" = {
|
||||
group = "_tang";
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [ jose tang ];
|
||||
|
||||
systemd.services."tangd@" = {
|
||||
enable = true;
|
||||
serviceConfig = {
|
||||
ExecStartPre = "${pkgs.bash}/bin/bash -c \"mkdir -p ${containerStateDir}/tang-db\"";
|
||||
ExecStart = "${pkgs.tang}/libexec/tangd ${containerStateDir}/tang-db";
|
||||
User = "_tang";
|
||||
Group = "_tang";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.sockets."tangd" = {
|
||||
enable = true;
|
||||
listenStreams = [ "${toString servicePort}" ];
|
||||
wantedBy = [ "sockets.target" ];
|
||||
socketConfig = {
|
||||
Accept = true;
|
||||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "22.11";
|
||||
};
|
||||
|
||||
};
|
||||
}
|
|
@ -6,7 +6,7 @@ let
|
|||
in
|
||||
{
|
||||
imports = [
|
||||
./k3s.nix
|
||||
#./k3s.nix
|
||||
./wireguard.nix
|
||||
];
|
||||
|
||||
|
|
|
@ -38,6 +38,8 @@ in {
|
|||
home-manager = with pkgs;
|
||||
pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
||||
home.packages = [
|
||||
watson
|
||||
] ++ lib.optionals (!cfg.lite) [
|
||||
ack
|
||||
asciinema
|
||||
bat
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
|
||||
preview-file = pkgs.writeShellScriptBin "preview-file" (import ./preview-file.nix pkgs);
|
||||
in {
|
||||
enable = true;
|
||||
enable = lib.mkIf (!cfg.lite) true;
|
||||
|
||||
viAlias = true;
|
||||
vimAlias = true;
|
||||
|
|
13
overlays/tang.nix
Normal file
13
overlays/tang.nix
Normal file
|
@ -0,0 +1,13 @@
|
|||
final: prev: {
|
||||
tang = prev.tang.overrideAttrs (oldAttrs: rec {
|
||||
pname = "tang";
|
||||
version = "11";
|
||||
|
||||
src = prev.fetchFromGitHub {
|
||||
owner = "latchset";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "";
|
||||
};
|
||||
});
|
||||
}
|
230
pkgs/_sources/generated.json
Normal file
230
pkgs/_sources/generated.json
Normal file
|
@ -0,0 +1,230 @@
|
|||
{
|
||||
"F-Sy-H": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "F-Sy-H",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "z-shell",
|
||||
"repo": "F-Sy-H",
|
||||
"rev": "81315330ff4eb4bc13b03fe6ec5bbb6fee0f27ac",
|
||||
"sha256": "sha256-2b/O/1SIhKgqHYjwy7yPCEb3EMXgkIvOk+FC4PbuQ8c=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "81315330ff4eb4bc13b03fe6ec5bbb6fee0f27ac"
|
||||
},
|
||||
"instant-nvim-nvfetcher": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "instant-nvim-nvfetcher",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "jbyuki",
|
||||
"repo": "instant.nvim",
|
||||
"rev": "294b6d08143b3db8f9db7f606829270149e1a786",
|
||||
"sha256": "sha256-DXJWji/NR8ZCxe014rD51v3EHJHMhRQeOoI3SsY8mR4=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "294b6d08143b3db8f9db7f606829270149e1a786"
|
||||
},
|
||||
"manix": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "manix",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "mlvzk",
|
||||
"repo": "manix",
|
||||
"rev": "d08e7ca185445b929f097f8bfb1243a8ef3e10e4",
|
||||
"sha256": "sha256-GqPuYscLhkR5E2HnSFV4R48hCWvtM3C++3zlJhiK/aw=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "d08e7ca185445b929f097f8bfb1243a8ef3e10e4"
|
||||
},
|
||||
"ohmyzsh": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "ohmyzsh",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "ohmyzsh",
|
||||
"repo": "ohmyzsh",
|
||||
"rev": "4181e8a2cc936bc7b7a89d674bf261023159ed35",
|
||||
"sha256": "sha256-kne/2ErEqUqBx1xzQrvk6scrhOZYJDlUnNOlx0MbqNQ=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "4181e8a2cc936bc7b7a89d674bf261023159ed35"
|
||||
},
|
||||
"powerlevel10k": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "powerlevel10k",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "romkatv",
|
||||
"repo": "powerlevel10k",
|
||||
"rev": "35165798a83e2e4f2f0aa6c820e2f7fba23e0179",
|
||||
"sha256": "sha256-tThgRiE0iZH84yTSGtNxfFemLocbg71McAKyT7YWG8U=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "35165798a83e2e4f2f0aa6c820e2f7fba23e0179"
|
||||
},
|
||||
"rnix-lsp-nvfetcher": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "rnix-lsp-nvfetcher",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "nix-community",
|
||||
"repo": "rnix-lsp",
|
||||
"rev": "95d40673fe43642e2e1144341e86d0036abd95d9",
|
||||
"sha256": "sha256-F0s0m62S5bHNVWNHLZD6SeHiLrsDx98VQbRjDyIu+qQ=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "95d40673fe43642e2e1144341e86d0036abd95d9"
|
||||
},
|
||||
"vim-apprentice-nvfetcher": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "vim-apprentice-nvfetcher",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "romainl",
|
||||
"repo": "Apprentice",
|
||||
"rev": "9942d0bb0a5d82f7a24450b00051c1f2cc008659",
|
||||
"sha256": "sha256-Xs+vTdnihNbBFPOKsW+NB40pqN9eaadqzc0DIeNoOFo=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "9942d0bb0a5d82f7a24450b00051c1f2cc008659"
|
||||
},
|
||||
"vim-beautify-nvfetcher": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "vim-beautify-nvfetcher",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "zeekay",
|
||||
"repo": "vim-beautify",
|
||||
"rev": "e0691483927dc5a0c051433602397419f9628623",
|
||||
"sha256": "sha256-QPTCl6KaGcAjTS5yVDov9yxmv0fDaFoPLMsrtVIG6GQ=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "e0691483927dc5a0c051433602397419f9628623"
|
||||
},
|
||||
"vim-caddyfile-nvfetcher": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "vim-caddyfile-nvfetcher",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "isobit",
|
||||
"repo": "vim-caddyfile",
|
||||
"rev": "24fe0720551883e407cb70ae1d7c03f162d1d5a0",
|
||||
"sha256": "sha256-rRYv3vnt31g7hNTxttTD6BWdv5JJ+ko3rPNyDUEOZ9o=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "24fe0720551883e407cb70ae1d7c03f162d1d5a0"
|
||||
},
|
||||
"vim-workspace-nvfetcher": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "vim-workspace-nvfetcher",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "thaerkh",
|
||||
"repo": "vim-workspace",
|
||||
"rev": "c26b473f9b073f24bacecd38477f44c5cd1f5a62",
|
||||
"sha256": "sha256-XV7opLyfkHIDO0+JJaO/x0za0gsHuklrzapTGdLHJmI=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "c26b473f9b073f24bacecd38477f44c5cd1f5a62"
|
||||
},
|
||||
"vimagit-nvfetcher": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "vimagit-nvfetcher",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "jreybert",
|
||||
"repo": "vimagit",
|
||||
"rev": "308650ddc1e9a94e49fae0ea04bbc1c45f23d4c4",
|
||||
"sha256": "sha256-fhazQQqyFaO0fdoeNI9nBshwTDhKNHH262H/QThtuO0=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "308650ddc1e9a94e49fae0ea04bbc1c45f23d4c4"
|
||||
},
|
||||
"zsh-nix-shell": {
|
||||
"cargoLocks": null,
|
||||
"extract": null,
|
||||
"name": "zsh-nix-shell",
|
||||
"passthru": null,
|
||||
"pinned": false,
|
||||
"src": {
|
||||
"deepClone": false,
|
||||
"fetchSubmodules": false,
|
||||
"leaveDotGit": false,
|
||||
"name": null,
|
||||
"owner": "chisui",
|
||||
"repo": "zsh-nix-shell",
|
||||
"rev": "af6f8a266ea1875b9a3e86e14796cadbe1cfbf08",
|
||||
"sha256": "sha256-BjgMhILEL/qdgfno4LR64LSB8n9pC9R+gG7IQWwgyfQ=",
|
||||
"type": "github"
|
||||
},
|
||||
"version": "af6f8a266ea1875b9a3e86e14796cadbe1cfbf08"
|
||||
}
|
||||
}
|
|
@ -1,5 +1,5 @@
|
|||
# This file was generated by nvfetcher, please do not modify it manually.
|
||||
{ fetchgit, fetchurl, fetchFromGitHub, dockerTools }:
|
||||
{ fetchgit, fetchurl, fetchFromGitHub }:
|
||||
{
|
||||
blesh-nvfetcher = {
|
||||
pname = "blesh-nvfetcher";
|
||||
|
@ -18,97 +18,111 @@
|
|||
instant-nvim-nvfetcher = {
|
||||
pname = "instant-nvim-nvfetcher";
|
||||
version = "294b6d08143b3db8f9db7f606829270149e1a786";
|
||||
src = fetchFromGitHub {
|
||||
src = fetchFromGitHub ({
|
||||
owner = "jbyuki";
|
||||
repo = "instant.nvim";
|
||||
rev = "294b6d08143b3db8f9db7f606829270149e1a786";
|
||||
fetchSubmodules = false;
|
||||
sha256 = "sha256-DXJWji/NR8ZCxe014rD51v3EHJHMhRQeOoI3SsY8mR4=";
|
||||
};
|
||||
date = "2022-06-25";
|
||||
});
|
||||
};
|
||||
manix = {
|
||||
pname = "manix";
|
||||
version = "d08e7ca185445b929f097f8bfb1243a8ef3e10e4";
|
||||
src = fetchFromGitHub {
|
||||
src = fetchFromGitHub ({
|
||||
owner = "mlvzk";
|
||||
repo = "manix";
|
||||
rev = "d08e7ca185445b929f097f8bfb1243a8ef3e10e4";
|
||||
fetchSubmodules = false;
|
||||
sha256 = "sha256-GqPuYscLhkR5E2HnSFV4R48hCWvtM3C++3zlJhiK/aw=";
|
||||
};
|
||||
date = "2021-04-20";
|
||||
});
|
||||
};
|
||||
ohmyzsh = {
|
||||
pname = "ohmyzsh";
|
||||
version = "4181e8a2cc936bc7b7a89d674bf261023159ed35";
|
||||
src = fetchFromGitHub ({
|
||||
owner = "ohmyzsh";
|
||||
repo = "ohmyzsh";
|
||||
rev = "4181e8a2cc936bc7b7a89d674bf261023159ed35";
|
||||
fetchSubmodules = false;
|
||||
sha256 = "sha256-kne/2ErEqUqBx1xzQrvk6scrhOZYJDlUnNOlx0MbqNQ=";
|
||||
});
|
||||
};
|
||||
powerlevel10k = {
|
||||
pname = "powerlevel10k";
|
||||
version = "35165798a83e2e4f2f0aa6c820e2f7fba23e0179";
|
||||
src = fetchFromGitHub ({
|
||||
owner = "romkatv";
|
||||
repo = "powerlevel10k";
|
||||
rev = "35165798a83e2e4f2f0aa6c820e2f7fba23e0179";
|
||||
fetchSubmodules = false;
|
||||
sha256 = "sha256-tThgRiE0iZH84yTSGtNxfFemLocbg71McAKyT7YWG8U=";
|
||||
});
|
||||
};
|
||||
rnix-lsp-nvfetcher = {
|
||||
pname = "rnix-lsp-nvfetcher";
|
||||
version = "95d40673fe43642e2e1144341e86d0036abd95d9";
|
||||
src = fetchFromGitHub {
|
||||
src = fetchFromGitHub ({
|
||||
owner = "nix-community";
|
||||
repo = "rnix-lsp";
|
||||
rev = "95d40673fe43642e2e1144341e86d0036abd95d9";
|
||||
fetchSubmodules = false;
|
||||
sha256 = "sha256-F0s0m62S5bHNVWNHLZD6SeHiLrsDx98VQbRjDyIu+qQ=";
|
||||
};
|
||||
date = "2022-11-27";
|
||||
});
|
||||
};
|
||||
vim-apprentice-nvfetcher = {
|
||||
pname = "vim-apprentice-nvfetcher";
|
||||
version = "59ad13661fa15edaf72c62218903c7817b5a3691";
|
||||
src = fetchFromGitHub {
|
||||
version = "9942d0bb0a5d82f7a24450b00051c1f2cc008659";
|
||||
src = fetchFromGitHub ({
|
||||
owner = "romainl";
|
||||
repo = "Apprentice";
|
||||
rev = "59ad13661fa15edaf72c62218903c7817b5a3691";
|
||||
rev = "9942d0bb0a5d82f7a24450b00051c1f2cc008659";
|
||||
fetchSubmodules = false;
|
||||
sha256 = "sha256-03B9tmU9+6t2hxhOgZxBqJr9r41CAqhHLUkHYvFdcks=";
|
||||
};
|
||||
date = "2023-02-15";
|
||||
sha256 = "sha256-Xs+vTdnihNbBFPOKsW+NB40pqN9eaadqzc0DIeNoOFo=";
|
||||
});
|
||||
};
|
||||
vim-beautify-nvfetcher = {
|
||||
pname = "vim-beautify-nvfetcher";
|
||||
version = "e0691483927dc5a0c051433602397419f9628623";
|
||||
src = fetchFromGitHub {
|
||||
src = fetchFromGitHub ({
|
||||
owner = "zeekay";
|
||||
repo = "vim-beautify";
|
||||
rev = "e0691483927dc5a0c051433602397419f9628623";
|
||||
fetchSubmodules = false;
|
||||
sha256 = "sha256-QPTCl6KaGcAjTS5yVDov9yxmv0fDaFoPLMsrtVIG6GQ=";
|
||||
};
|
||||
date = "2018-12-27";
|
||||
});
|
||||
};
|
||||
vim-caddyfile-nvfetcher = {
|
||||
pname = "vim-caddyfile-nvfetcher";
|
||||
version = "24fe0720551883e407cb70ae1d7c03f162d1d5a0";
|
||||
src = fetchFromGitHub {
|
||||
src = fetchFromGitHub ({
|
||||
owner = "isobit";
|
||||
repo = "vim-caddyfile";
|
||||
rev = "24fe0720551883e407cb70ae1d7c03f162d1d5a0";
|
||||
fetchSubmodules = false;
|
||||
sha256 = "sha256-rRYv3vnt31g7hNTxttTD6BWdv5JJ+ko3rPNyDUEOZ9o=";
|
||||
};
|
||||
date = "2022-05-09";
|
||||
});
|
||||
};
|
||||
vim-workspace-nvfetcher = {
|
||||
pname = "vim-workspace-nvfetcher";
|
||||
version = "c0d1e4332a378f58bfdf363b4957168fa78e79b4";
|
||||
src = fetchFromGitHub {
|
||||
version = "c26b473f9b073f24bacecd38477f44c5cd1f5a62";
|
||||
src = fetchFromGitHub ({
|
||||
owner = "thaerkh";
|
||||
repo = "vim-workspace";
|
||||
rev = "c0d1e4332a378f58bfdf363b4957168fa78e79b4";
|
||||
rev = "c26b473f9b073f24bacecd38477f44c5cd1f5a62";
|
||||
fetchSubmodules = false;
|
||||
sha256 = "sha256-2Brx098dk5THiieBiW71FG9mUUwS1CSY9mpOPWA/Tq4=";
|
||||
};
|
||||
date = "2023-05-28";
|
||||
sha256 = "sha256-XV7opLyfkHIDO0+JJaO/x0za0gsHuklrzapTGdLHJmI=";
|
||||
});
|
||||
};
|
||||
vimagit-nvfetcher = {
|
||||
pname = "vimagit-nvfetcher";
|
||||
version = "308650ddc1e9a94e49fae0ea04bbc1c45f23d4c4";
|
||||
src = fetchFromGitHub {
|
||||
src = fetchFromGitHub ({
|
||||
owner = "jreybert";
|
||||
repo = "vimagit";
|
||||
rev = "308650ddc1e9a94e49fae0ea04bbc1c45f23d4c4";
|
||||
fetchSubmodules = false;
|
||||
sha256 = "sha256-fhazQQqyFaO0fdoeNI9nBshwTDhKNHH262H/QThtuO0=";
|
||||
};
|
||||
date = "2022-07-03";
|
||||
});
|
||||
};
|
||||
}
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
VISUAL = "/etc/profiles/per-user/${psCfg.user.name}/bin/nvim";
|
||||
|
||||
# fix "xdg-open fork-bomb" your preferred browser from here
|
||||
BROWSER = "${pkgs.firefox-wayland}/bin/firefox";
|
||||
BROWSER = "firefox";
|
||||
|
||||
# node
|
||||
NODE_REPL_HISTORY = "${xdg.dataHome}/node_repl_history";
|
||||
|
|
|
@ -1,21 +1,20 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 hPyiJw o4N8NmW8LiDRYhFe/FAjOhNVBrIfR0b/CFdGQsxVtWM
|
||||
hCLU6rlPPOwIXUEo3XczTLOEOSpzhi8CmUUilpgZjgk
|
||||
-> ssh-ed25519 YFSOsg m1QEvo5sxpXKiz1mqU8vSqOkizROkwDOWTqy/nAbyGA
|
||||
Je9eJsT4cgyCE/orOfClUSzorzXwQIm1fQWwd5FczWw
|
||||
-> ssh-ed25519 hPyiJw 6XC5HcC380qjat1hwwxDv6FKtMpoB3YhO6SIE/vY8Bg
|
||||
3+FZexCmu0LnJ1zhSDi9ALPZyFJQaGWAbDucDGx1p6s
|
||||
-> ssh-ed25519 YFSOsg fLK2Dm1M/ENMOjtqnIsVgpPxWSLzgQUIJZQgi/Jjj0M
|
||||
0nAlkBsypGnKILFZw2aH1R7bbLYvwxkkKeoSS13WNT4
|
||||
-> ssh-rsa 42S2Dw
|
||||
aznDLPbJy/sfJHsYLt2bt7wzwPEn2NdYDsdxVzOqmZJL/3wVvjHUTaioaIsZBqaf
|
||||
/HWZYBgMPRIQHXjtGJTQXLFpM2TjEwzJqkIHMJoVq099YWHq/JvZeU+h/d7rXiXC
|
||||
3I0NSAikvBXa1+X1WPKQrvRBsqhiwnDGUDWXauTzSDu4FHLgAxGU+47xEp1EuJDJ
|
||||
YdXXMOqFvrN9iokaGlRlOprhVCver2YMDqGSUekbEifJDpyGmCqYOygh9qltLDfd
|
||||
QQjAIV8E+jYrvG168hMQQzoE8oZRMv7UYATmJ8bdTP244owoeEhiW+g43XWYduv6
|
||||
QKIJPlwASiGalUZPsIPoEA
|
||||
-> ssh-ed25519 iHV63A 4RSm0/OwowRHTa0W2Gfbq9LTI4d0gM8macNk3Gntv0g
|
||||
sN82+hCyatAWEckguYGN0TxvSYDqP5cnY46s9z5JLvY
|
||||
-> ssh-ed25519 t1M4HQ YILk5vPHK6++f9QB3dGMSWoai1b8pBWG/lIC+g2hK3Y
|
||||
A874dqyb8aTqyIQ54J4MaQYf/psIS4Ixcp23iwA5wwY
|
||||
-> tV2gFP~-grease :{( C-v' cM2 Or?|@#I~
|
||||
nhLrAX8v3J/6846qoFDyKf6mUc+qWAmNXOYgu7DnDi9VtBsmDYhhmhzPF6k90YFG
|
||||
sJKoy1BEcOaLcy8UNGNTnmkQ0qI5Ig6CgPu8ohA1vKYMfTpfsl6nayU
|
||||
--- ngrcCLqZmP/lqvIuBYgisjkHHjWmrUjApvZMjbLTB/I
|
||||
Q`•<wRâeè-ûÙ·)‰t<E280B0>ìúß˸pµC½›Ø¼)÷é+À¢én2½ÓŒf13"SV°Iz@Â%n×&Òj©‡¸‰[Ò«V×.E
|
||||
eWx85iMbgHBwTEHL2Rk4wvHxz0LJ8mQR1J2/+tiyh9Gnu8zwcbY8QgkFtP6jg1m5
|
||||
32Ije1sxSV7eXZzNeVLoPnt83+XNVjGsaljG8wFM3KU52Q35KpG3z9YNJa2wCvEv
|
||||
uXAnOQyPlMbiNIVlMOB1Mm3AKwOQ0+shtMgiGpjvxhCjhVnuXP2ZoGbKsdKkolPs
|
||||
irEpwk//+9P/jiGgtVQsxtMuvGdymXYfxnUSRM2/SmfADTpxZ1qZIgP6rt8xCdr0
|
||||
ynt9wuUnW3Jl+AajbgZQ03lkoG2CI0sW8XNMMhHKs2nkzc+44oKX8BmKKxcjzb17
|
||||
jdaYTQdAZS6C3vkRJDZTMQ
|
||||
-> ssh-ed25519 iHV63A FNEZUMi2N0//NoOlOzmLVpazAei5zZihjdJe7bu1ang
|
||||
gb9NLhR3/fAK21wS9WnMWVf8olWqkC+5oO3q4qv59oA
|
||||
-> ssh-ed25519 loGy+w TU5b9hXkD7fsD4gqs5SRzsr+9JvdoxQXtLOYBYRd4xs
|
||||
Ay3JIyKb3hLaK8j0vct6MFYQwFxSWyx0hYIU4V8ELOM
|
||||
-> s5f\-grease 9HT>f/%c
|
||||
alPwGgblUf62y+1HmKPpS6xE/IC4S575f1bXSACeC4LuWrHTpJ6JEgb0qQ
|
||||
--- 5uZsg+O17p3GDDwN7/UF/xRat9W5LrCdLFt6gtTnzhs
|
||||
ƒöo¡E·ž/´ãxÖ6„ƒÒÍŠ\]µYÊý•û°qÖæ×ñ±ã“H†:o –A¯SyyÖQTk<54>ùã<C3B9>|“}2Ž•Ñ<E280A2>;H«FÊ<46>
|
|
@ -1,24 +1,21 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 hPyiJw gZfQvV9HCdO9j5zpwMA5Yl6l6D0YMflyzmZ0v7f34Uo
|
||||
Cnr79ukKmOLh9ZRY7QknE5fvpXg4ud/fQL5C2b0x2Iw
|
||||
-> ssh-ed25519 YFSOsg C/OJOHpk3+ErUt06r8qmgaHJBU5NT8cFplFL4+9rNzU
|
||||
n4VhOfN06R9hN6+9/Y/ewAN++BbZRSJMQHjifXR++M8
|
||||
-> ssh-ed25519 hPyiJw NGXu0u0ptngfcE4tLNFRPmUdGHCfgTzkCaumDat8jR0
|
||||
UBhZ14BVr4BeezHm928NMNWqT6g0VUFXAL/c3dYgM9M
|
||||
-> ssh-ed25519 YFSOsg V/vTBbj4Xh4dbrJO9bgwSl5fbuvu979S4Fefncq9Wwc
|
||||
4kLNwkCylI6y6jbi1+7yUx6eSNxkWm80GY8ad84dw3c
|
||||
-> ssh-rsa 42S2Dw
|
||||
JBbRTa+oX87YqJlH2+cZdaw/WMajk2HDa9kZ5z1dkbdcVrZrTyIYrnUuMjIQ4nmB
|
||||
JT9J6gV/y4FL0bN9d2uzNg45NGg3ZDkeCYsCT+N3tQXEReFUWk77cZifxDtnNUCL
|
||||
8Z+wcys9AZhFfL8+4a2R0sris76WMxUy5CHVay11U7bsh6P1uAcjtXqSPpdezKd9
|
||||
gIZ7GVE/nFEwnT/G0rROH3tiGON2J3LrjbVdUn/Lu4n7YDMRDZFBhLsDw9ULdTu3
|
||||
lNBsx/vzCkZnkbDGJl8N7X5hBEe2ww+GvvfvHJwwABpD7rgC0MQxPDM5IBEVsufH
|
||||
/CSrkWpJcUzEJMNdUBinzg
|
||||
-> ssh-ed25519 iHV63A Aape0gDjnscqXIPeBoZbHsb5GEwm2MkWBOwkErZfRUU
|
||||
/mHovPO5uRwfPKBFuW0P2UT/Zi2idvHwI9ukJ1Hb8m4
|
||||
-> ssh-ed25519 w1vtTQ Qp0fg5wN0709/99WttXspmctRkdVANA039oeyc1qB34
|
||||
mXy/qVJJhysMZxzoROp53nnryegjs6/tzRWCV2QtzUA
|
||||
-> Gxy]y/-grease 6
|
||||
AUBVuO3rqf/dwC84Ns7x2Ce4CgUcw5Rm6MHK+KsKtSndt7CbfQiyfqvYKRvcEfmc
|
||||
BHJf3LCEgw0eBb4/nzlzT4lmIrjYAXBUbw0K+7E94jxMkNhWmjRto9gpYMBzqbdw
|
||||
6aQ
|
||||
--- gtgGRISbHrAdJT4edKyToERGIPZ9CR6Md+9KeRx386o
|
||||
øú†[ÏFž;B¶±e\jQ—ÊBZŸù¥[ð|º/²±ìÅËe›å7õ.1¨'ús<ú§“ßâ7ùXK
|
||||
+c
|
||||
Ðט€ã,íݱ
|
||||
rdbkL5LXbRhyQOpbiMnIwZbon9onAIqjylH8vnXoX5Sk3/tCJFEPXGQLv0Lh7bgh
|
||||
LN8RRj9t6SIzmouiS9ajixotYXy3r7EjLYpA5JcxkP0V5tbJJSwFV/fZ7CVaYPjz
|
||||
9oF/xh/UhjNnkkasGrbj6ADjJ24ucbsMHBZ9zltx8R/34eAABwZ2Ru1ebEFXSfJw
|
||||
9wKK3lxr/IGPgUJWOkoNLqGPvhN9vDq77fXcO6dv2uH4ZOh409oM4YMGnWmGDbOP
|
||||
CeovHmubjBCqhdsb7L7JXj9E8Kc6fc4wwtcBviY821SrpySmygkDECQon6ds4Oxa
|
||||
A9+nfcleqBm4Mgk99iHn0A
|
||||
-> ssh-ed25519 iHV63A pPYIapM7Aul0ysYarrjwBxweO+Oc1Sv9Jds7H/2qcjw
|
||||
bU8ArzdCfVl70hmB8KC10ahhW2bbkEUel2ZFJel2F8g
|
||||
-> ssh-ed25519 SD75nw +WbP3VZY9xVTtbRz9FpUYCat2Df8jwOf/5o2ep5X+1g
|
||||
fIdHrRh2KbW4scuuhPMVMVuZnDXRst1T700XRpGJOcY
|
||||
-> ~YoI\1Qp-grease 2 s[h]Y@ gOXflh?
|
||||
rAEG+5bSOAUeJ9buxTgmlZFMTcAQiu2acNj6bA
|
||||
--- nr6yD/mtbagIoE1TuCDqQaOs4mT8OAa47qdBmhRQUx4
|
||||
¸Ld2ˆu6U§Ý<>>†ƒ’:ƒ‡
|
||||
)OÈÌéTècø&nÌÖx"Ý«n<C2AB>rž"•Î*UNIa„kTöMwOFÁ/;ìÖªˆ‹5B©úïZ"
|
Binary file not shown.
|
@ -6,9 +6,9 @@ let
|
|||
user_hensoko_norman_1 = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+euxPp6bHXw61UeUqTGHH8Ub2L+Sy1iteupv/AGudgoVNp2GebqJy1cxQ74mgnL8eWMlaA9jZlKQ1xFFhgtolCsoAKTE9AE8X0egvmEM18fEUR3EWWchmX4MXUhUiOtwitkl4+EpSsp5rh/kIxcpQFz1dpBibroq6jDLKlrVou+2LppR8nMfFT2sqg3694Ltxz4CWMdAfitLax05ckKMAnzz+TgpXK5OyfQSBvl18Qu1SWITYa6AVNXQ7/ovWBDIUfg25GWouzWqkSUpLdCVIcXPe2X7g6X1QsHXnnhaMAhvYH54GZ4wU2kBwIJ6KvplfZdbJ09KAltPVt08evafb hendriksokolowski@hsokolowski-pc";
|
||||
user_hensoko_norman_2 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy hensoko@hensoko-tp-work";
|
||||
|
||||
system_giggles = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOLyNmSzxVpVQtTWhkH48e03nFDdskE08N4L81MZcLZ root@nixos";
|
||||
system_cox = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFNr7q7eAkROtdvTmw96Q5tZu9W4jt31OCjc6L8uM5Uv root@nixos";
|
||||
system_companion = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINjIyVeAPsIpUTsB5bPEjmJeRFN8Xp3PD9a/41yPp3HM root@nixos";
|
||||
system_giggles = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILwogNjatRZlft4qUFDFKg73kiYB1HNZZ0xGUwfyfTzP root@nixos";
|
||||
system_cox = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMINORCNhrxSdo2z70GkKrV8vcge2elgNPYzdRve+hI5 root@nixos";
|
||||
system_companion = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJu4u9Q36B8acRdBJi2RYU5pYpIMeCh+HKmtInR+IKQs root@nixos";
|
||||
|
||||
system_cube = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF5ok5tIuDKYpIw3KVmUnqBSDJ1QriWQJ04IVLF1Kaig root@nixos";
|
||||
system_ringo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5g8CfSiMxboEJT2U92JoYdnv0nsArBPW/vfTEsUWZO root@nixos";
|
||||
|
|
|
@ -30,6 +30,7 @@ in
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/58A18EtxnLYHu63c/+AyTSkJQSso/VVdHUFGp1CTk cardno:FFFE34353135"
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+euxPp6bHXw61UeUqTGHH8Ub2L+Sy1iteupv/AGudgoVNp2GebqJy1cxQ74mgnL8eWMlaA9jZlKQ1xFFhgtolCsoAKTE9AE8X0egvmEM18fEUR3EWWchmX4MXUhUiOtwitkl4+EpSsp5rh/kIxcpQFz1dpBibroq6jDLKlrVou+2LppR8nMfFT2sqg3694Ltxz4CWMdAfitLax05ckKMAnzz+TgpXK5OyfQSBvl18Qu1SWITYa6AVNXQ7/ovWBDIUfg25GWouzWqkSUpLdCVIcXPe2X7g6X1QsHXnnhaMAhvYH54GZ4wU2kBwIJ6KvplfZdbJ09KAltPVt08evafb hendriksokolowski@hsokolowski-pc"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy hensoko@hensoko-tp-work"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILh+Q5Pnh5DS6ObZ5GhiCsxqezsAlEVykDjTrdW6/cgw hensoko@surfplace"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -19,19 +19,13 @@ in
|
|||
port = 22;
|
||||
};
|
||||
"giggles" = {
|
||||
hostname = "192.168.42.232";
|
||||
user = "iot";
|
||||
port = 22;
|
||||
};
|
||||
"norman" = {
|
||||
hostname = "192.168.42.233";
|
||||
user = "hensoko";
|
||||
port = 22;
|
||||
};
|
||||
"cox" = {
|
||||
hostname = "192.168.42.234";
|
||||
user = "iot";
|
||||
port = 22;
|
||||
};
|
||||
"companion" = {
|
||||
user = "iot";
|
||||
|
@ -51,6 +45,11 @@ in
|
|||
user = "git";
|
||||
port = 2222;
|
||||
};
|
||||
|
||||
"falcone" = {
|
||||
hostname = "192.168.42.117";
|
||||
user = "iot";
|
||||
};
|
||||
};
|
||||
extraConfig = "PubKeyAcceptedKeyTypes +ssh-rsa";
|
||||
};
|
||||
|
|
|
@ -11,6 +11,7 @@ in
|
|||
home-manager.users = { inherit (hmUsers) iot; };
|
||||
|
||||
pub-solar = {
|
||||
core.lite = true;
|
||||
user = {
|
||||
name = "iot";
|
||||
description = "hensoko iot user";
|
||||
|
@ -21,6 +22,7 @@ in
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEbaQdxp7Flz6ttELe63rn+Nt9g43qJOLih6VCMP4gPb hensoko@harrison"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/58A18EtxnLYHu63c/+AyTSkJQSso/VVdHUFGp1CTk cardno:FFFE34353135"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy hensoko@hensoko-tp-work"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILh+Q5Pnh5DS6ObZ5GhiCsxqezsAlEVykDjTrdW6/cgw hensoko@surfplace"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -26,7 +26,6 @@ in
|
|||
dig
|
||||
fping
|
||||
btop
|
||||
htop
|
||||
ncdu
|
||||
sysstat
|
||||
tig
|
||||
|
|
Loading…
Reference in a new issue