Compare commits
5 Commits
9e3e04422a
...
ff8fdccc05
Author | SHA1 | Date | |
---|---|---|---|
ff8fdccc05 | |||
d8bb7cd045 | |||
30bafe174e | |||
cef3293400 | |||
93cd9620dd |
433
flake.lock
433
flake.lock
@ -1,5 +1,26 @@
|
||||
{
|
||||
"nodes": {
|
||||
"agenix": {
|
||||
"inputs": {
|
||||
"darwin": "darwin",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1682101079,
|
||||
"narHash": "sha256-MdAhtjrLKnk2uiqun1FWABbKpLH090oeqCSiWemtuck=",
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"rev": "2994d002dcff5353ca1ac48ec584c7f6589fe447",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"all-cabal-json": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
@ -189,6 +210,44 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"crane_4": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1670900067,
|
||||
"narHash": "sha256-VXVa+KBfukhmWizaiGiHRVX/fuk66P8dgSFfkVN4/MY=",
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"rev": "59b31b41a589c0a65e4a1f86b0e5eac68081468b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"darwin": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"agenix",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1673295039,
|
||||
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "lnl7",
|
||||
"ref": "master",
|
||||
"repo": "nix-darwin",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"devshell": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
@ -336,6 +395,77 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"dream2nix_3": {
|
||||
"inputs": {
|
||||
"all-cabal-json": [
|
||||
"musikquad",
|
||||
"nci"
|
||||
],
|
||||
"crane": "crane_4",
|
||||
"devshell": [
|
||||
"musikquad",
|
||||
"nci"
|
||||
],
|
||||
"drv-parts": "drv-parts_2",
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-parts": [
|
||||
"musikquad",
|
||||
"nci",
|
||||
"parts"
|
||||
],
|
||||
"flake-utils-pre-commit": [
|
||||
"musikquad",
|
||||
"nci"
|
||||
],
|
||||
"ghc-utils": [
|
||||
"musikquad",
|
||||
"nci"
|
||||
],
|
||||
"gomod2nix": [
|
||||
"musikquad",
|
||||
"nci"
|
||||
],
|
||||
"mach-nix": [
|
||||
"musikquad",
|
||||
"nci"
|
||||
],
|
||||
"nix-pypi-fetcher": [
|
||||
"musikquad",
|
||||
"nci"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"musikquad",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgsV1": "nixpkgsV1_2",
|
||||
"poetry2nix": [
|
||||
"musikquad",
|
||||
"nci"
|
||||
],
|
||||
"pre-commit-hooks": [
|
||||
"musikquad",
|
||||
"nci"
|
||||
],
|
||||
"pruned-racket-catalog": [
|
||||
"musikquad",
|
||||
"nci"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1680605243,
|
||||
"narHash": "sha256-dUrxj653kcLvjNKRI7NoTJoj+Q7G+vOYsl4iuwtnIWo=",
|
||||
"owner": "nix-community",
|
||||
"repo": "dream2nix",
|
||||
"rev": "34a80ab215f1f24068ea9c76f3a7e5bc19478653",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "dream2nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"drv-parts": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
@ -371,6 +501,41 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"drv-parts_2": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
"musikquad",
|
||||
"nci",
|
||||
"dream2nix",
|
||||
"flake-compat"
|
||||
],
|
||||
"flake-parts": [
|
||||
"musikquad",
|
||||
"nci",
|
||||
"dream2nix",
|
||||
"flake-parts"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"musikquad",
|
||||
"nci",
|
||||
"dream2nix",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1680172861,
|
||||
"narHash": "sha256-QMyI338xRxaHFDlCXdLCtgelGQX2PdlagZALky4ZXJ8=",
|
||||
"owner": "davhau",
|
||||
"repo": "drv-parts",
|
||||
"rev": "ced8a52f62b0a94244713df2225c05c85b416110",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "davhau",
|
||||
"repo": "drv-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"fenix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
@ -457,6 +622,22 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat_5": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1673956053,
|
||||
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"locked": {
|
||||
"lastModified": 1678901627,
|
||||
@ -611,6 +792,82 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"mk-naked-shell_2": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1681286841,
|
||||
"narHash": "sha256-3XlJrwlR0nBiREnuogoa5i1b4+w/XPe0z8bbrJASw0g=",
|
||||
"owner": "yusdacra",
|
||||
"repo": "mk-naked-shell",
|
||||
"rev": "7612f828dd6f22b7fb332cc69440e839d7ffe6bd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "yusdacra",
|
||||
"repo": "mk-naked-shell",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"musikquad": {
|
||||
"inputs": {
|
||||
"nci": "nci_3",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"parts": "parts_5"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1683296163,
|
||||
"narHash": "sha256-pOdVitwRl8gUNMxInXwJJtXffSYYsAc0EWkFSFGvrRk=",
|
||||
"owner": "yusdacra",
|
||||
"repo": "musikquadrupled",
|
||||
"rev": "e259740d501d00fb3548b0be145817ef8fdc35ae",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "yusdacra",
|
||||
"repo": "musikquadrupled",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"musikspider": {
|
||||
"inputs": {
|
||||
"naked-shell": "naked-shell",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"parts": "parts_6",
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1683276540,
|
||||
"narHash": "sha256-JiuT8wmMH+vNVyBS18i/RNLDBUDEUCNdeqkwPQYsMDM=",
|
||||
"owner": "yusdacra",
|
||||
"repo": "musikspider",
|
||||
"rev": "913b0df0b0a5ed78aa761584d9c6f87eff0e781d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "yusdacra",
|
||||
"repo": "musikspider",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"naked-shell": {
|
||||
"locked": {
|
||||
"lastModified": 1681286841,
|
||||
"narHash": "sha256-3XlJrwlR0nBiREnuogoa5i1b4+w/XPe0z8bbrJASw0g=",
|
||||
"owner": "yusdacra",
|
||||
"repo": "mk-naked-shell",
|
||||
"rev": "7612f828dd6f22b7fb332cc69440e839d7ffe6bd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "yusdacra",
|
||||
"repo": "mk-naked-shell",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nci": {
|
||||
"inputs": {
|
||||
"devshell": "devshell",
|
||||
@ -663,13 +920,38 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nci_3": {
|
||||
"inputs": {
|
||||
"dream2nix": "dream2nix_3",
|
||||
"mk-naked-shell": "mk-naked-shell_2",
|
||||
"nixpkgs": [
|
||||
"musikquad",
|
||||
"nixpkgs"
|
||||
],
|
||||
"parts": "parts_4",
|
||||
"rust-overlay": "rust-overlay_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1681711895,
|
||||
"narHash": "sha256-/EeP+RRIw68/0C7CaOAElYQ2pXZAQCWnnU/qjO8OKKM=",
|
||||
"owner": "yusdacra",
|
||||
"repo": "nix-cargo-integration",
|
||||
"rev": "cee5dba8ca34ccb0829ae3812d23afbea1fd9d5d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "yusdacra",
|
||||
"repo": "nix-cargo-integration",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nil": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_3",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"rust-overlay": "rust-overlay_4"
|
||||
"rust-overlay": "rust-overlay_5"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1680544266,
|
||||
@ -787,6 +1069,40 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib_3": {
|
||||
"locked": {
|
||||
"dir": "lib",
|
||||
"lastModified": 1680213900,
|
||||
"narHash": "sha256-cIDr5WZIj3EkKyCgj/6j3HBH4Jj1W296z7HTcWj1aMA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e3652e0735fbec227f342712f180f4f21f0594f2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"dir": "lib",
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-master": {
|
||||
"locked": {
|
||||
"lastModified": 1683296009,
|
||||
"narHash": "sha256-qc9IVP773bE1mEygZx70OGQQ23loAOwgiED86mRVfMk=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "00c0a2333ff02d1f4a7dbf2080648c9d969e0236",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "master",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-wayland": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
@ -818,6 +1134,21 @@
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgsV1_2": {
|
||||
"locked": {
|
||||
"lastModified": 1678500271,
|
||||
"narHash": "sha256-tRBLElf6f02HJGG0ZR7znMNFv/Uf7b2fFInpTHiHaSE=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "5eb98948b66de29f899c7fe27ae112a47964baf8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-22.11",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1680213900,
|
||||
@ -923,19 +1254,84 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"parts_4": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"musikquad",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1680392223,
|
||||
"narHash": "sha256-n3g7QFr85lDODKt250rkZj2IFS3i4/8HBU2yKHO3tqw=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "dcc36e45d054d7bb554c9cdab69093debd91a0b5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"parts_5": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"musikquad",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1680392223,
|
||||
"narHash": "sha256-n3g7QFr85lDODKt250rkZj2IFS3i4/8HBU2yKHO3tqw=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "dcc36e45d054d7bb554c9cdab69093debd91a0b5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"parts_6": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": "nixpkgs-lib_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1680392223,
|
||||
"narHash": "sha256-n3g7QFr85lDODKt250rkZj2IFS3i4/8HBU2yKHO3tqw=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "dcc36e45d054d7bb554c9cdab69093debd91a0b5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"agenix": "agenix",
|
||||
"bernbot": "bernbot",
|
||||
"blender-bin": "blender-bin",
|
||||
"blog": "blog",
|
||||
"conduit": "conduit",
|
||||
"helix": "helix",
|
||||
"home": "home",
|
||||
"musikquad": "musikquad",
|
||||
"musikspider": "musikspider",
|
||||
"nil": "nil",
|
||||
"nixinate": "nixinate",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixos-persistence": "nixos-persistence",
|
||||
"nixpkgs": "nixpkgs_3",
|
||||
"nixpkgs-master": "nixpkgs-master",
|
||||
"nixpkgs-wayland": "nixpkgs-wayland",
|
||||
"nur": "nur",
|
||||
"stylix": "stylix",
|
||||
@ -1025,6 +1421,22 @@
|
||||
}
|
||||
},
|
||||
"rust-overlay_4": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1681697975,
|
||||
"narHash": "sha256-47DFtN5PX05eD8ObImkSu2W0hyyZ5cK1Tl9EvmW2NnU=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "ffe47b90076067ad5dc25fe739d95a463bdf3c59",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"rust-overlay_5": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"nil",
|
||||
@ -1052,7 +1464,7 @@
|
||||
"stylix": {
|
||||
"inputs": {
|
||||
"base16": "base16",
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-compat": "flake-compat_4",
|
||||
"home-manager": [
|
||||
"home"
|
||||
],
|
||||
@ -1075,6 +1487,21 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1680978846,
|
||||
"narHash": "sha256-Gtqg8b/v49BFDpDetjclCYXm8mAnTrUzR0JnE2nv5aw=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "x86_64-linux",
|
||||
"rev": "2ecfcac5e15790ba6ce360ceccddb15ad16d08a8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "x86_64-linux",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"locked": {
|
||||
"lastModified": 1678901627,
|
||||
@ -1092,7 +1519,7 @@
|
||||
},
|
||||
"vscode-extensions": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_4",
|
||||
"flake-compat": "flake-compat_5",
|
||||
"flake-utils": "flake-utils_4",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
|
10
flake.nix
10
flake.nix
@ -2,6 +2,7 @@
|
||||
description = "config!!!";
|
||||
|
||||
inputs = {
|
||||
nixpkgs-master.url = "github:nixos/nixpkgs/master";
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
nur.url = "github:nix-community/NUR";
|
||||
|
||||
@ -41,6 +42,15 @@
|
||||
vscode-extensions.url = "github:nix-community/nix-vscode-extensions";
|
||||
vscode-extensions.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
agenix.url = "github:ryantm/agenix";
|
||||
agenix.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
musikquad.url = "github:yusdacra/musikquadrupled";
|
||||
musikquad.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
musikspider.url = "github:yusdacra/musikspider";
|
||||
musikspider.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
# needed for hyprland setup
|
||||
# hyprland.url = "github:hyprwm/Hyprland";
|
||||
# hyprland.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
@ -6,7 +6,6 @@
|
||||
}: let
|
||||
baseModules = [
|
||||
../modules
|
||||
../secrets
|
||||
../locale
|
||||
inputs.home.nixosModule
|
||||
];
|
||||
|
@ -9,6 +9,7 @@
|
||||
imports = with inputs;
|
||||
with nixos-hardware.nixosModules;
|
||||
[
|
||||
inputs.agenix.nixosModules.default
|
||||
nixpkgs.nixosModules.notDetected
|
||||
nixos-persistence.nixosModule
|
||||
common-pc-ssd
|
||||
@ -114,6 +115,7 @@
|
||||
};
|
||||
|
||||
networking.firewall.allowedUDPPorts = [49152];
|
||||
networking.firewall.allowedTCPPorts = [7905 7906];
|
||||
|
||||
# for tailscale
|
||||
networking.firewall.checkReversePath = "loose";
|
||||
|
5
hosts/tkaronto/modules/nix.nix
Normal file
5
hosts/tkaronto/modules/nix.nix
Normal file
@ -0,0 +1,5 @@
|
||||
{config, ...}: {
|
||||
nix.extraOptions = ''
|
||||
!include ${config.age.secrets.nixGithubAccessToken.path}
|
||||
'';
|
||||
}
|
11
hosts/tkaronto/modules/secrets.nix
Normal file
11
hosts/tkaronto/modules/secrets.nix
Normal file
@ -0,0 +1,11 @@
|
||||
{
|
||||
age.identityPaths = ["/persist/keys/ssh_key"];
|
||||
|
||||
age.secrets.nixGithubAccessToken.file = ../../../secrets/nixGithubAccessToken.age;
|
||||
age.secrets.wgTkarontoKey = {
|
||||
file = ../../../secrets/wgTkarontoKey.age;
|
||||
mode = "600";
|
||||
owner = "systemd-network";
|
||||
group = "systemd-network";
|
||||
};
|
||||
}
|
1
hosts/tkaronto/modules/wgWolumondeIp
Normal file
1
hosts/tkaronto/modules/wgWolumondeIp
Normal file
@ -0,0 +1 @@
|
||||
23.88.101.188
|
1
hosts/tkaronto/modules/wgWolumondeKey.pub
Normal file
1
hosts/tkaronto/modules/wgWolumondeKey.pub
Normal file
@ -0,0 +1 @@
|
||||
wua7uoPmmz0nXop3TKJOEUJ++LSmJdQxCRk9rNbPaAg=
|
36
hosts/tkaronto/modules/wireguard.nix
Normal file
36
hosts/tkaronto/modules/wireguard.nix
Normal file
@ -0,0 +1,36 @@
|
||||
{config, ...}: {
|
||||
systemd.network.enable = true;
|
||||
systemd.network.netdevs."wg0" = {
|
||||
enable = true;
|
||||
netdevConfig = {
|
||||
Name = "wg0";
|
||||
Kind = "wireguard";
|
||||
};
|
||||
wireguardConfig = {
|
||||
PrivateKeyFile = config.age.secrets.wgTkarontoKey.path;
|
||||
};
|
||||
wireguardPeers = [
|
||||
{
|
||||
wireguardPeerConfig = {
|
||||
PublicKey = builtins.readFile ./wgWolumondeKey.pub;
|
||||
AllowedIPs = ["10.99.0.1/32"];
|
||||
Endpoint = "${builtins.readFile ./wgWolumondeIp}:51820";
|
||||
PersistentKeepalive = 25;
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
systemd.network.networks."wg0" = {
|
||||
matchConfig.Name = "wg0";
|
||||
networkConfig.Address = "10.99.0.2/24";
|
||||
# routes = [
|
||||
# {
|
||||
# routeConfig = {
|
||||
# Gateway = "10.99.0.1";
|
||||
# Destination = "10.99.0.0/24";
|
||||
# GatewayOnLink = true;
|
||||
# };
|
||||
# }
|
||||
# ];
|
||||
};
|
||||
}
|
@ -1,12 +1,13 @@
|
||||
{
|
||||
inputs,
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
tlib,
|
||||
...
|
||||
}: {
|
||||
imports = tlib.importFolder (toString ./modules);
|
||||
imports =
|
||||
[
|
||||
inputs.agenix.nixosModules.default
|
||||
]
|
||||
++ (tlib.importFolder (toString ./modules));
|
||||
|
||||
boot.cleanTmpDir = true;
|
||||
zramSwap.enable = true;
|
||||
@ -14,7 +15,7 @@
|
||||
# firewall stuffs
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [22 80 443];
|
||||
allowedTCPPorts = [22 80 443 5005];
|
||||
allowedUDPPortRanges = [];
|
||||
};
|
||||
|
||||
|
@ -1,4 +1,5 @@
|
||||
{
|
||||
config,
|
||||
inputs,
|
||||
pkgs,
|
||||
lib,
|
||||
@ -17,7 +18,7 @@ in {
|
||||
Restart = "on-failure";
|
||||
RestartSec = 5;
|
||||
WorkingDirectory = "/var/lib/bernbot";
|
||||
EnvironmentFile = "${inputs.self}/secrets/bernbot_token";
|
||||
EnvironmentFile = config.age.secrets.bernbotToken.path;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
@ -4,7 +4,7 @@
|
||||
...
|
||||
}: {
|
||||
services.nginx.virtualHosts."gaze.systems" = {
|
||||
enableACME = true;
|
||||
useACMEHost = "gaze.systems";
|
||||
forceSSL = true;
|
||||
root = "${inputs.blog.packages.${pkgs.system}.site}";
|
||||
locations."/".extraConfig = ''
|
||||
|
@ -32,7 +32,7 @@ in {
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."matrix.gaze.systems" = {
|
||||
enableACME = true;
|
||||
useACMEHost = "gaze.systems";
|
||||
forceSSL = true;
|
||||
locations."/".proxyPass = "http://localhost:${toString config.services.matrix-conduit.settings.global.port}";
|
||||
};
|
||||
|
@ -11,7 +11,7 @@
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."git.gaze.systems" = {
|
||||
enableACME = true;
|
||||
useACMEHost = "gaze.systems";
|
||||
forceSSL = true;
|
||||
locations."/".proxyPass = "http://localhost:3001";
|
||||
};
|
||||
|
37
hosts/wolumonde/modules/musikquadrupled.nix
Normal file
37
hosts/wolumonde/modules/musikquadrupled.nix
Normal file
@ -0,0 +1,37 @@
|
||||
{
|
||||
config,
|
||||
inputs,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
pkg = inputs.musikquad.packages.${pkgs.system}.default;
|
||||
in {
|
||||
users.users.musikquad = {
|
||||
isSystemUser = true;
|
||||
group = "musikquad";
|
||||
};
|
||||
users.groups.musikquad = {};
|
||||
|
||||
systemd.services.musikquadrupled = {
|
||||
description = "musikquadrupled";
|
||||
wantedBy = ["multi-user.target"];
|
||||
after = ["network.target"];
|
||||
serviceConfig = {
|
||||
User = "musikquad";
|
||||
ExecStart = "${pkg}/bin/musikquadrupled";
|
||||
Restart = "on-failure";
|
||||
RestartSec = 5;
|
||||
WorkingDirectory = "/var/lib/musikquad";
|
||||
EnvironmentFile = config.age.secrets.musikquadConfig.path;
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."mq.gaze.systems" = {
|
||||
useACMEHost = "gaze.systems";
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:5005";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
}
|
11
hosts/wolumonde/modules/musikspider.nix
Normal file
11
hosts/wolumonde/modules/musikspider.nix
Normal file
@ -0,0 +1,11 @@
|
||||
{
|
||||
pkgs,
|
||||
inputs,
|
||||
...
|
||||
}: {
|
||||
services.nginx.virtualHosts."ms.gaze.systems" = {
|
||||
useACMEHost = "gaze.systems";
|
||||
forceSSL = true;
|
||||
root = "${inputs.musikspider.packages.${pkgs.system}.musikspider}";
|
||||
};
|
||||
}
|
@ -6,8 +6,20 @@
|
||||
recommendedGzipSettings = true;
|
||||
recommendedProxySettings = true;
|
||||
};
|
||||
|
||||
users.users.nginx.extraGroups = ["acme"];
|
||||
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
defaults.email = (import "${inputs.self}/personal.nix").emails.primary;
|
||||
certs."gaze.systems" = {
|
||||
webroot = "/var/lib/acme/acme-challenge";
|
||||
extraDomainNames = [
|
||||
"git.gaze.systems"
|
||||
"matrix.gaze.systems"
|
||||
"ms.gaze.systems"
|
||||
"mq.gaze.systems"
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
10
hosts/wolumonde/modules/secrets.nix
Normal file
10
hosts/wolumonde/modules/secrets.nix
Normal file
@ -0,0 +1,10 @@
|
||||
{
|
||||
age.secrets.bernbotToken.file = ../../../secrets/bernbotToken.age;
|
||||
age.secrets.wgWolumondeKey = {
|
||||
file = ../../../secrets/wgWolumondeKey.age;
|
||||
mode = "600";
|
||||
owner = "systemd-network";
|
||||
group = "systemd-network";
|
||||
};
|
||||
age.secrets.musikquadConfig.file = ../../../secrets/musikquadConfig.age;
|
||||
}
|
@ -5,6 +5,6 @@
|
||||
passwordAuthentication = false;
|
||||
};
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
(builtins.readFile "${inputs.self}/secrets/ssh-key.pub")
|
||||
(builtins.readFile "${inputs.self}/secrets/yusdacra.key.pub")
|
||||
];
|
||||
}
|
||||
|
1
hosts/wolumonde/modules/wgTkarontoKey.pub
Normal file
1
hosts/wolumonde/modules/wgTkarontoKey.pub
Normal file
@ -0,0 +1 @@
|
||||
IPz9tX4jsDOYcujU5B2KVuPaPVG2JaYA1FqLsZzky0Q=
|
46
hosts/wolumonde/modules/wireguard.nix
Normal file
46
hosts/wolumonde/modules/wireguard.nix
Normal file
@ -0,0 +1,46 @@
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
environment.systemPackages = [pkgs.wireguard-tools];
|
||||
|
||||
systemd.network.enable = true;
|
||||
systemd.network.netdevs."wg0" = {
|
||||
enable = true;
|
||||
netdevConfig = {
|
||||
Name = "wg0";
|
||||
Kind = "wireguard";
|
||||
};
|
||||
wireguardConfig = {
|
||||
ListenPort = 51820;
|
||||
PrivateKeyFile = config.age.secrets.wgWolumondeKey.path;
|
||||
};
|
||||
wireguardPeers = [
|
||||
{
|
||||
wireguardPeerConfig = {
|
||||
PublicKey = builtins.readFile ./wgTkarontoKey.pub;
|
||||
AllowedIPs = ["10.99.0.2/32"];
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
systemd.network.networks."wg0" = {
|
||||
matchConfig.Name = "wg0";
|
||||
networkConfig.Address = "10.99.0.1/24";
|
||||
# routes = [
|
||||
# {
|
||||
# routeConfig = {
|
||||
# Gateway = "10.99.0.1";
|
||||
# Destination = "10.99.0.0/24";
|
||||
# };
|
||||
# }
|
||||
# ];
|
||||
};
|
||||
|
||||
boot.kernel.sysctl = {
|
||||
"net.ipv4.ip_forward" = 1;
|
||||
};
|
||||
|
||||
networking.firewall.allowedUDPPorts = [51820];
|
||||
}
|
@ -14,8 +14,11 @@ lib.makeExtensible (self: {
|
||||
importFolder = modules: let
|
||||
b = builtins;
|
||||
files = b.readDir modules;
|
||||
fileNames = b.attrNames files;
|
||||
filesToImport =
|
||||
b.map (name: "${modules}/${name}") (b.attrNames files);
|
||||
b.map
|
||||
(name: "${modules}/${name}")
|
||||
(b.filter (name: b.match ".*\.nix" name != null) fileNames);
|
||||
in
|
||||
filesToImport;
|
||||
|
||||
|
@ -2,7 +2,6 @@
|
||||
pkgs,
|
||||
lib,
|
||||
inputs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
nix = {
|
||||
@ -20,7 +19,6 @@
|
||||
fallback = true
|
||||
extra-experimental-features = nix-command flakes
|
||||
builders-use-substitutes = true
|
||||
netrc-file = /etc/nix/netrc
|
||||
'';
|
||||
nixPath = ["nixpkgs=${inputs.nixpkgs}" "home-manager=${inputs.home}"];
|
||||
};
|
||||
|
@ -1,6 +1,6 @@
|
||||
{
|
||||
{lib, ...}: {
|
||||
networking.resolvconf.useLocalResolver = true;
|
||||
networking.networkmanager.dns = "none";
|
||||
networking.networkmanager.dns = lib.mkForce "none";
|
||||
services.dnscrypt-proxy2 = {
|
||||
enable = true;
|
||||
settings = {
|
||||
|
3
pkgs-set/overlays/agenix.nix
Normal file
3
pkgs-set/overlays/agenix.nix
Normal file
@ -0,0 +1,3 @@
|
||||
{inputs}: final: prev: {
|
||||
agenix = inputs.agenix.packages."${final.system}".agenix;
|
||||
}
|
3
pkgs-set/overlays/musikcube.nix
Normal file
3
pkgs-set/overlays/musikcube.nix
Normal file
@ -0,0 +1,3 @@
|
||||
{inputs}: final: prev: {
|
||||
musikcube = inputs.nixpkgs-master.legacyPackages.${final.system}.musikcube;
|
||||
}
|
4
secrets/.gitattributes
vendored
4
secrets/.gitattributes
vendored
@ -1,4 +0,0 @@
|
||||
* filter=git-crypt diff=git-crypt
|
||||
ssh-key.pub !filter !diff
|
||||
.gitattributes !filter !diff
|
||||
README.md !filter !diff
|
19
secrets/bernbotToken.age
Normal file
19
secrets/bernbotToken.age
Normal file
@ -0,0 +1,19 @@
|
||||
age-encryption.org/v1
|
||||
-> ssh-ed25519 KjIL7g 9zqnchTxa2RNHh6dA3ywXt7kkdP7PIT09IDW5S5NBQU
|
||||
kBvwfU6jyBgPkjww8mm7aKjDeC/te9AySRQhWW8zDkA
|
||||
-> ssh-rsa Abmvag
|
||||
CK5dRW3YSK7sSZoYqxuolfjHQkIKEKbzX4Z6PjaRaF5l5+/JPQnFhi+/AvhjAD5T
|
||||
kdgUw6NjWRRRz8oxRfdXezDv+ilFT1SomYvvbc0BtVm1MSoSrw8mwvcP10E1Ufet
|
||||
B5SgfGR1RCKrzUxG+zD7iXRfnpvpC7RURSRqSFoLZOEiHYE+yRaEWsL7bq5jrIqt
|
||||
OOH7OP+g+ScReyaTz02ReHqCNnKl4YqM5V1EfCEgrchwMbEFZji7cqmoTQcG0Dbd
|
||||
c16kdGwzTJrqKkcTGnGn+MwQb5WrSvWmE5JTliq+ksC8Mujot+ufZa1UFPz3uPJh
|
||||
j2UIc4sWTRba7Jz/nqL2Ef5d8LeXtus/TqNszRBW3AIffXl5I04kQTb+sAv8WPTx
|
||||
fH34li8Dd2RZdK/iPlJMqsUJhnb/4QpvDQaqigAzX9WLQy4sllsXQdjSwgm8Chen
|
||||
0peoZsFiPkQrQ3qs9tm0JI8xFbFOnvaso0o9iMGi6JZfc1Xx1P1l533yJjm6BOAl
|
||||
h7rX7ocLi8kfTmXAIzo80Ux0WfHyWkqvMbE6E59T5tVwcTyJQwg3F8UFs+HB7zY9
|
||||
NajjyLZP7FnLFyEY9OkdZ+TmTERu7EssHWVVnm7y3YdglUbGI7dvNrYXEfK35HEN
|
||||
kAofFoIKRIEx/EJfcqFksb3ghIg+d3TzfMSJlefhJXg
|
||||
-> ~am?#^s~-grease
|
||||
TZj9QCRRKFXA4zbN86Hc88WzEJGSfhfdiylgXgsVqmgdevbrs+Yek0NpdA
|
||||
--- TI12rWP+DxEO/4ynIKZLXUraDINwjquPe27/MLbF+ws
|
||||
Žû=úWùgÕÞ¦|ã.ÍÙU<6æJ]^8!s¸’QØ$psÇÖëÕa™±4Êq?!#üfô Ò¿œø›ü®ŸJOœ<4F>^çFçTwgh@낺¡Ö¨P˜‡“ô —ƒ
Évwð`Ô`4‹;ÿ£3 ÖG\Œ
|
Binary file not shown.
Binary file not shown.
BIN
secrets/musikquadConfig.age
Normal file
BIN
secrets/musikquadConfig.age
Normal file
Binary file not shown.
20
secrets/nixGithubAccessToken.age
Normal file
20
secrets/nixGithubAccessToken.age
Normal file
@ -0,0 +1,20 @@
|
||||
age-encryption.org/v1
|
||||
-> ssh-rsa Abmvag
|
||||
f0TCb9mYA+pCLmnD+OrOCeXn4rZLQauDPctBDjw2OR8t5fRp+WMSp/dW8MmFO9iF
|
||||
WMSpF/ga4DO3VnvsVtJ21tbekknoZqGMoIXQUL7ROYqbqWuJu0Oq63n0bJWI+Q8d
|
||||
ugCJAhGgAkLADddneLNPLS6Fs/eO1ABGdgWBatreA32MZYHGarML1tpsCVy2s8z+
|
||||
elfcNyGKKmjQHauvlkDYmPuRWoH7PX0Ef9fSSppYoVExwOmQxj18P7sIa5X4GSN3
|
||||
BPSWEViUA6jO+bXsj+DLu6t9ReloFkYynamRsLtnKrGzMlJTnqCp9PAqOiOMXK9I
|
||||
w5gC6ViD/2vPgkfogBbsFhUrGwAhrdeRJ5z+uacOq6I1mn3nZs5DnPs6BVBDKidc
|
||||
KVEHNTwpLpEbaS6cOnXfSYuJd5UNJbnKi75cCI8I5fe0Bd5g2rJTsd3EZQOKE/34
|
||||
3veDcCcWNL1ZykeUsUUj4V4vzSiWS5//nyFum54y3ihtvZIeFbtm2Jh403YuQHKn
|
||||
ltFgYnIS5KjdfeQ11LOfDaHFbzIjqIWULJ6KV9zRqPmmb08diuiJ3LvXHxTVQ1/N
|
||||
K1742vDJucMuSLhFIVq/lufCSg3DMXVJUs8U5VhaFCNTPXBWR3ZaS1AwZgm4bhW2
|
||||
FQx+YDv5E2z0RSbqDUK07SPh33xu2XWkXEPH8KwB8d4
|
||||
-> "J,lTC+-grease p ,
|
||||
TRD6pwBJQ9U
|
||||
--- uAglxAkrcJdg7FPLhAin6AUGoYQQ9O071OIZptp9790
|
||||
†[†óð!!Ôüxº"¬œç`Y£IÂöÖ<>šG
|
||||
(¥F:dq©E›ÎChl˜ùìÕä ±¤ù}]`Ý6wñm`X
|
||||
•Ãy±t@qµ
|
||||
lýçÅ[¿RúúÝ<C3BA>(š~tù£M±^zÆý
|
10
secrets/secrets.nix
Normal file
10
secrets/secrets.nix
Normal file
@ -0,0 +1,10 @@
|
||||
let
|
||||
yusdacra = builtins.readFile ./yusdacra.key.pub;
|
||||
wolumonde = builtins.readFile ./wolumonde.key.pub;
|
||||
in {
|
||||
"wgWolumondeKey.age".publicKeys = [yusdacra wolumonde];
|
||||
"wgTkarontoKey.age".publicKeys = [yusdacra];
|
||||
"bernbotToken.age".publicKeys = [yusdacra wolumonde];
|
||||
"musikquadConfig.age".publicKeys = [yusdacra wolumonde];
|
||||
"nixGithubAccessToken.age".publicKeys = [yusdacra];
|
||||
}
|
17
secrets/wgTkarontoKey.age
Normal file
17
secrets/wgTkarontoKey.age
Normal file
@ -0,0 +1,17 @@
|
||||
age-encryption.org/v1
|
||||
-> ssh-rsa Abmvag
|
||||
fO3lQR63PmOPCObw33ZW6wydazNyiY4DMELKcb+ScKsbWqv++DzZy9rhTAzIWy0L
|
||||
mV5H06XQKrN8JxzC8S6KHKBiyFZBwMw4Q9HXQAj+GsKy9Ts8mT9Eydq2dVYlceBl
|
||||
6U31EO1EkKh5wGbQztSc52uEIKwfskNM7pgF9FQkChFX3Fju7CDxQaJwtQQ9/6Fz
|
||||
HikmDoK9EHdSyEowGFLzOSN+8nuI+QgH0e9p8NUGkZZt02V3KTZBgoSkeCwlqr3I
|
||||
F8fr8mkmHmBq3X1AdDushorCHJioh9ZTcLhCd+WZwG8G+gtlnyLNNENEqcFO08yR
|
||||
1KbCpr4wxmMGPs+vnE0PjFSZpvbT0qegauM0e/yGmZI7SjR8NfkN4Yah+lfgHgU6
|
||||
ThsHav2FeDDKVocJrRMfyuMn0DB3wMv5XMBD41PQP9te3URQhrg9DptTUbtvcgBm
|
||||
UQs83DL7UB5beNuku4pdb5ihXmmIu+UBXWRjbVXcdwVwTeUYSi+FzRKGeHN8Q6zB
|
||||
Sq6OUQVtRoGKLyqnH05JzrnOKLP+YvAnfn95AjZu1fvxOLen6tTxiP1Hy0/IRWJ9
|
||||
lCiDLJzueQqVU7APPNJ+mkco/9dBguuwqmjwj/0IopFLGGAXdq4xsPS6q4kmlUAb
|
||||
s0PS2XoefHyliTZaeJN4m/rA8kxrEQ+A8TG8Iq0jhrQ
|
||||
-> ImuX-grease ?
|
||||
jDl7okapM3YiqfppSi0z4/g
|
||||
--- 8OjxSYdr+L5qWxb5SyvjZ/exgFOwtiaHdHdvhMSV2CQ
|
||||
ÇŸ0¥íç›bú~†¦ý§bÔ?ì”îÆö¦ƒ6Ï úÀ+W,nÌŠŽ<C5A0>ƒ&ÈjQuËÏU<C38F>ªßmø£Bâ‹ÁS}lˆ¦ôKª]H
|
20
secrets/wgWolumondeKey.age
Normal file
20
secrets/wgWolumondeKey.age
Normal file
@ -0,0 +1,20 @@
|
||||
age-encryption.org/v1
|
||||
-> ssh-rsa Abmvag
|
||||
VCeXZjRIvdZD1E5Xt/k1uH3j9nrdtGzQ8ydHQDGWUkZpOlBlucujrGuoCuiRZGle
|
||||
7ctY5Np3lWH6aL9R8DtYmkz0AAKlZ/gK4UNdtFA9J0huNhk1GfWIuVU3yFEg+Mg0
|
||||
LW7yK3uFvELjbQy5gKLczuMQhQ+CWuCf/4pRVnpLhqrCre4+jj2bEAfICsniSdcO
|
||||
FuChw1IS7cRSttE9DShjT15Wml7+i5I4w2UY5tosi49dc8Y7FFa5EAnIkO6YbCrF
|
||||
AV5OukWoASPWlzUIBG+hx1kVGIyOfBGemoeB/xksTGfY+uIdelCzqrAWg4JdnzP3
|
||||
wgCqCCR/6xOhX4GHiJERwSeyJ54PKp+UwegOI8xPKiPOGk/8VXcpOKIaLQeb+nzW
|
||||
YwEbPzmqYtzNmQk456PGcC9Ibv9HVZbC+cjKygh4z5lBJPL9/O8tz8AGDBuMaoLD
|
||||
5DMoa9W/3BCzPW46YFJA5K4IbYfb6mqGnqTeZOq/KlxMydK1+iSgc8/ZTQEdJw80
|
||||
WrVupR6BJkiu5bvMqCsuYtEbqWNAWFFz61ifQPt4s86B7QAWgNznfcf7nlufWQw4
|
||||
u8J74WtaPe6K+wDybN3Xv9Hi5ZgwRU8220w8jHkY+986gVQoapkCv0xuxLSeJ1/9
|
||||
2m5WifiM2lIk/yTtzPosfiMz4CynmKFm17sZcVOzACI
|
||||
-> ssh-ed25519 KjIL7g jVrj2lq/7hxXvebnw92IOB+sgDt4MQF1HHInzGPrc0M
|
||||
jPb62GFP+i3Vnw08kDJeD60m2Dnz4xd7Lsgv0LQtdBI
|
||||
-> QZ=&db*J-grease '
|
||||
isL9Vjh7E/6SBk2Lcv19W7vaWqjcQRbLgNm0iPx480QpbHC7r66dF7gBrl0TmdRR
|
||||
zy2Q
|
||||
--- 1IaQ42FjPe1B/rcWmA5ghfOIN/AOuqUcfXuh7oyOHn4
|
||||
–ì<øC9LQ˜zÝ#¸P ‰Í5îìUBþÄ®T@Í•O…×·÷éF ô7tægÌfjy7/d˶,¦£ôTÞÝ4<Ž3
|
1
secrets/wolumonde.key.pub
Normal file
1
secrets/wolumonde.key.pub
Normal file
@ -0,0 +1 @@
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFqvIsMes2kz/tbRYuPvM3amJdO0hhdXqofjiwDtiJjs
|
@ -1 +1 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDUeDBW4hnHgnT0SjVFeGDztht9owObSmiyWXmmIEGQp2IMPqFpCxkOU61osvfCf4ZT92Ok9iJTohLwFBvHJRD/+CH8/b54sgFAx1lLObkJOMLz4iWZ5y4fNtBYuIA2McQSQoMDpDz6TDym7v7HF7zoUyBmfHMT/9WiX/z6Ft9hY63eh9DcF7WVURzeUvXLApt9wUYUxxdC2KZ/VrDPrIOxCcOgj3le+1zTiD8zwfAGhkzRD3IEx0yCYK6oztrh6WTwA5ZW+cLziH2sVEvSHFa2O398gIvZpzsdYTcQt06d/oyZIvftcpxD8IvjpGgHEsN/mAg0ovexyqAVk+TV/1XySKaoPPVCekap0R50CVD9kEk+GlD78XBYi++aAMIq0/D+NOXkgksfODt3yJPPzQx4KH8gcn0dQJM5zeyTwDfclzMRqCwL1eVHY00EbtG9IcLmMsWk/lM6vpHfyHqHlqNJ3CnUuDBccz9p5ORC1cuj4r9CmXPPmh7OYk7gGiQb4oxuqsYClzp93qmU7qMvGwmxBJaVagNIJgBqb5fsne0OMlcer5CH4L31ozszkSkzCXtFWNoTdgQHU1J3DxxL9WQJCfKku4EPJadYOh80USnauOke5CqfsGtf6uMq4l5Ylcc1QcNhRqxpeTLAIZx0EYDhmQ4eGjAZbiv6ddUp9dAdiQ== openpgp:0xDE3C8FCD
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDUeDBW4hnHgnT0SjVFeGDztht9owObSmiyWXmmIEGQp2IMPqFpCxkOU61osvfCf4ZT92Ok9iJTohLwFBvHJRD/+CH8/b54sgFAx1lLObkJOMLz4iWZ5y4fNtBYuIA2McQSQoMDpDz6TDym7v7HF7zoUyBmfHMT/9WiX/z6Ft9hY63eh9DcF7WVURzeUvXLApt9wUYUxxdC2KZ/VrDPrIOxCcOgj3le+1zTiD8zwfAGhkzRD3IEx0yCYK6oztrh6WTwA5ZW+cLziH2sVEvSHFa2O398gIvZpzsdYTcQt06d/oyZIvftcpxD8IvjpGgHEsN/mAg0ovexyqAVk+TV/1XySKaoPPVCekap0R50CVD9kEk+GlD78XBYi++aAMIq0/D+NOXkgksfODt3yJPPzQx4KH8gcn0dQJM5zeyTwDfclzMRqCwL1eVHY00EbtG9IcLmMsWk/lM6vpHfyHqHlqNJ3CnUuDBccz9p5ORC1cuj4r9CmXPPmh7OYk7gGiQb4oxuqsYClzp93qmU7qMvGwmxBJaVagNIJgBqb5fsne0OMlcer5CH4L31ozszkSkzCXtFWNoTdgQHU1J3DxxL9WQJCfKku4EPJadYOh80USnauOke5CqfsGtf6uMq4l5Ylcc1QcNhRqxpeTLAIZx0EYDhmQ4eGjAZbiv6ddUp9dAdiQ==
|
@ -1,9 +1,23 @@
|
||||
{tlib, ...}:
|
||||
tlib.genPkgs (pkgs: {
|
||||
tlib.genPkgs (pkgs: let
|
||||
agenix-wrapped = pkgs.writeShellApplication {
|
||||
name = "agenix";
|
||||
runtimeInputs = [pkgs.agenix];
|
||||
text = ''
|
||||
if [ -z "''${1-}" ]; then
|
||||
agenix
|
||||
else
|
||||
RULES="/etc/nixos/secrets/secrets.nix" agenix -i /etc/nixos/keys/ssh_key "$@"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
in {
|
||||
default = with pkgs;
|
||||
mkShell {
|
||||
name = "prts";
|
||||
buildInputs = [git git-crypt alejandra helix];
|
||||
shellHook = "echo \"$(tput bold)welcome to PRTS, $USER$(tput sgr0)\"";
|
||||
buildInputs = [git git-crypt alejandra helix agenix-wrapped rage];
|
||||
shellHook = ''
|
||||
echo \"$(tput bold)welcome to PRTS, $USER$(tput sgr0)\"
|
||||
'';
|
||||
};
|
||||
})
|
||||
|
45
users/modules/musikcube/default-config.json
Normal file
45
users/modules/musikcube/default-config.json
Normal file
@ -0,0 +1,45 @@
|
||||
{
|
||||
"AppQuitKey": "^D",
|
||||
"AsyncTrackListQueries": true,
|
||||
"AutoHideCommandBar": false,
|
||||
"AutoUpdateCheck": true,
|
||||
"CategoryTrackListSortOrder": 0,
|
||||
"ColorTheme": "",
|
||||
"DisableAlbumArtistFallback": false,
|
||||
"DisableCustomColors": false,
|
||||
"DisableRatingColumn": false,
|
||||
"DisableWindowTitleUpdates": true,
|
||||
"FirstRunSettingsDisplayed": true,
|
||||
"IndexerLogEnabled": false,
|
||||
"IndexerThreadCount": 4,
|
||||
"IndexerTransactionInterval": 300,
|
||||
"InheritBackgroundColor": false,
|
||||
"LastAcknowledgedUpdateVersion": "3.0.0",
|
||||
"LastFmSessionId": "",
|
||||
"LastFmToken": "",
|
||||
"LastFmUsername": "",
|
||||
"LibraryType": 1,
|
||||
"Locale": "en_US",
|
||||
"MinimizeToTray": false,
|
||||
"PiggyEnabled": false,
|
||||
"PlaybackTrackQueryTimeoutMs": 5000,
|
||||
"RatingNegativeChar": "·",
|
||||
"RatingPositiveChar": "★",
|
||||
"RemoteLibraryHostname": "127.0.0.1",
|
||||
"RemoteLibraryHttpPort": 7906,
|
||||
"RemoteLibraryHttpTls": false,
|
||||
"RemoteLibraryIgnoreVersionMismatch": 0,
|
||||
"RemoteLibraryLatencyTimeoutMs": 5000,
|
||||
"RemoteLibraryPassword": "",
|
||||
"RemoteLibraryTranscoderBitrate": 192,
|
||||
"RemoteLibraryTranscoderEnabled": false,
|
||||
"RemoteLibraryTranscoderFormat": "ogg",
|
||||
"RemoteLibraryWssPort": 7905,
|
||||
"RemoteLibraryWssTls": false,
|
||||
"RemoveMissingFiles": true,
|
||||
"SaveSessionOnExit": true,
|
||||
"StartMinimized": false,
|
||||
"SyncOnStartup": true,
|
||||
"TrackSearchSortOrder": 0,
|
||||
"UsePaletteColors": true
|
||||
}
|
22
users/modules/musikcube/default.nix
Normal file
22
users/modules/musikcube/default.nix
Normal file
@ -0,0 +1,22 @@
|
||||
{config, pkgs, lib, ...}: let
|
||||
cfg = config.programs.musikcube;
|
||||
in {
|
||||
options = {
|
||||
programs.musikcube = {
|
||||
enable = lib.mkEnableOption "whether to enable musikcube";
|
||||
package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.musikcube;
|
||||
};
|
||||
settings = lib.mkOption {
|
||||
type = (pkgs.formats.json {}).type;
|
||||
default = builtins.fromJSON (builtins.readFile ./default-config.json);
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
home.packages = [cfg.package];
|
||||
xdg.configFile."musikcube/settings.json".text = builtins.toJSON cfg.settings;
|
||||
};
|
||||
}
|
13
users/modules/musikcubed/default-config.json
Normal file
13
users/modules/musikcubed/default-config.json
Normal file
@ -0,0 +1,13 @@
|
||||
{
|
||||
"debug": false,
|
||||
"http_server_enabled": true,
|
||||
"http_server_port": 7906,
|
||||
"password": "",
|
||||
"transcoder_cache_count": 50,
|
||||
"transcoder_max_active_count": 4,
|
||||
"transcoder_synchronous": false,
|
||||
"transcoder_synchronous_fallback": false,
|
||||
"use_ipv6": false,
|
||||
"websocket_server_enabled": true,
|
||||
"websocket_server_port": 7905
|
||||
}
|
34
users/modules/musikcubed/default.nix
Normal file
34
users/modules/musikcubed/default.nix
Normal file
@ -0,0 +1,34 @@
|
||||
{config, lib, pkgs, ...}: let
|
||||
cfg = config.services.musikcubed;
|
||||
in {
|
||||
options = {
|
||||
services.musikcubed = {
|
||||
enable = lib.mkEnableOption "whether to enable musikcubed";
|
||||
package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.musikcube;
|
||||
};
|
||||
settings = lib.mkOption {
|
||||
type = (pkgs.formats.json {}).type;
|
||||
default = builtins.fromJSON (builtins.readFile ./default-config.json);
|
||||
};
|
||||
};
|
||||
};
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.user.services.musikcubed = {
|
||||
Install = {
|
||||
WantedBy = ["multi-user.target"];
|
||||
};
|
||||
Unit = {
|
||||
Description = "musikcubed";
|
||||
After = "network.target";
|
||||
};
|
||||
Service = {
|
||||
ExecStart = "${cfg.package}/bin/musikcubed --foreground";
|
||||
Restart = "on-failure";
|
||||
RestartSec = 5;
|
||||
};
|
||||
};
|
||||
xdg.configFile."musikcube/plugin_musikcubeserver(wss,http).json".text = builtins.toJSON cfg.settings;
|
||||
};
|
||||
}
|
@ -112,7 +112,7 @@ in {
|
||||
["zoxide" "zsh" "fzf" "starship" "direnv"]
|
||||
# dev stuff
|
||||
["helix" "code" "git" "ssh"]
|
||||
["lollypop"]
|
||||
["musikcube" "musikcubed"]
|
||||
];
|
||||
in
|
||||
l.flatten [
|
||||
@ -149,6 +149,7 @@ in {
|
||||
++ mkPaths ".config" [
|
||||
# "lutris"
|
||||
"dconf"
|
||||
"musikcube"
|
||||
];
|
||||
files = l.flatten [
|
||||
".config/gnome-initial-setup-done"
|
||||
@ -200,6 +201,7 @@ in {
|
||||
];
|
||||
};
|
||||
programs = {
|
||||
musikcube.enable = true;
|
||||
command-not-found.enable =
|
||||
nixosConfig.programs.command-not-found.enable;
|
||||
git = {
|
||||
@ -212,6 +214,10 @@ in {
|
||||
};
|
||||
};
|
||||
services = {
|
||||
musikcubed = {
|
||||
enable = true;
|
||||
settings.password = "somethingidk";
|
||||
};
|
||||
gpg-agent = let
|
||||
defaultCacheTtl = 3600 * 6;
|
||||
maxCacheTtl = 3600 * 24;
|
||||
|
Loading…
Reference in New Issue
Block a user