aether
/
dotfiles
forked from dark-firepit/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: aether:main
Branches Tags
aether:main
dark-firepit:main
dark-firepit:nixos-23
dark-firepit:lucent-firepit-crystal-gauntlet
...
pull from: dark-firepit:main
Branches Tags
dark-firepit:main
dark-firepit:nixos-23
dark-firepit:lucent-firepit-crystal-gauntlet
aether:main

86 Commits
main ... main

Author SHA1 Message Date
Azalea Gardenia e367d4bf1d i think i managed to disable SSL on promotions 2024-04-23 09:28:50 +02:00
Azalea Gardenia 5867be43d4 woopsie daisies 2024-04-19 21:22:47 +02:00
Azalea Gardenia 5e7a0da84a Added promotional.yugoslavia.best 2024-04-19 21:20:08 +02:00
Jill 9abbf2d8ac chore: (quite late) weekly flake update 2024-02-23 13:05:03 +01:00
Jill 906a61cae8 nidobyte package 2024-02-23 12:47:40 +01:00
Jill 2e8bce0379 minecraft stuff 2024-02-23 12:47:32 +01:00
Jill 99d6d67129 nlw-api, grafana, other stuff 2024-02-23 12:47:14 +01:00
Jill efc8872b55 + oatmealine@seven-red-suns 2024-02-23 12:46:41 +01:00
Jill d5a1e9ce50 fix nitter ???!?? 2024-02-23 12:45:47 +01:00
Jill b25bdd94a0 update flake 2024-02-23 12:45:34 +01:00
Jill ebdf499ffe more modfest build serv stuff 2024-01-02 15:13:00 +01:00
Jill e826bc5100 chore: update flake 2023-12-22 08:59:30 +01:00
Jill 0894041f4e minecraft refactors woo woo 2023-12-18 06:56:27 +01:00
Jill d5285d9249 promtail 2023-12-14 14:48:09 +01:00
Jill a5038dc4c0 set up modfest-build mc server 2023-12-14 14:46:37 +01:00
Jill ba4b977388 upgrade to NixOS 23.11 
code-server has been Expunged. forgejo themes dropped for the time being since they were buggy anyways
 2023-12-08 12:07:04 +01:00
Jill df817fa2c1 attempts to get nextcloud to work 2023-12-08 09:14:07 +01:00
Azalea Gardenia ebbb7538fc fulfilled promise to star of yugoslaiva subdomain 2023-11-28 18:10:16 +01:00
Jill f428081a8c chore: weekly flake update 2023-11-24 08:51:45 +01:00
Jill 749bbcd236 dendrite & nextcloud stuff, jillo.oat.zone 2023-11-24 08:48:12 +01:00
Jill c2837a6ac0 disable jmusicbot update alerts 2023-11-17 08:46:30 +01:00
Jill bee47b8402 chore: weekly flake update 2023-11-17 08:39:19 +01:00
Jill 0107a38b56 starbound port 2 2023-11-03 08:02:15 +01:00
Jill 4bf1b580ce chore: weekly flake update 2023-11-03 08:02:00 +01:00
Jill a8cfb4188c fully nuke ghost & isso 2023-10-24 12:28:57 +02:00
Jill 50dd0ef901 i don't think the tilde dir thing is happening 2023-10-24 12:27:08 +02:00
Jill 7c36864787 ghost package is no more 2023-10-23 09:50:21 +02:00
Jill e3211a77f5 lucent-firepit: femboy.industries subdomains 2023-10-23 09:40:28 +02:00
Jill 5785936437 I AM NOT OATMEALINE, IT SAID ITS OK IF I IMPERSONATE THEM also i updated the webapps 2023-10-14 14:52:42 +02:00
Jill fb9b61a7e1 chore: weekly flake update 2023-10-12 21:31:36 +02:00
Jill a9e3f4eb83 + oatmealine@boykisser 2023-10-02 07:41:16 +02:00
Jill 7705d4db8b chore: weekly flake update 2023-09-29 07:54:23 +02:00
Jill 5a8966ee20 chore: weekly??? flake update 2023-09-23 12:07:03 +02:00
Jill ba741af134 dendrite stuff 2023-09-23 12:02:09 +02:00
Jill 5f047aeca6 chore: weekly flake update, but once again delayed 2023-08-25 20:40:47 +02:00
Jill 11c7016bcf chore: weekly flake update, but slightly delayed, whoops 2023-08-20 03:09:52 +02:00
Jill cc0cf5d6b3 update cohost-blogger 2023-08-20 03:05:55 +02:00
Jill 6dbe0e7df6 chore: weekly flake update 2023-08-10 20:08:35 +02:00
Jill 09502ea7a3 chore: weekly flake update 2023-08-04 15:32:02 +02:00
Jill 5186976ead chore: weekly flake update 2023-07-28 06:27:06 +02:00
Jill 588c8fe993 chore: weekly flake update 2023-07-21 03:42:30 +02:00
Jill cf64285cc1 chore: weekly flake update 2023-07-13 18:26:31 +02:00
Jill 176370a814 chore: weekly flake update 2023-07-06 22:36:10 +02:00
Jill 972e627b5d ipv6 attempt 2023-07-06 21:43:00 +02:00
Jill 358992dd25 chore: weekly flake update 2023-06-29 18:04:03 +02:00
Jill 16bd68fdd0 add gh actions token to remote 2023-06-29 18:00:49 +02:00
Jill 56f3fb72c2 + femboy.industries 2023-06-28 17:36:20 +02:00
Jill a79fc22f57 get rid of tac.yugoslavia.best 2023-06-22 11:25:00 +02:00
Jill 90c8a0c450 no more winter 2023-06-22 11:24:13 +02:00
Jill f741de6ceb chore: weekly flake update 2023-06-22 11:23:18 +02:00
Jill b99c047395 swap jmusicbot to gmusicbot 2023-06-22 11:15:08 +02:00
Jill 623d4040a5 forgejo actions!!!!!!!! 2023-06-08 22:50:58 +02:00
Jill a1f413b045 chore: weekly flake update 2023-06-08 21:38:38 +02:00
Jill b9eb3ed895 Merge pull request 'NixOS 23.05' (#2) from nixos-23 into main 
Reviewed-on: dark-firepit/dotfiles#2
 2023-06-08 20:50:59 +02:00
Jill c0c4b77fbd attempt nitter fix 2023-06-08 20:49:08 +02:00
Jill 68b87977b7 fix nodejs-16_x deprecation error; disable code-server (dev.dark-firepit.cloud); reorganize vscode-server 2023-06-08 20:47:25 +02:00
Jill 9d93277716 mess with nitter (and fail) 2023-06-08 20:13:08 +02:00
Jill 47620001a7 migrate to nixos 23.05 2023-06-01 23:36:20 +02:00
Jill dc5b534a36 update readme 2023-05-18 06:13:53 +02:00
Jill b8bb13f19a attempt to update nitter via overlay (Epic fail!) 2023-05-18 06:11:58 +02:00
Jill 1cb35a78d2 attempt to get agenix to work 
only missing the access step!
 2023-05-18 06:11:39 +02:00
Jill 2941b52caf lucent-firepit: update authorizedKeys 2023-05-18 06:10:49 +02:00
Jill 898712f412 cohost-blogger: update upstream 2023-05-18 06:10:21 +02:00
Jill 4f97f5d72f some minor refactors 2023-05-01 23:19:11 +02:00
Jill 26552bfb01 cohost-blogger 2023-04-30 21:42:43 +02:00
Jill c53e17b49f dark-firepit removed. no more crisises 2023-04-24 23:43:34 +02:00
Jill dc894caebc complete move to lucent-firepit! 2023-04-24 23:41:20 +02:00
Jill a8f93d7555 lucent-firepit shenanigans!! 2023-04-21 15:40:53 +02:00
Jill 9b70987cfb don't know what changed, lucent-firepit move commit 2023-04-21 14:52:00 +02:00
Jill 2bcd402b2e forgejo package config 2023-03-20 19:59:28 +01:00
Jill 8bc4dd93cd forgejo switch part 2 2023-03-20 19:56:58 +01:00
Jill a228ee2725 forgejo modifs 2023-03-20 11:07:10 +01:00
Jill 290187e31b switch from gitea to forgejo 2023-03-20 10:13:11 +01:00
Jill ced4a4a545 clean up unused modules 2023-03-20 10:04:09 +01:00
Jill 1fe3e70b17 jmusicbot; bump nixpkgs 2023-03-20 09:55:09 +01:00
Jill 8f7b533c01 some changes?? idfk 2023-03-19 16:30:26 +01:00
Jill a5450f1aaa new authorized key 2023-03-19 16:29:34 +01:00
Jill 9e2c43c489 srb2k bump to 1.4 2023-03-19 16:29:12 +01:00
Jill e062c5be7e dark-firepit: - gbj mc 2023-03-06 01:24:32 +01:00
Jill 69cbfa332d ssh: fix deprecated warning 2023-02-25 13:50:15 +01:00
Jill 98916f89cb update flake 2023-02-25 13:49:52 +01:00
Jill 37babae518 minecraft: + wafflecraft (testing atm) 2023-02-25 13:49:33 +01:00
Jill af1b3a8976 mayf.pink: add http support 2023-02-24 12:15:06 +01:00
Jill a10c59cccb openssh: fix deprecation warn 2023-02-11 06:45:06 +01:00
Jill a400f0bb8d mayf.pink: change dir 2023-02-11 06:43:14 +01:00
Jill 5b78c5bf84 update flake 2023-02-11 06:42:59 +01:00
57 changed files with 2240 additions and 963 deletions
Show Stats Expand all files Collapse all files

16
README.md
View File

@ -1,23 +1,23 @@
# Frosted Flakes
Nix Flake dotfiles shared across a [few hosts](./hosts/). Most development here will go into the [`dark-firepit`](https://dark-firepit.cloud/) host, however.
Nix Flake dotfiles shared across a [few hosts](./hosts/). Most development here will go into the [`lucent-firepit`](https://dark-firepit.cloud/) host, however.
## Development
_Commands here will use `dark-firepit`-based paths and names as an example_
_Commands here will use `lucent-firepit`-based paths and names as an example_
- To build the system (doesn't apply changes):
```sh
nixos-rebuild build --upgrade --impure --flake /etc/dotfiles#dark-firepit
nixos-rebuild build --upgrade --impure --flake /etc/dotfiles#lucent-firepit
```
- To build & switch to a new system (applies changes):
```sh
doas nixos-rebuild switch --impure --upgrade --flake /etc/dotfiles#dark-firepit
doas nixos-rebuild switch --impure --upgrade --flake /etc/dotfiles#lucent-firepit
```
### `dark-firepit`
### `lucent-firepit`
Things here mostly only apply to the [`dark-firepit`](https://dark-firepit.cloud/) host.
Things here mostly only apply to the [`lucent-firepit`](https://dark-firepit.cloud/) host.
#### Adding modules
@ -26,7 +26,7 @@ Generally when adding modules (even those pulled from `nixpkgs`) you'd want to:
1. Create a new module under `modules/services/`; `gitea.nix` and `nitter.nix` are pretty okay examples of what to do
2. **`git add .`** or else Nix will act clueless about everything you've just done
3. Set it to enabled, set port, domain, etc. in `hosts/.../default.nix` or wherever else is more appropriate
- For webapps, follow what's done in `hosts/dark-firepit/webapps/default.nix`; if you're doing something bigger, it may be worth abstracting into a seperate file
- For webapps, follow what's done in `hosts/lucent-firepit/webapps/default.nix`; if you're doing something bigger, it may be worth abstracting into a seperate file
4. Rebuild/switch to the new system (as described [above](#development))
#### `yugoslavia-best.nix`
@ -43,4 +43,4 @@ This can be done directly on the server (as long as you have the `dotfiles` grou
If you encounter permission funnies, don't hesitate to `doas` your way into `chmod`dding/`chown`ing files as necessary; directories should be `775` and files should be `664`, however we've yet to figure out how to consistently enforce this across the directory.
Be sure to commit regularly to prevent [tons of](https://git.oat.zone/dark-firepit/dotfiles/commit/021fab40f7f815708d4cf918ec0ac0bd16c0bc8f) [densely packed](https://git.oat.zone/dark-firepit/dotfiles/commit/07f9ac6a9ee53f6689a5f8ee87b94b96a409c375) [undocumented commits](https://git.oat.zone/dark-firepit/dotfiles/commit/9da0a143ae392ec7f8abc731e8c245f29b55e685) building up after noone bothers to commit anything.
Be sure to commit regularly to prevent [tons of](https://git.oat.zone/dark-firepit/dotfiles/commit/021fab40f7f815708d4cf918ec0ac0bd16c0bc8f) [densely packed](https://git.oat.zone/dark-firepit/dotfiles/commit/07f9ac6a9ee53f6689a5f8ee87b94b96a409c375) [undocumented commits](https://git.oat.zone/dark-firepit/dotfiles/commit/9da0a143ae392ec7f8abc731e8c245f29b55e685) building up after noone bothers to commit anything.

4
config/gitea/app.toml → config/forgejo/app.toml Executable file → Normal file
View File

@ -7,8 +7,8 @@ PASSWORD_CHECK_PWN = true
DEFAULT_BRANCH = "main"
[ui]
DEFAULT_THEME = "arc-pink"
THEMES="auto,gitea,arc-green,arc-pink,arc-pink-modern,darkred,gitea-blue,gitea-modern,github"
DEFAULT_THEME = "forgejo-auto"
THEMES="forgejo-auto,forgejo-light,forgejo-dark"
CUSTOM_EMOJIS = "blurry_eyes,horny,acab,tastymilk,gluttony,soul_of_fright,soul_of_night,soul_of_blight,bottom,spongesad,Tainted_John_F_Kennedy,John_F_Kennedy_Tainted,John_F_Kennedy,plumspin,despair,ihaveyourip,peeeh,penis,twister,speed,deadchat,housj,dothejej,b_,trollgecommence,nervous,coffee,dilf,closer,slugclose,pls,x3,observer,zamiel_approves,i_see_pizza,cutely_blushes,babytime,sleeby,zonkerdoodle,whenyoubigshit,the_cowboy,stupib,soul_of_might,scripulous_fingore_point,scripulous_fingore,rusty50,pickle,orang,oralpleasure,ohgod,michael,i_see_chicory,he,hapykity,handsr,handsl,slugloafspin,gamer_boi,feddynite,cock,feddy_glamcock,face,entropy,elonmusk,eeeeeeeeee,child,ancapistanian,aiki,gloopy,lamb,YOU,slightYOU,citat,ionn,eede,ed,blank,michael,BABAXD,BABA,EyesPepe,spamdance,pickledance,BABA_IS_OO,wieldr,wieldl,cinnamon,jillo,she,hydrogenperoxide,ObedientCitizen,misinformation,maenod,Snowsgiving22_AnimatedEmojis_mal"
[mailer]

690
flake.lock
View File

@ -2,16 +2,17 @@
"nodes": {
"agenix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"systems": "systems"
},
"locked": {
"lastModified": 1673301561,
"narHash": "sha256-gRUWHbBAtMuPDJQXotoI8u6+3DGBIUZHkyQWpIv7WpM=",
"lastModified": 1707830867,
"narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
"owner": "ryantm",
"repo": "agenix",
"rev": "42d371d861a227149dc9a7e03350c9ab8b8ddd68",
"rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
"type": "github"
},
"original": {
@ -20,19 +21,59 @@
"type": "github"
}
},
"cohost-blogger": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1692493363,
"narHash": "sha256-Y/nefO52W64AtXdEGFVMMBwXw+3m1SswOaO7Dq8b5UA=",
"ref": "refs/heads/main",
"rev": "5fd335bbf5026e81e9dd3b4dacc13e93eb980112",
"revCount": 21,
"type": "git",
"url": "https://git.oat.zone/oat/cohost-blogger"
},
"original": {
"type": "git",
"url": "https://git.oat.zone/oat/cohost-blogger"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"emacs-overlay": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1674359560,
"narHash": "sha256-gobqd75ujP/zFH6kSZNB3bA3YS4NMXWpZgMo1RAFEdk=",
"lastModified": 1708679224,
"narHash": "sha256-V66NAQSTakocPST2GYv4SKK+ALBg3sgCNq0jIOpNkpc=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "184ae9c371a6251564e0b07391f7e9aaf310f002",
"rev": "841abef01afbd293aa80130bcbd811e4102d5770",
"type": "github"
},
"original": {
@ -41,13 +82,32 @@
"type": "github"
}
},
"flake-utils": {
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
@ -57,12 +117,15 @@
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1631561581,
"narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
"lastModified": 1705309234,
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19",
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"type": "github"
},
"original": {
@ -72,12 +135,15 @@
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_5"
},
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
@ -87,12 +153,15 @@
}
},
"flake-utils_4": {
"inputs": {
"systems": "systems_6"
},
"locked": {
"lastModified": 1656928814,
"narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=",
"lastModified": 1705309234,
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249",
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"type": "github"
},
"original": {
@ -102,12 +171,15 @@
}
},
"flake-utils_5": {
"inputs": {
"systems": "systems_7"
},
"locked": {
"lastModified": 1656928814,
"narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=",
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
@ -119,20 +191,39 @@
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1667907331,
"narHash": "sha256-bHkAwkYlBjkupPUFcQjimNS8gxWSWjOTevEuwdnp5m0=",
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "6639e3a837fc5deb6f99554072789724997bc8e5",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-22.05",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1706981411,
"narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "652fda4ca6dafeb090943422c34ae9145787af37",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.11",
"repo": "home-manager",
"type": "github"
}
@ -140,18 +231,18 @@
"hyprland": {
"inputs": {
"hyprland-protocols": "hyprland-protocols",
"nixpkgs": [
"nixpkgs"
],
"hyprlang": "hyprlang",
"nixpkgs": "nixpkgs_5",
"systems": "systems_4",
"wlroots": "wlroots",
"xdph": "xdph"
},
"locked": {
"lastModified": 1674296335,
"narHash": "sha256-jUvjOqKGuEk1XfZNPXU3hcPtIJKkSNzwUm5yN1EFYZA=",
"lastModified": 1708650152,
"narHash": "sha256-OZUS5FED7KKAPpNaJYQr4BPGXQzGrDFgkKVg9U2aZh8=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "fcbfd193930dd146b141531a9cf5301d55f26907",
"rev": "8c3613632a6ccebf9fb797ec756ecfce99514eec",
"type": "github"
},
"original": {
@ -165,14 +256,18 @@
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1671839510,
"narHash": "sha256-+PY1qqJfmZzzROgcIY4I7AkCwpnC+qBIYk2eFoA9RWc=",
"lastModified": 1691753796,
"narHash": "sha256-zOEwiWoXk3j3+EoF3ySUJmberFewWlagvewDRuWYAso=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "b8f55e02a328c47ed373133c52483bbfa20a1b75",
"rev": "0c2ce70625cb30aef199cb388f99e19a61a6ce03",
"type": "github"
},
"original": {
@ -181,18 +276,78 @@
"type": "github"
}
},
"hyprpaper": {
"hyprlang": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
]
},
"locked": {
"lastModified": 1673799209,
"narHash": "sha256-GMRM1IyIuDEzjEw5E4zWI/TCg3zWs65v86NuR+BAtW0=",
"lastModified": 1708005943,
"narHash": "sha256-9TT3xk++LI5/SPYgjYX34xZ4ebR93c1uerIq+SE/ues=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "aeb3e012adc7b3235335c540b214b82267c2b983",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprlang",
"type": "github"
}
},
"hyprlang_2": {
"inputs": {
"nixpkgs": [
"hyprland",
"xdph",
"nixpkgs"
]
},
"locked": {
"lastModified": 1704287638,
"narHash": "sha256-TuRXJGwtK440AXQNl5eiqmQqY4LZ/9+z/R7xC0ie3iA=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "6624f2bb66d4d27975766e81f77174adbe58ec97",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprlang",
"type": "github"
}
},
"hyprlang_3": {
"inputs": {
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1704230242,
"narHash": "sha256-S8DM+frECqmAdaUb3y5n3RjY73ajZcL5rnmx5YO+CkY=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "db5e1399b90d5a339330bdd49c5bca6fe58d6f60",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprlang",
"type": "github"
}
},
"hyprpaper": {
"inputs": {
"hyprlang": "hyprlang_3",
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1708532919,
"narHash": "sha256-G4PX7NlRLIlBYTDisbWx/Sif01SLSVzLThGU6v6Wrgg=",
"owner": "hyprwm",
"repo": "hyprpaper",
"rev": "f77a664e9d168fb7b332ede9db4a3e35a46dd6c5",
"rev": "897cf0ae26c7c54ce15c4946efe63970be75dadb",
"type": "github"
},
"original": {
@ -203,16 +358,14 @@
},
"hyprpicker": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
"nixpkgs": "nixpkgs_8"
},
"locked": {
"lastModified": 1673270158,
"narHash": "sha256-22VKnL4PT3CSy0IErOkL1U85jq8sXmI7VPhcPtRYSko=",
"lastModified": 1703987863,
"narHash": "sha256-MHhAk74uk0qHVwSkLCcXLXMe4478M2oZEFPXwjSoo2E=",
"owner": "hyprwm",
"repo": "hyprpicker",
"rev": "fe4535a27389624445b96450a7c338136c619c95",
"rev": "2ef703474fb96e97e03e66e8820f213359f29382",
"type": "github"
},
"original": {
@ -221,59 +374,18 @@
"type": "github"
}
},
"jillo": {
"inputs": {
"mkNodePackage": "mkNodePackage",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1674248483,
"narHash": "sha256-2kjUS6LPN7bmxKsUrUwLwuzpF4IxxBweiO+8G1PKGKc=",
"ref": "refs/heads/main",
"rev": "a97f774ce46dcef5dd36b1f3fbf2711ceba24d6b",
"revCount": 29,
"type": "git",
"url": "file:///home/oatmealine/jillo"
},
"original": {
"type": "git",
"url": "file:///home/oatmealine/jillo"
}
},
"mkNodePackage": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs",
"npmlock2nix": "npmlock2nix",
"pnpm2nix": "pnpm2nix"
},
"locked": {
"lastModified": 1633790997,
"narHash": "sha256-1mk4EwNkWtTNpeRivZmJTzB+92g07maeFRVUMnnRh1U=",
"owner": "winston0410",
"repo": "mkNodePackage",
"rev": "a7eca5e027c8b260dca4ece7d8dd187f92420611",
"type": "github"
},
"original": {
"owner": "winston0410",
"repo": "mkNodePackage",
"type": "github"
}
},
"nix-minecraft": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs"
]
"nixpkgs": "nixpkgs_9"
},
"locked": {
"lastModified": 1674352074,
"narHash": "sha256-IQxf+CCjuETu6psq6F9gxPBISf2RLwGL0MmlCgY1aX0=",
"lastModified": 1708650820,
"narHash": "sha256-O6nq8oHT4iPrWuBoKH0/9B7QC91N/zPnns8QYxPJniY=",
"owner": "Infinidoge",
"repo": "nix-minecraft",
"rev": "acfd27fd83e9c3d56e649b98aef17974f29e7830",
"rev": "fe3753b7025fd7f3a302be698a0896e70ea24450",
"type": "github"
},
"original": {
@ -284,11 +396,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1673803274,
"narHash": "sha256-zaJDlHFXewT4KUsidMpRcPE+REymGH1Y3Eoc3Pjv4Xs=",
"lastModified": 1708594753,
"narHash": "sha256-c/gH7iXS/IYH9NrFOT+aJqTq+iEBkvAkpWuUHGU3+f0=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "7bd6b87b3712e68007823e8dd5c37ee9b114fee3",
"rev": "3f7d0bca003eac1a1a7f4659bbab9c8f8c2a0958",
"type": "github"
},
"original": {
@ -299,27 +411,43 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1633351077,
"narHash": "sha256-z38JG4Bb0GtM1aF1pANVdp1dniMP23Yb3HnRoJRy2uU=",
"owner": "nixos",
"lastModified": 1703013332,
"narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "14aef06d9b3ad1d07626bdbb16083b83f92dc6c1",
"rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
"type": "github"
},
"original": {
"owner": "nixos",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1708566995,
"narHash": "sha256-e/THimsoxxMAHSbwMKov5f5Yg+utTj6XVGEo24Lhx+0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3cb4ae6689d2aa3f363516234572613b31212b78",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1674211260,
"narHash": "sha256-xU6Rv9sgnwaWK7tgCPadV6HhI2Y/fl4lKxJoG2+m9qs=",
"lastModified": 1708475490,
"narHash": "sha256-g1v0TsWBQPX97ziznfJdWhgMyMGtoBFs102xSYO4syU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5ed481943351e9fd354aeb557679624224de38d5",
"rev": "0e74ca98a74bc7270d28838369593635a5db3260",
"type": "github"
},
"original": {
@ -328,202 +456,355 @@
"type": "indirect"
}
},
"nixpkgs_2": {
"nixpkgs_10": {
"locked": {
"lastModified": 1659153955,
"narHash": "sha256-BAdA1WBHi/TBSaeyDjsVIqe62r0w/5ZvsaglXivOLLM=",
"owner": "nixos",
"lastModified": 1708566995,
"narHash": "sha256-e/THimsoxxMAHSbwMKov5f5Yg+utTj6XVGEo24Lhx+0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1e5d0fbd82f0f1370c70026d255deda2d9c8a585",
"rev": "3cb4ae6689d2aa3f363516234572613b31212b78",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.05",
"id": "nixpkgs",
"ref": "nixos-23.11",
"type": "indirect"
}
},
"nixpkgs_11": {
"locked": {
"lastModified": 1706826059,
"narHash": "sha256-N69Oab+cbt3flLvYv8fYnEHlBsWwdKciNZHUbynVEOA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "25e3d4c0d3591c99929b1ec07883177f6ea70c9d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_12": {
"locked": {
"lastModified": 1682134069,
"narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fd901ef4bf93499374c5af385b2943f5801c0833",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1685533922,
"narHash": "sha256-y4FCQpYafMQ42l1V+NUrMel9RtFtZo59PzdzflKR/lo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3a70dd92993182f8e514700ccf5b1ae9fc8a3b8d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1674211260,
"narHash": "sha256-xU6Rv9sgnwaWK7tgCPadV6HhI2Y/fl4lKxJoG2+m9qs=",
"lastModified": 1708475490,
"narHash": "sha256-g1v0TsWBQPX97ziznfJdWhgMyMGtoBFs102xSYO4syU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5ed481943351e9fd354aeb557679624224de38d5",
"rev": "0e74ca98a74bc7270d28838369593635a5db3260",
"type": "github"
},
"original": {
"id": "nixpkgs",
"owner": "NixOS",
"ref": "nixos-unstable",
"type": "indirect"
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1655361562,
"narHash": "sha256-chPaIIhmdL6jdZWpf/K6yQCsuBNOYuMqbJsNpLfrdTE=",
"lastModified": 1705331948,
"narHash": "sha256-qjQXfvrAT1/RKDFAMdl8Hw3m4tLVvMCc8fMqzJv0pP4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0b59d075675dc28bf9ebab466033280096c8d4fe",
"rev": "b8dd8be3c790215716e7c12b247f45ca525867e2",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1659219666,
"narHash": "sha256-pzYr5fokQPHv7CmUXioOhhzDy/XyWOIXP4LZvv/T7Mk=",
"lastModified": 1707546158,
"narHash": "sha256-nYYJTpzfPMDxI8mzhQsYjIUX+grorqjKEU9Np6Xwy/0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7b9be38c7250b22d829ab6effdee90d5e40c6e5c",
"rev": "d934204a0f8d9198e1e4515dd6fec76a139c87f0",
"type": "github"
},
"original": {
"id": "nixpkgs",
"owner": "NixOS",
"ref": "nixos-unstable",
"type": "indirect"
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1659102345,
"narHash": "sha256-Vbzlz254EMZvn28BhpN8JOi5EuKqnHZ3ujFYgFcSGvk=",
"owner": "NixOS",
"lastModified": 1702645756,
"narHash": "sha256-qKI6OR3TYJYQB3Q8mAZ+DG4o/BR9ptcv9UnRV2hzljc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "11b60e4f80d87794a2a4a8a256391b37c59a1ea7",
"rev": "40c3c94c241286dd2243ea34d3aef8a488f9e4d0",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"npmlock2nix": {
"flake": false,
"nixpkgs_7": {
"locked": {
"lastModified": 1633729941,
"narHash": "sha256-v2YPcEWI1Wz8ErivorubgLcDT06H6YzFT7uhp1ymqnE=",
"owner": "winston0410",
"repo": "npmlock2nix",
"rev": "6ade47a330b6919defb45c0eb984a64234aa8468",
"lastModified": 1703637592,
"narHash": "sha256-8MXjxU0RfFfzl57Zy3OfXCITS0qWDNLzlBAdwxGZwfY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "cfc3698c31b1fb9cdcf10f36c9643460264d0ca8",
"type": "github"
},
"original": {
"owner": "winston0410",
"ref": "issue113",
"repo": "npmlock2nix",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"pnpm2nix": {
"flake": false,
"nixpkgs_8": {
"locked": {
"lastModified": 1594396611,
"narHash": "sha256-UXOUQ+2A89/zaxYhTHiRrRBU5exbUWrg+FoJYMcNwuI=",
"owner": "nix-community",
"repo": "pnpm2nix",
"rev": "f67be0925a91b92f54d99dbdead7a06920b979ac",
"lastModified": 1683014792,
"narHash": "sha256-6Va9iVtmmsw4raBc3QKvQT2KT/NGRWlvUlJj46zN8B8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1a411f23ba299db155a5b45d5e145b85a7aafc42",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "master",
"repo": "pnpm2nix",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1698318101,
"narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "63678e9f3d3afecfeafa0acead6239cdb447574c",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nlw-api": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_11"
},
"locked": {
"lastModified": 1708639350,
"narHash": "sha256-g7LL658p4deIme0fPq+WceTNGigXcN6uPNrVraZN3RY=",
"ref": "refs/heads/main",
"rev": "704581d013b9d16fda5dc8e30d448b358c4e127d",
"revCount": 23,
"type": "git",
"url": "https://git.oat.zone/oat/nlw-api"
},
"original": {
"type": "git",
"url": "https://git.oat.zone/oat/nlw-api"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"cohost-blogger": "cohost-blogger",
"emacs-overlay": "emacs-overlay",
"home-manager": "home-manager",
"home-manager": "home-manager_2",
"hyprland": "hyprland",
"hyprpaper": "hyprpaper",
"hyprpicker": "hyprpicker",
"jillo": "jillo",
"nix-minecraft": "nix-minecraft",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs_10",
"nixpkgs-unstable": "nixpkgs-unstable",
"vscode-server": "vscode-server",
"watch-party": "watch-party"
"nlw-api": "nlw-api",
"vscode-server": "vscode-server"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_6"
},
"systems": {
"locked": {
"lastModified": 1659179790,
"narHash": "sha256-HhCjnO20QbJFJExExiwAslpx0YpB0qpovKejE+HpSQ4=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "cc3c93a28de41ac38b93cdf075a6776c6e42d2a1",
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_6": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_7": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"vscode-server": {
"inputs": {
"nixpkgs": "nixpkgs_4"
"flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_12"
},
"locked": {
"lastModified": 1662442857,
"narHash": "sha256-e2ex4mO4q6UBoJvPSRdYBX1vIvpulqs6SNxvdSsL6uE=",
"owner": "msteen",
"lastModified": 1684517665,
"narHash": "sha256-SaAr66uCQ8CF75jIr23FZjk1+9Kfwm5sQnwV25206Gs=",
"owner": "nix-community",
"repo": "nixos-vscode-server",
"rev": "c54b714db58ad05d064f394d6603751ee6bd04f6",
"rev": "1e1358493df6529d4c7bc4cc3066f76fd16d4ae6",
"type": "github"
},
"original": {
"owner": "msteen",
"owner": "nix-community",
"repo": "nixos-vscode-server",
"type": "github"
}
},
"watch-party": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_5",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1657657296,
"narHash": "sha256-eJnE1a3EiVM2EFhJ7nQvkTyEZ6/fOWYsnb6GYOSfizg=",
"type": "git",
"url": "file:///home/oatmealine/watch-party"
},
"original": {
"type": "git",
"url": "file:///home/oatmealine/watch-party"
}
},
"wlroots": {
"flake": false,
"locked": {
"host": "gitlab.freedesktop.org",
"lastModified": 1672824257,
"narHash": "sha256-SbYoZj57VlopTzI+OSW9jlgYxN1gI1KLg/s/HV+87eE=",
"lastModified": 1708558866,
"narHash": "sha256-Mz6hCtommq7RQfcPnxLINigO4RYSNt23HeJHC6mVmWI=",
"owner": "wlroots",
"repo": "wlroots",
"rev": "5f264a7d6c8af27d41ff440c05262b022c055593",
"rev": "0cb091f1a2d345f37d2ee445f4ffd04f7f4ec9e5",
"type": "gitlab"
},
"original": {
"host": "gitlab.freedesktop.org",
"owner": "wlroots",
"repo": "wlroots",
"rev": "0cb091f1a2d345f37d2ee445f4ffd04f7f4ec9e5",
"type": "gitlab"
}
},
@ -533,17 +814,22 @@
"hyprland",
"hyprland-protocols"
],
"hyprlang": "hyprlang_2",
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1673116118,
"narHash": "sha256-eR0yDSkR2XYMesfdRWJs25kAdXET2mbNNHu5t+KUcKA=",
"lastModified": 1706521509,
"narHash": "sha256-AInZ50acOJ3wzUwGzNr1TmxGTMx+8j6oSTzz4E7Vbp8=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "d479c846531fd0e1d2357c9588b8310a2b859ef2",
"rev": "c06fd88b3da492b8f9067be021b9184f7012b5a8",
"type": "github"
},
"original": {

37
flake.nix
View File

@ -2,59 +2,61 @@
description = "Frosted Flakes";
inputs = {
# temporary gitea workaround
#nixpkgs.url = "nixpkgs/nixos-22.05";
nixpkgs.url = "nixpkgs/nixos-unstable";
nixpkgs.url = "nixpkgs/nixos-23.11";
# WARNING: Where possible, prefer the stable branch of nixpkgs as nixpkgs-unstable may have incompatable or vulnerable software.
nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
home-manager.url = "github:nix-community/home-manager/release-22.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager/release-23.11";
#home-manager.inputs.nixpkgs.follows = "nixpkgs";
# agenix - age-encrypted secrets
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
#inputs.nixpkgs.follows = "nixpkgs";
};
nixos-hardware = {
url = "github:nixos/nixos-hardware";
inputs.nixpkgs.follows = "nixpkgs";
#inputs.nixpkgs.follows = "nixpkgs";
};
nix-minecraft = {
url = "github:Infinidoge/nix-minecraft";
inputs.nixpkgs.follows = "nixpkgs";
#inputs.nixpkgs.follows = "nixpkgs";
};
jillo.url = "/home/oatmealine/jillo";
watch-party.url = "/home/oatmealine/watch-party";
cohost-blogger = {
url = "git+https://git.oat.zone/oat/cohost-blogger";
#inputs.nixpkgs.follows = "nixpkgs";
};
nlw-api.url = "git+https://git.oat.zone/oat/nlw-api";
emacs-overlay = {
url = "github:nix-community/emacs-overlay";
inputs.nixpkgs.follows = "nixpkgs";
#inputs.nixpkgs.follows = "nixpkgs";
};
hyprland = {
url = "github:hyprwm/Hyprland";
inputs.nixpkgs.follows = "nixpkgs";
#inputs.nixpkgs.follows = "nixpkgs";
};
hyprpaper = {
url = "github:hyprwm/hyprpaper";
inputs.nixpkgs.follows = "nixpkgs";
#inputs.nixpkgs.follows = "nixpkgs";
};
hyprpicker = {
url = "github:hyprwm/hyprpicker";
inputs.nixpkgs.follows = "nixpkgs";
#inputs.nixpkgs.follows = "nixpkgs";
};
vscode-server.url = "github:msteen/nixos-vscode-server";
vscode-server.url = "github:nix-community/nixos-vscode-server";
};
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, vscode-server, nix-minecraft, hyprland, hyprpaper, hyprpicker, ... }:
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, nix-minecraft, /* hyprland, hyprpaper, hyprpicker, */ ... }:
let
system = "x86_64-linux";
@ -76,8 +78,7 @@
};
overlays = mapModules ./overlays import;
nixosModules = (mapModulesRec ./modules import) ++ [
hyprland.nixosModules.default
vscode-server.nixosModule
#hyprland.nixosModules.default
];
nixosConfigurations = mapModules ./hosts (host: mkHost host { inherit system; });
devShell."${system}" = import ./shell.nix { inherit pkgs; };

113
hosts/dark-firepit/minecraft.nix
View File

@ -1,113 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
in {
config = {
modules.services.minecraft = {
enable = true;
servers = {
"dark-firepit" = {
enable = false;
#autoStart = false;
openFirewall = true;
serverProperties = {
server-port = 25565;
gamemode = 0;
motd = "dark-firepit, 1.19.2 Fabric";
white-list = true;
max-players = 8;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
level-type = "terra:overworld/overworld";
snooper-enabled = false;
spawn-protection = 0;
};
whitelist = {
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
RustyMyHabibi = "e20305fa-a44c-44c9-b62e-6918e7c779d6";
Dj_Afganistan = "1f879917-1ad4-49c3-9908-90769ee73f85";
DumbDogDoodles = "d33e5e3b-85ab-4c93-a61b-605e2673fbe8";
SuneFoxie = "82e82ef9-ea17-4794-9051-928b5b8629c1";
FuzziestRedMoth = "21e1adf8-93f7-4173-a087-b3a9c02edec5";
};
package = pkgs.minecraftServers.fabric-1_19_2;
jvmOpts = "-Xmx6G";
};
"n3ko-test" = {
enable = true;
autoStart = true;
openFirewall = true;
serverProperties = {
server-port = 25595;
gamemode = 1;
motd = "N3KO SMP Testing server";
white-list = true;
max-players = 8;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
#level-type = "terra:overworld/overworld";
snooper-enabled = false;
spawn-protection = 0;
};
whitelist = {
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
Cardboxneko = "3d406152-008c-4ec9-bf49-44c883baca6d";
};
package = pkgs.fabricServers.fabric-1_18_2;
jvmOpts = "-Xmx4G";
};
"gbj" = {
enable = true;
autoStart = true;
openFirewall = true;
serverProperties = {
server-port = 25585;
gamemode = 0;
motd = "gay baby jail";
max-players = 16;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
snooper-enabled = false;
spawn-protection = 0;
level-type = "terra:overworld/overworld";
white-list = true;
view-distance = 32;
};
whitelist = {
UnderSunandSky = "b788f46e-50a2-4af3-a668-15ae393c59d8";
PianoBoyBenini = "042d6cef-6194-46b4-9bfc-87b3c4cdf94a";
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
Starblazerz128 = "d45eb172-8360-42fd-a185-ab2197b71f9a";
Chevreau = "b594ba84-f10c-42ff-83a6-8046f90ad0b8";
Yarn01 = "40fee73f-d4b3-47c6-adf7-fe7c717a1f55";
"1C3doggo" = "48c3a077-9e3b-47a6-b17b-4ed0b1bc33b2";
CosmicCats = "32148b79-12a8-48f1-b158-3c97c45e39e5";
m3bo = "6e33434c-1ec0-4c69-9dad-b32b1197496e";
SomewhatSyl = "d8bac1ef-27d5-4c94-a9e7-e2d079edef22";
Nightmare_Tank = "92840daa-823e-4b8e-9741-be296147e823";
JDavisBro = "e8529c4b-701e-46c5-a8d7-0dfb0e0b642d";
Ironic_queen = "443fe20d-77e0-4a4a-8bb7-a4b9ad654550";
azurehaiku = "fd7aba33-4307-4eba-aa63-70bc3e38a2d7";
TryHardGamerTV = "8273b84d-a687-49fb-98de-a3e626e26c3b";
"_AtlasFox_" = "0ce1bbe0-ea57-463c-8df3-4c046dc6eff2";
};
package = pkgs.minecraftServers.fabric-1_19_2;
jvmOpts = "-Xmx4G";
};
};
};
systemd.services.minecraft-server-dark-firepit.serviceConfig = {
# packwiz workaround
# https://github.com/Infinidoge/nix-minecraft/issues/12#issuecomment-1235999072
# TODO: this doesn't work!!! it just goes "error code 1" and refuses to elaborate
#ExecStartPre = [
# ''cd "/srv/minecraft/dark-firepit"; nix-shell -p adoptopenjdk-hotspot-bin-16 --run "java -jar /srv/minecraft/dark-firepit/packwiz-installer-bootstrap.jar -g 'https://dark-firepit.oat.zone/Fire Pit 1.19.2/pack.toml'"''
#];
};
};
}

6
hosts/dark-firepit/secrets/secrets.nix
View File

@ -1,6 +0,0 @@
let
keys = import ../authorizedKeys.nix;
"subsurface.aether" = keys."aether@subsurface".ssh;
in
{}

57
hosts/dark-firepit/authorizedKeys.nix → hosts/lucent-firepit/authorizedKeys.nix
View File

@ -1,33 +1,52 @@
[
{
hostname = "aether@subsurface";
# Aether
{ hostname = "aether@subsurface";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFLDtlpOnQFQq9mPMhR1uQnjrTexcof+c+y+ot/7Jgnt aether@subsurface";
wg = "XEVSwNNPR7RTt/O0ihYmv3nopbPmqkCMGrVRCixnPWw=";
}
{
hostname = "oatmealine@void-defragmented";
{ hostname = "aether@Aethers-Mini.station";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINmy7rPZky0M8p5+d9smUnSTjG25CIsQPYibKsBxgvdw aether@Aethers-Mini.station";
}
{ hostname = "aether@phone";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP5LPWVgsFAH9XErXGZB+lzwb/+7EiEb6eatNWoJag5i JuiceSSH";
}
# oatmealine
{ hostname = "oatmealine@void-defragmented";
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDbJDo79TD9RV77MnArQwS94wzBo+6l6dYQnaNdPk2xo019+tc7GyuQ+GHyh4qewIUQOwe3Ddj4YxJN9IS3E360/6RdaNDxn3hUp2jh/x9SOjh0W86FJfdHEQViNeFVSXJv+QBZT9ibR9IbOHYezhD6gtz15pNhEqhQyqw2hJuQzxLvnictTc4lPQnWN9I8ga+OVSh7Uauu5OKbUOyRRj1Er/hasNviCaGBJnLDYjSqTDRvEbdYlfuhrYITJ+viZOQq7Nczs6dbsl627FCvhr5vQi+/vvpx9DKHDvpGvbEglOmOwgffSkaOIIx/pNHTsRccX7c3/im6z4pCDj4bEuiqqawv2C6DV0aM01bW8cchOJrmSQGTygTrJuuVPHp4IRIZNvQGS+97j4u+d7ofricLR1RoxJcQibvRA9rhhYI2FhwrAweuuLktjSj5RkQnypd9kjOuH+nhgLZunreNoyPNDCmcOBA7BA0rD2pCIKB9SzlelMjVuvy0PA8uWfNFfxGU+m3BH7lQS/A6V+NeYrMGiZ+u+t9Pgr6kAoR7mAUO+obIdMM/lOp1/zGBY8lk2Aq3GQcyGVNi18VR0uA+NMaJYXA1JzSiPCz7cQn1pKIAKiDEnzicf5MxDHIi5F1iQ/Lc+NftgmDXZEAHDY1bQepScOttaOZQZLpYP/eWwlEQJQ== oatmealine@beppy";
wg = "533BncNpHKzJVx5lwdxBg+aUfLGqea9uUYz70C6wxyg=";
}
{
hostname = "oatmealine@beppy-phone";
{ hostname = "oatmealine@beppy-phone";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJUgEsAQ7EL5/3STLAk/0qWJddYqfBY71yS9RtRSWd3w JuiceSSH";
wg = "qT7gX8beM/kW9AYg5dV1e3cLzLDTLxMO2CmnbFpMVj4=";
wg = "ubIo/l7llVx8HDIqcBPebPsneCBunZUM6cQS7SaXn2Y=";
}
{
hostname = "mayflower@BMW-M550d-xDrive"; # car 5
{ hostname = "oatmealine@dark-firepit";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKz3Zkhrht1EX32LIbkSvql1p15EXqxTy/4xQKlj0CUx oatmealine@disroot.org";
}
{ hostname = "oatmealine@boykisser";
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDhgwhNQuM+iozuHk4OH+s5xS7U93W6hVtkpgF6arKPsWM6CUIUCyOwpNnGGH/HpBlFwYf4jN+NapVZ3bL8YHLUDayNO6uTfLLNvtaGeE65U/S0xGXhTyE0+bn7KWBFUlbO8CdjuBGGym0JVa0SMH4ppFBNJVR4HCe9fC83fD0T7gDZc5koApgxZfCyCu3bE03ulhRc5P8cKnTZAG0pVqK0doOIO7ociCbh4HhjTC83xRbfI9tlf52Y3xo14odpQhfXsPNNqxP0FzkC3zAOyT7iyrpQk1bgSLx/GzWh0KkljjJYGdMiiY6cVBxVYxjgrG7vDh/h3xMwBEhue4L9jmD4K4Eb5RZTxMyK83eHcomqZYigZjFKJ75TKdL17HbKgFGmfs9P0VhZUDUMp5Xm1yTVJqm6cQEhot1mT0F8FRYDiEadjw6vFZqz5dPzh2FRXsectNf60AiPRqF5HbitntgYvsLKZWAViOojbBc9gdQutu2AyuivteTEVG6Uq/LwE70= oatmealine@boykisser";
wg = "MPZLxzy+rvDvgZiaCwWjb+5hhhvWC3PH6cWLDv1Ga0U=";
}
{ hostname = "oatmealine@seven-red-suns";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVBLBD/JrGFMvPNiiX/QFixSWXyGjDT6vDHVWg9cE5D oatmealine@seven-red-suns";
wg = "HQfsS+DUdgmDvliIv7yNnf4T9Q3YIN9ObSXhrNuQUi8=";
}
# mayflower
{ hostname = "mayflower@BMW-M550d-xDrive";
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCIeoFll8XBRwu6vbQHUj4LNbvRvLMTdqUP1su9hGxow8olGKIZf/nINkt+/B5w4UumLFnOOROIWVhSH/04oxGVCWdk29ibPo3yYJIAoQrqOXYWCrGpMDd0z2n/0CwyXRAqmQ4rubnUZtnlabYCLh0eWMu9ZRSsSrQ+MiaUHES/vv1MxlLWHoEGfhLzoq7SyIsK88Mirgu9lSeHd/+2JybkQ9kNEWTxnzUPKwOMT0zLGo7vNLmfPhJ1WilQoV4F8skDbbgFNRuLO13ZDn6W2jqZ+zjf3H9khzPivG+oaKfHLMDD/zCwHM3rm3JyJzX7GF9EV73AqbNkzzsf54vKhYRT";
}
{
hostname = "aether@phone";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP5LPWVgsFAH9XErXGZB+lzwb/+7EiEb6eatNWoJag5i JuiceSSH";
}
{
hostname = "lilith@bms-cab";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFb9uVy1x4XaO1uFOQBuERy6xw8cf7Dh24UT0jJs7g3z lilith@bms-cab";
}
{
hostname = "swag@BMW-M550d-xDrive"; # mayflower 2
{ hostname = "swag@BMW-M550d-xDrive";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC1fJn2ZY9fhBr4E1Gc91uRWS5r+EZ4OHy3RmuAjx7kr swag@BMW-M550d-xDrive";
}
# winter
{ hostname = "lilith@bms-cab";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFb9uVy1x4XaO1uFOQBuERy6xw8cf7Dh24UT0jJs7g3z lilith@bms-cab";
}
# marco
{ hostname = "marco@the-flesh-portal";
wg = "mttUSatpYdEOmHqnzo7HdhuvTkMpz1Np8kMtsIz6nTY=";
}
]

167
hosts/dark-firepit/default.nix → hosts/lucent-firepit/default.nix
View File

@ -4,20 +4,23 @@ let
keys = import ./authorizedKeys.nix;
fetchSSH = (host: lib._.getSSH host keys);
fetchSSHKeys = map fetchSSH;
agenixPkg = inputs.agenix.packages.${pkgs.system}.default;
in {
imports = [
./hardware-configuration.nix
./minecraft.nix
./minecraft
./srb2k.nix
./yugoslavia-best.nix
./webapps/default.nix
inputs.nix-minecraft.nixosModules.minecraft-servers
#inputs.watch-party.nixosModules.watch-party
(fetchTarball "https://github.com/msteen/nixos-vscode-server/tarball/master")
inputs.cohost-blogger.nixosModules.cohost-blogger
inputs.nlw-api.nixosModules.nlw-api
inputs.vscode-server.nixosModules.default
];
# services.auto-fix-vscode-server.enable = true;
# services.vscode-server.enable = true;
services.vscode-server.enable = true;
user = {
packages = with pkgs; [
@ -26,6 +29,8 @@ in {
];
};
services.logrotate.checkConfig = false;
users.groups.dotfiles = {};
users.groups.yugoslavia = {};
@ -33,19 +38,20 @@ in {
# aether??? is that... reference.../.??? aether https://www.curseforge.com/minecraft/mc-mods/aether mod Curseforge minecraft Forge Patreon Chat twitter code license Assets license All rights reserved categories Last Updated apr 17 2021 Game Version 1.12.2 aether
aether = {
conf = {
packages = with pkgs; [ bat duf broot nftables tmux bottom writefreely helix ];
packages = with pkgs; [ bat duf broot helix nil packwiz ];
shell = pkgs.unstable.fish;
extraGroups = [ "wheel" "nix-users" "dotfiles" ];
initialHashedPassword = "!";
openssh.authorizedKeys.keys = fetchSSHKeys [
"aether@subsurface"
"aether@phone"
"aether@Aethers-Mini.station"
];
};
homeConf.home = {
sessionVariables = {
EDITOR = "nvim";
EDITOR = "hx";
NIX_REMOTE = "daemon";
};
};
@ -54,24 +60,27 @@ in {
# oatmealine ?? is that a reference to jill oatmealine monoids from the beloved videogame franchise "oateamelin jill monoids???" .oat. zone??? from va11hall-a??? video game???? woman????? minecraft???????
oatmealine = {
conf = {
packages = with pkgs; [ bat tmux micro direnv nix-direnv ripgrep ];
packages = with pkgs; [ bat tmux micro direnv nix-direnv ripgrep agenixPkg ];
shell = pkgs.unstable.fish;
extraGroups = [ "wheel" "nix-users" "dotfiles" "yugoslavia" ];
initialHashedPassword = "!";
openssh.authorizedKeys.keys = fetchSSHKeys [
"oatmealine@void-defragmented"
"oatmealine@beppy-phone"
"oatmealine@boykisser"
"oatmealine@seven-red-suns"
];
};
homeConf.home = {
sessionVariables = {
#EDITOR = lib.trace (lib.readFile age.secrets.huge-furry-cock.path) "micro";
EDITOR = "micro";
NIX_REMOTE = "daemon";
};
};
};
# i yearn for the day this name ceases to mean
mayflower = {
conf = {
packages = with pkgs; [ micro tmux ];
@ -92,17 +101,17 @@ in {
};
};
winter = {
conf = {
packages = with pkgs; [ micro ];
shell = pkgs.unstable.fish;
extraGroups = [ "wheel" "nix-users" "dotfiles" ];
initialHashedPassword = "!";
openssh.authorizedKeys.keys = fetchSSHKeys [
"lilith@bms-cab"
];
};
};
#winter = {
# conf = {
# packages = with pkgs; [ micro ];
# shell = pkgs.unstable.fish;
# extraGroups = [ "wheel" "nix-users" "dotfiles" ];
# initialHashedPassword = "!";
# openssh.authorizedKeys.keys = fetchSSHKeys [
# "lilith@bms-cab"
# ];
# };
#};
};
keyboard = {
@ -110,8 +119,6 @@ in {
variant = "qwerty";
};
services.vscode-server.enable = true;
modules = {
shell.fish.enable = true;
security.isLocalMachine = false;
@ -124,8 +131,10 @@ in {
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRI9sGl0EmOkNNnh8SgRq197gkEy3XEwKZjLIr27V9PfaVOLIAcZiGcOa5q7rc5FjcCtkQ9+/twE24bZpxkK0ygrRJBEdT+HGAUmpY/kRPEn/tqjmwNu43vQqOhNSYmAAzdjJ4AuRPK5st8QQyOzKv5Pnghwy8xPAjOM3o4n9ULMLjVvAu0eTmCJMKxEvz5FUEIVZtEid/ng46k/bJ/njSh8vyGBQV4fJei6M9Ovw0HPqqzWyV/e0c3hTClG4dfLCK3Qv3hLhXQ+8I9iaL7D2wZdr3F2lbg0vS/QctPZc28f1gpkFEzVflEzAk4aFwJMMflY04IG1Dr44IfM1gJbpj rsa-key-20220423"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCL75/Pg5bP7LaXE6uPyyv8QDRivWJC6YcH6oJJztkjqL6g+0xPPiN6I54q/bNF4nHA2BHVUktKUU9bGDEOpYIRq7kegp2/K/+FNTM1Kz6rJSrSc8e0Ogxg8vhD6maxqLU8q+D1OMhBu0UiWUB+GxXmeYfBtXPjpcE+AaJ80BPs7vwiulHPGn7UAcRuP36Z+3JJiN2BQnU2aizXWsgyU575Uy3DVvAt7eHon+SoJiTCs2//5KexJ42U6ZiE6f/oTFdiud70lpxhGgiiFvj6M9RZ0aLoxspiskW45jKLXIMJ+mO6husg9GfvCchbps3YkmH0hZ24Ii1EiFhi5HZMY0Lt mayflower"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHrlqH2OShvXdzq1sV5IDuWQzeC9OHBVvwj0+Y0XXwi7 mayflower-thinkpad"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCBKMXTLBJ5iIPiO9jiN+AHWxpgG1kcdI0h23+G1FLMnK+xhkmaP9Vjr9QbqQ4mmRqfGERfJW5H2/OvTEUXnrkAp1Jc8oPrc14/auwKivtbMC5tsWzioDMbcAYKrcP37D3Kw1P7nzSyAz3QsRXBRx26OE5NeTo4YfGl/TOkQnoBCDTt8kcziWEvUVeOgnHf3hnszs2H4P6RAyOqjuOH6BWhtbKsCHThTHaAadLgeH5nB1WXLYqG2N1KEzAhj8WBBzPmeZcMMRr5xkqYVj14cd+9syEaenV+wXapoPyDtOb6YtOKArN9RkT0OOqQk17OzxvGqHUEXQ4eGmNgc8BLsGJn rsa-key-20230402"
#fetchSSH "oatmealine@void-defragmented"
#fetchSSH "oatmealine@beppy-phone"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAIphRdy+g7zfj+KxfONoD24lzk+/mGhQ0EnOe8QGf8 oatmealine@disroot.org" # gh actions
];
packages = with pkgs; [ tmux micro ];
shell = pkgs.unstable.fish;
@ -149,9 +158,9 @@ in {
interfaces."wg0" = import ./wireguardInterface.nix;
};
jillo = {
enable = false;
dataDir = "/var/lib/jillo";
dendrite = {
enable = true;
hostDomain = "dark-firepit.cloud";
};
terraria = {
@ -163,13 +172,74 @@ in {
autoCreatedWorldSize = "large";
dataDir = "/var/lib/terraria";
};
nextcloud = {
enable = false;
domain = "nextcloud.dark-firepit.cloud";
};
jmusicbot = let
baseOptions = {
owner = 276416332894044160;
game = "Listening to your heartbeat :heart";
status = "ONLINE";
songinstatus = true;
success = "<:observer:1004408859831586907>";
warning = "<:slugclose:1000202980403974144>";
error = "🚫!!!!! 🚫🚫🚫 >:((((";
loading = "<:handsl:966010145698086993><:handsr:966010145886830692>";
searching = "<:scripulous_fingore_point:1012777703323222087><:scripulous_fingore:1012777704455667754>";
npimages = true;
stayinchannel = true;
updatealerts = false;
aliases = {
nowplaying = [ "np" "current" ];
play = [ "p" ];
queue = [ "list" "q" ];
remove = [ "delete" "d" ];
skip = [ "s" ];
forceskip = [ "fs" ];
movetrack = [ "move" "m" ];
};
queuetype = "REGULAR";
};
in {
enable = true;
instances = {
"jomble" = {
enable = true;
package = pkgs._.gmusicbot;
options = baseOptions // {
token = lib.removeSuffix "\n" (builtins.readFile /etc/jomble_token);
prefix = ";";
};
};
"jillo" = {
enable = true;
package = pkgs._.gmusicbot;
options = baseOptions // {
token = lib.removeSuffix "\n" (builtins.readFile /etc/jillo_token);
prefix = ":";
};
};
};
};
};
};
programs.fish.enable = true;
security.doas = {
extraRules = [
{ users = [ "aether" ]; noPass = false; persist = true; keepEnv = true; }
{ users = [ "oatmealine" ]; noPass = true; persist = false; keepEnv = true; }
{ users = [ "remote" ]; noPass = true; persist = false; keepEnv = true; }
];
};
@ -184,38 +254,37 @@ in {
# https://nixos.org/manual/nixos/stable/options.html#opt-networking.enableB43Firmware
# temporarily disabled
enableIPv6 = false;
# enableIPv6 = true;
interfaces.eno1.ipv4.addresses = [
{ address = "51.89.98.8";
usePredictableInterfaceNames = false;
interfaces.eth0 = {
ipv4.addresses = [{
address = "46.4.96.113";
# prefixLength = 27;
prefixLength = 24;
}
];
}];
defaultGateway = "51.89.98.254";
/*
ipv6.addresses = [{
address = "2a01:4f8:140::1";
prefixLength = 64;
}];
*/
};
defaultGateway = "46.4.96.97";
/*
defaultGateway6 = {
address = "fe80::1";
interface = "eth0";
};
*/
nameservers = [ "8.8.8.8" "1.1.1.1" ];
#interfaces.eno1.ipv6.addresses = [
# { address = "2001:41d0:0700:3308::";
# prefixLength = 64;
# }
#
# { address = "2001:41d0:0700:33ff::";
# prefixLength = 64;
# }
#];
#defaultGateway6 = {
# address = "2001:41d0:0700:33ff:00ff:00ff:00ff:00ff";
# address = "33ff::1";
# address = "2001::1";
# interface = "eno1";
#};
firewall.allowPing = true;
# minecraft proximity voice chat
firewall.allowedTCPPorts = [ 24454 25567 4499 ];
firewall.allowedUDPPorts = [ 24454 25567 4499 ];
firewall.allowedTCPPorts = [ 24454 24464 25567 25577 4499 21025 21027 ];
firewall.allowedUDPPorts = [ 24454 24464 25567 25577 4499 21025 21027 ];
};
# environment.etc."dhcpcd.duid".text = "d0:50:99:d4:04:68:d0:50:99:d4:04:68";

33
hosts/dark-firepit/hardware-configuration.nix → hosts/lucent-firepit/hardware-configuration.nix
View File

@ -9,12 +9,12 @@
initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
initrd.kernelModules = [ ];
kernelPackages = pkgs.linuxPackages_hardened;
kernelModules = [ "kvm-intel" ];
kernelModules = [ "kvm-amd" ];
loader = {
systemd-boot = {
enable = true;
configurationLimit = 10;
};
# and them squiggles steady shifting in the wind
grub.enable = lib.mkForce false;
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
@ -29,7 +29,10 @@
# i don't know of a cleaner way to do this, and i
# don't want to deal with ghost any longer than i
# already have, so This Will Do
nix.settings.sandbox = false;
#
# edit: ghost is now dead! we're going back to true.
# rest in piss ghost, you will be forgotten
nix.settings.sandbox = true;
modules.hardware.fs = {
enable = true;
@ -39,21 +42,25 @@
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/819f03bb-73d2-4ae1-9fd2-01099e8efae6";
device = "/dev/disk/by-uuid/2fb43a32-d7c2-4ed1-97c6-4588d731a132";
fsType = "xfs";
options = [
"noatime"
"nodiratime"
"discard"
];
};
"/boot" = {
device = "/dev/disk/by-uuid/D018-F9AF";
device = "/dev/disk/by-uuid/7192-FE7C";
fsType = "vfat";
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/01ba93e4-71e3-404d-9549-351e22130185"; }
{ device = "/dev/disk/by-uuid/dee63218-1666-4035-8d63-b9e0e0b2cd28"; }
];
swapDevices = [ ];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

21
hosts/lucent-firepit/minecraft/dark-firepit.nix Normal file
View File

@ -0,0 +1,21 @@
"dark-firepit" = {
enable = false;
#autoStart = false;
openFirewall = true;
serverProperties = {
server-port = 25565;
gamemode = 0;
motd = "dark-firepit, 1.19.2 Fabric";
white-list = true;
max-players = 8;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
level-type = "terra:overworld/overworld";
snooper-enabled = false;
spawn-protection = 0;
};
whitelist = darkFirepitWhitelist;
package = pkgs.minecraftServers.fabric-1_19_2;
jvmOpts = "-Xmx6G";
};

144
hosts/lucent-firepit/minecraft/default.nix Normal file
View File

@ -0,0 +1,144 @@
{ config, lib, pkgs, ... }:
with lib;
let
# https://git.sleeping.town/unascribed/unsup/releases
unsup = pkgs.fetchurl {
url = "https://git.sleeping.town/unascribed/unsup/releases/download/v0.2.3/unsup-0.2.3.jar";
hash = "sha256-DBMxiZwfUUiLqXYOMD8EUz4HubAZIEjAPmk32T0NYtA=";
};
mkUnsupINI = { url, extraConfig ? "" }: pkgs.writeTextFile {
name = "unsup.ini";
text = ''
version=1
preset=minecraft
source_format=packwiz
source=${url}
force_env=server
no_gui=true
'' + extraConfig;
};
gayrats = {
whitelist = {
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
RustyMyHabibi = "e20305fa-a44c-44c9-b62e-6918e7c779d6";
Dj_Afganistan = "1f879917-1ad4-49c3-9908-90769ee73f85";
DumbDogDoodles = "d33e5e3b-85ab-4c93-a61b-605e2673fbe8";
SuneFoxie = "82e82ef9-ea17-4794-9051-928b5b8629c1";
FuzziestRedMoth = "21e1adf8-93f7-4173-a087-b3a9c02edec5";
hewoicvewse = "98e715cf-b1a4-4d50-9ed0-7d20fbdf240e";
numpad_7 = "44e6e6d7-770d-4afc-96b1-9999b61ced1d";
_Zydra = "0af7b31f-63a5-426d-8cee-6c54385856b6";
};
unsupINI = mkUnsupINI { url = "https://oat.zone/f/gayrats/pack.toml"; };
};
in {
config = {
modules.services.minecraft.enable = true;
modules.services.minecraft.servers = {
"gayrats" = import ./gayrats.nix {
inherit pkgs;
enable = false;
server-port = 25565;
inherit unsup;
inherit (gayrats) whitelist;
unsupINI = mkUnsupINI { url = "https://oat.zone/f/gayrats/pack.toml"; };
};
"gayrats-creative" = import ./gayrats-creative.nix {
inherit pkgs;
enable = false;
server-port = 25575;
inherit unsup;
inherit (gayrats) whitelist;
unsupINI = mkUnsupINI { url = "https://oat.zone/f/gayrats-creative/pack.toml"; };
};
"gay-capybaras" = import ./gay-capybaras.nix {
inherit pkgs;
enable = true;
server-port = 25505;
inherit unsup;
inherit (gayrats) whitelist;
unsupINI = mkUnsupINI { url = "https://aether.gay/f/gay-capybaras/pack.toml"; };
};
"n3ko-test" = import ./n3ko-test.nix {
inherit pkgs;
enable = false;
server-port = 25595;
};
"wafflecraft" = import ./wafflecraft.nix {
inherit pkgs;
inherit lib;
enable = false;
server-port = 25535;
inherit unsup;
unsupINI = mkUnsupINI {
url = "https://oat.zone/f/wafflecraft/pack.toml";
extraConfig = ''
[flavors]
shaders=no_shaders
minimap=no_minimap
barrel_roll=no_barrel_roll
'';
};
};
"modfest-build" = let
unsupINI = mkUnsupINI {
url = "https://raw.githack.com/ModFest/modfest-1-20/main/pack/pack.toml";
};
in {
enable = false;
package = pkgs.fabricServers."fabric-1_20_4".override { loaderVersion = "0.15.3"; };
jvmOpts = ((import ./mc-flags.nix) "4G") + " -javaagent:${unsup}";
openFirewall = true;
serverProperties = {
server-port = 25525;
gamemode = 1;
motd = "modfest build server !";
white-list = true;
max-players = 128;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
snooper-enabled = false;
spawn-protection = 0;
};
symlinks = {
"unsup.ini" = unsupINI;
};
};
};
systemd.services.minecraft-server-dark-firepit.serviceConfig = {
# packwiz workaround
# https://github.com/Infinidoge/nix-minecraft/issues/12#issuecomment-1235999072
# TODO: this doesn't work!!! it just goes "error code 1" and refuses to elaborate
#ExecStartPre = [
# ''cd "/srv/minecraft/dark-firepit"; nix-shell -p adoptopenjdk-hotspot-bin-16 --run "java -jar /srv/minecraft/dark-firepit/packwiz-installer-bootstrap.jar -g 'https://dark-firepit.oat.zone/Fire Pit 1.19.2/pack.toml'"''
#];
};
};
}

29
hosts/lucent-firepit/minecraft/gay-capybaras.nix Normal file
View File

@ -0,0 +1,29 @@
{ pkgs, enable ? false, server-port, whitelist, unsup, unsupINI, ... }:
{
inherit enable;
autoStart = true;
openFirewall = true;
inherit whitelist;
serverProperties = {
inherit server-port;
gamemode = 0;
motd = "dark-firepit, 1.20.1 Fabric";
white-list = true;
max-players = 8;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
snooper-enabled = false;
spawn-protection = 0;
};
symlinks = { "unsup.ini" = unsupINI; };
package = pkgs.fabricServers."fabric-1_20_1".override { loaderVersion = "0.15.6"; };
# package = pkgs.fabricServers."fabric-1_20_1";
jvmOpts = "-Xmx6G -javaagent:${unsup}";
}

27
hosts/lucent-firepit/minecraft/gayrats-creative.nix Normal file
View File

@ -0,0 +1,27 @@
{ pkgs, enable ? false, server-port, whitelist, unsup, unsupINI, ... }:
{
inherit enable;
autoStart = true;
openFirewall = true;
inherit whitelist;
serverProperties = {
inherit server-port;
gamemode = 1;
motd = "dark-firepit, 1.19.2 Fabric";
white-list = true;
max-players = 8;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
snooper-enabled = false;
spawn-protection = 0;
};
symlinks = { "unsup.ini" = unsupINI; };
package = pkgs.fabricServers."fabric-1_19_2".override { loaderVersion = "0.14.17"; };
jvmOpts = "-Xmx6G -javaagent:${unsup}";
}

28
hosts/lucent-firepit/minecraft/gayrats.nix Normal file
View File

@ -0,0 +1,28 @@
{ pkgs, enable ? false, server-port, whitelist, unsup, unsupINI, ... }:
{
inherit enable;
autoStart = true;
openFirewall = true;
inherit whitelist;
serverProperties = {
inherit server-port;
gamemode = 0;
motd = "dark-firepit, 1.19.2 Fabric";
white-list = true;
max-players = 8;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
snooper-enabled = false;
spawn-protection = 0;
};
symlinks = { "unsup.ini" = unsupINI; };
package = pkgs.fabricServers."fabric-1_19_2".override { loaderVersion = "0.14.17"; };
jvmOpts = "-Xmx6G -javaagent:${unsup}";
}

1
hosts/lucent-firepit/minecraft/mc-flags.nix Normal file
View File

@ -0,0 +1 @@
memory: "-Xms${memory} -Xmx${memory} -XX:+UseShenandoahGC"

27
hosts/lucent-firepit/minecraft/n3ko-test.nix Normal file
View File

@ -0,0 +1,27 @@
{ pkgs, enable ? false, server-port, ... }:
{
inherit enable;
autoStart = true;
openFirewall = true;
serverProperties = {
inherit server-port;
gamemode = 1;
motd = "N3KO SMP Testing server";
white-list = true;
max-players = 8;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
#level-type = "terra:overworld/overworld";
snooper-enabled = false;
spawn-protection = 0;
};
whitelist = {
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
Cardboxneko = "3d406152-008c-4ec9-bf49-44c883baca6d";
};
package = pkgs.fabricServers.fabric-1_18_2;
jvmOpts = "-Xmx4G";
}

45
hosts/lucent-firepit/minecraft/wafflecraft.nix Normal file
View File

@ -0,0 +1,45 @@
{ pkgs, lib, enable ? false, server-port, unsup, unsupINI, ... }:
{
inherit enable;
autoStart = true;
openFirewall = true;
serverProperties = {
inherit server-port;
gamemode = "survival";
motd = "wafflecraft Real";
max-players = 32;
allow-flight = true;
enable-command-block = false;
enforce-secure-profile = false;
snooper-enabled = false;
spawn-protection = 0;
white-list = true;
view-distance = 16;
};
whitelist = {
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
plightshift = "de87f3e6-d44f-40af-8bff-48828694b616";
mangoafterdawn = "840ad485-1060-4bcf-8730-c552e5c8d62a";
drazilspirits = "1d912f45-978b-4edc-b026-26bd5ed6ce31";
segaskullll = "e6d510e6-a1d3-4801-8a5e-52d2c75b2446";
Tetaes = "4b149260-d56e-4835-b3f6-2dce173a92a5";
sorae_ = "9639d272-4c20-459d-adea-4aa89ee3cdc1";
GelloISMello = "a2883a99-fe5d-454d-98b9-d65e4cec7e7e";
Triplejy2k = "dced0fad-3802-4544-aaad-64d8fd12b1e8";
RAKKIIsan = "0706e583-82e3-478c-8769-1131fb9aef5d";
CyberBlue = "151bea19-3d16-45eb-8ae3-3057cde8e8f4";
numpad_7 = "44e6e6d7-770d-4afc-96b1-9999b61ced1d";
CERiNG = "8dd710ce-fd30-45a5-9252-739d3c03df19";
electr1ca = "c18dcc3b-6c11-42e9-b7d8-4b458ea7017d";
bigboyty69 = "ed735421-c22b-467a-9eac-5c08437ea3e8";
};
symlinks = { "unsup.ini" = unsupINI; };
# this is UGLY as FUCK; but unfortunately https://github.com/Infinidoge/nix-minecraft/issues/15
package = pkgs.jdk17;
jvmOpts = "-Xmx6G -javaagent:${unsup} "
+ lib.replaceStrings ["\n"] [" "] (lib.readFile "/srv/minecraft/wafflecraft/libraries/net/minecraftforge/forge/1.18.2-40.2.1/unix_args.txt");
}

115
hosts/lucent-firepit/og/configuration.nix Normal file
View File

@ -0,0 +1,115 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# boot.loader.grub.efiSupport = true;
# boot.loader.grub.efiInstallAsRemovable = true;
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Define on which hard drive you want to install Grub.
# boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
# networking.hostName = "nixos"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Configure keymap in X11
# services.xserver.layout = "us";
# services.xserver.xkbOptions = {
# "eurosign:e";
# "caps:escape" # map caps to escape.
# };
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# users.users.alice = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = with pkgs; [
# firefox
# tree
# ];
# };
# List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

63
hosts/lucent-firepit/og/hardware-configuration.nix Normal file
View File

@ -0,0 +1,63 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "tmpfs";
fsType = "tmpfs";
};
fileSystems."/nix/.ro-store" =
{ device = "/nix/store/bg6n34zcsz3vil02fjf7lk35xli2ssd6-squashfs.img (deleted)";
fsType = "squashfs";
options = [ "loop" ];
};
fileSystems."/nix/.rw-store" =
{ device = "tmpfs";
fsType = "tmpfs";
};
fileSystems."/nix/store" =
{ device = "overlay";
fsType = "overlay";
};
fileSystems."/mnt" =
{ device = "/dev/disk/by-uuid/2fb43a32-d7c2-4ed1-97c6-4588d731a132";
fsType = "xfs";
};
fileSystems."/mnt/boot" =
{ device = "/dev/disk/by-uuid/ABFD-C238";
fsType = "vfat";
};
fileSystems."/mnt/mnt" =
{ device = "/dev/disk/by-uuid/b5adde13-80af-4314-b0d5-ab79b10cc078";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

BIN
hosts/lucent-firepit/secrets/huge-furry-cock.age Normal file
View File

Binary file not shown.

9
hosts/lucent-firepit/secrets/secrets.nix Normal file
View File

@ -0,0 +1,9 @@
let
userKeys = builtins.catAttrs "ssh" (import ../authorizedKeys.nix);
systemKeys = [
# /etc/ssh/ssh_host_ed25519_key.pub
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHp0gLv1FiavpvnXinySlZsWrNkAzo4c8GWvN2WRhQqn root@lucent-firepit"
];
in {
"huge-furry-cock.age".publicKeys = userKeys ++ systemKeys;
}

0
hosts/dark-firepit/srb2k.nix → hosts/lucent-firepit/srb2k.nix
View File

127
hosts/dark-firepit/webapps/default.nix → hosts/lucent-firepit/webapps/default.nix
View File

@ -4,6 +4,28 @@ with lib;
let
in {
config = {
services.cohost-blogger = {
enable = true;
domain = "blog.oat.zone";
port = 3500;
};
services.nlw-api = {
enable = true;
domain = "nlw.oat.zone";
apiKey = builtins.readFile /etc/sheets-api-key;
#apiKey = "";
port = 1995;
};
services.cardgen = {
enable = true;
port = 25290;
};
services.gd-icon-renderer-web = {
enable = true;
port = 3435;
domain = "gdicon.oat.zone";
};
modules = {
services = {
#nextcloud = {
@ -18,10 +40,11 @@ in {
# domain = "blog.dark-firepit.cloud";
#};
gitea = {
forgejo = {
enable = true;
domain = "git.oat.zone";
port = 3000;
enableActions = true;
};
matrix.conduit = {
@ -31,7 +54,7 @@ in {
vaultwarden = {
enable = true;
domain = "vault.aether.gay";
domain = "vault.dark-firepit.cloud";
};
# not entirely necessary but makes it so that invalid domains and/or direct ip access aborts connection
@ -50,10 +73,12 @@ in {
"giger.yugoslavia.fishing".dataDir = "/var/www/giger.yugoslavia.fishing";
"modfiles.oat.zone".dataDir = "/var/www/modfiles.oat.zone";
"shop.yugoslavia.best".dataDir = "/var/www/shop.yugoslavia.best";
"shop.yugoslavia.best".forceSSL = false;
"tesco-underground-dev.oat.zone".dataDir = "/var/www/tesco-underground-dev.oat.zone";
"tesco-underground-dev.oat.zone".auth = { tesco = builtins.readFile /etc/tesco; };
"oat.zone".dataDir = "/var/www/oat.zone";
"oat.zone".php = true;
#"beta-blog.oat.zone".dataDir = "/var/www/beta.blog.oat.zone";
"yugoslavia.fishing".dataDir = "/var/www/yugoslavia.fishing";
"yugoslavia.fishing".php = true;
"educationmath.oat.zone".dataDir = "/var/www/proxy.oat.zone";
@ -61,16 +86,26 @@ in {
"educationmath.oat.zone".auth = { twh = builtins.readFile /etc/proxy_twh; };
"rivervalleychocolate.com".dataDir = "/var/www/rivervalleychocolate.com";
"rivervalleychocolate.com".php = true;
"tac.yugoslavia.best".dataDir = "/var/www/tac.yugoslavia.best/public";
"tac.yugoslavia.best".php = true;
"tac.yugoslavia.best".phpHandlePathing = true;
"play.mayf.pink".dataDir = "/var/www/play.mayf.pink/";
"play.mayf.pink".php = true;
"play.mayf.pink".phpHandlePathing = true;
"pjsk.oat.zone".dataDir = "/var/www/pjsk.oat.zone";
"mayf.pink".dataDir = "/var/www/mayf.pink/public";
"mayf.pink".dataDir = "/var/www/mayf.pink";
"mayf.pink".php = true;
"mayf.pink".phpHandlePathing = true;
"wint0r.zone".dataDir = "/var/www/wint0r.zone";
"puzzle.wint0r.zone".dataDir = "/var/www/puzzle.wint0r.zone";
};
"promotion.yugoslavia.best".dataDir = "/var/www/promotion.yugoslavia.best/public";
"promotion.yugoslavia.best".php = true;
"promotion.yugoslavia.best".phpHandlePathing = true;
"promotion.yugoslavia.best".forceSSL = false;
"star.yugoslavia.best".dataDir = "/var/www/star.yugoslavia.best";
"star.yugoslavia.best".forceSSL = false;
#"wint0r.zone".dataDir = "/var/www/wint0r.zone";
#"puzzle.wint0r.zone".dataDir = "/var/www/puzzle.wint0r.zone";
"femboy.industries".dataDir = "/var/www/femboy.industries";
} // (listToAttrs (map (value: {
name = "${value}.femboy.industries";
value = { dataDir = "/var/www/femboy.industries/_subdomains/${value}/"; };
}) ["sage"]));
nitter = {
enable = true;
@ -79,6 +114,12 @@ in {
domain = "nitter.oat.zone";
};
libreddit = {
enable = true;
domain = "libreddit.oat.zone";
port = 1950;
};
#watch-party = {
# enable = true;
# port = 1984;
@ -88,23 +129,10 @@ in {
enable = true;
};
code-server = {
metrics = {
enable = true;
domain = "dev-firepit.oat.zone";
port = 4444;
};
ghost = {
enable = true;
domain = "blog.oat.zone";
port = 1357;
};
isso = {
enable = true;
port = 1995;
domain = "comments.oat.zone";
target = "blog.oat.zone";
domain = "grafana.dark-firepit.cloud";
port = 2342;
};
};
};
@ -115,6 +143,21 @@ in {
locations."/f/".extraConfig = ''
add_header Access-Control-Allow-Origin "*";
'';
locations."/f/cards/gen".extraConfig = ''
rewrite /f/cards/gen/(.*) /$1 break;
proxy_pass http://127.0.0.1:25290;
proxy_redirect off;
'';
extraConfig = ''
error_page 404 /404.html;
error_page 403 /403.html;
'';
};
"femboy.industries" = {
locations."/_subdomains".extraConfig = ''
deny all;
return 404;
'';
};
# todo: move to flake
"gdpstest.oat.zone" = {
@ -129,31 +172,25 @@ in {
'';
};
# todo: move to flake
"gdicon.oat.zone" = {
"jillo.oat.zone" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:3436/";
proxyPass = "http://127.0.0.1:15385/";
};
};
# https://www.edwinwenink.xyz/posts/47-tilde_server/
# todo: fix this
"dark-firepit.cloud" = {
locations."~ ^/~([^/\\s]+?)(/[^\\s]*)?$".extraConfig = ''
add_header X-debug-message "/home/$1/www$2" always;
alias /home/$1/www$2;
index index.html index.htm;
autoindex on;
'';
};
"nitter.oat.zone" = {
locations."/".extraConfig = ''
if ($http_user_agent = 'Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)') {
return 302 $scheme://fxtwitter.com$request_uri;
}
'';
"drawdog.oat.zone" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:33363/";
extraConfig = ''
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
'';
};
};
#"git.oat.zone" = {

0
hosts/dark-firepit/wireguardInterface.nix → hosts/lucent-firepit/wireguardInterface.nix
View File

0
hosts/dark-firepit/yugoslavia-best.nix → hosts/lucent-firepit/yugoslavia-best.nix
View File

27
modules/agenix.nix
View File

@ -8,17 +8,24 @@ let
secretsDir = "${toString ../hosts}/${config.networking.hostName}/secrets";
secretsFile = "${secretsDir}/secrets.nix";
in {
imports = [ agenix.nixosModules.age ];
environment.systemPackages = [ agenix.defaultPackage.x86_64-linux ];
imports = [ agenix.nixosModules.default ];
age = {
secrets = mkMerge (map (x: {"x".file = "${secretsDir}/${x}";}) (attrNames (import secretsFile)));
identityPaths = options.age.identityPaths.default ++ (foldr (l: r: l ++ r) [] (map (user:
age = let
# ugly, lazy, but works
users = map (user: "/home/${user}/.ssh") (attrNames (readDir "/home/"));
usersWithKeys = filter (path: pathExists path) users;
userIdentityPaths = concatLists (map (keysPath:
let
d = "/home/${user}/.ssh";
fs = map (f: d + "/" + f)
(filter (f: (f != "known_hosts") && (f != "*.old"))
(attrNames (readDir d)));
in fs) (attrNames config.defaultUsers)));
# find all files that are id_* and not *.pub
# todo: maybe make a startsWith / endsWith?
files = map (f: keysPath + "/" + f)
(filter (f: (substring 0 3 f == "id_") && (substring (stringLength f - 4) 4 f != ".pub"))
(attrNames (readDir keysPath)));
in files) usersWithKeys);
in {
secrets = mkMerge (map (x: {"${x}".file = "${secretsDir}/${x}";}) (attrNames (import secretsFile)));
identityPaths = options.age.identityPaths.default ++ userIdentityPaths;
};
}

17
modules/editors/helix.nix Normal file
View File

@ -0,0 +1,17 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.modules.editors.helix;
in {
options = {
enable = mkOption {
type = types.bool;
default = false;
};
};
config = mkIf cfg.enable {
};
}

14
modules/hyprland.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, options, lib, ... }:
{ config, pkgs, options, lib, inputs, ... }:
with lib;
let
@ -11,16 +11,19 @@ in {
};
};
/*
config = mkIf cfg.enable {
#programs.hyprland = {
# enable = true;
#};
programs.hyprland = {
enable = true;
};
# this was failing to build so i removed it. sorry!!!!!!
# -oat
# look outside your window!!!
# -aether
# ok done (i removed it again)
# -oat
# Do not trust the [Flower].
# -aether
user.packages = with pkgs; [
grim
@ -122,4 +125,5 @@ in {
'';
};
};
}
*/
}

4
modules/security.nix
View File

@ -35,8 +35,8 @@ in {
}
];
boot.tmpOnTmpfs = lib.mkDefault true;
boot.cleanTmpDir = lib.mkDefault (!config.boot.tmpOnTmpfs);
boot.tmp.useTmpfs = lib.mkDefault true;
boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs);
security.rtkit.enable = true;

61
modules/services/code-server.nix
View File

@ -1,61 +0,0 @@
{ config, lib, pkgs, options, ... }:
with lib;
let
cfg = config.modules.services.code-server;
in {
options.modules.services.code-server = {
enable = mkOption {
type = types.bool;
default = false;
};
domain = mkOption {
type = types.str;
default = "dev-firepit.oat.zone";
};
port = mkOption {
type = types.int;
default = 4444;
};
};
config = mkIf cfg.enable {
services = {
code-server = {
enable = true;
port = cfg.port;
# temporary
auth = "password";
# temporary
hashedPassword = removeSuffix "\n" (builtins.readFile /etc/code-server-password);
extraPackages = with pkgs; [ git nix nixpkgs-fmt ];
};
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString cfg.port}";
extraConfig = ''
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
'';
};
locations."= /robots.txt" = {
extraConfig = ''
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
'';
};
};
};
users.users.code-server = {
extraGroups = [ "nix-users" "dotfiles" ];
shell = pkgs.unstable.fish;
};
};
}

27
modules/services/dark-firepit-oat-zone.nix
View File

@ -1,27 +0,0 @@
{ config, lib, pkgs, options, ... }:
with lib;
let
cfg = config.modules.services.dark-firepit-oat-zone;
in {
options.modules.services.dark-firepit-oat-zone = {
enable = mkOption {
type = types.bool;
default = false;
};
domain = mkOption {
type = types.str;
default = "dark-firepit.oat.zone";
};
};
config = mkIf cfg.enable {
services = {
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;
root = "/var/www/dark-firepit.oat.zone";
};
};
};
}

108
modules/services/dendrite.nix Normal file
View File

@ -0,0 +1,108 @@
{ pkgs, config, lib, options, ... }:
with lib;
let
cfg = config.modules.services.dendrite;
fullDomain = "${cfg.prefix}.${cfg.hostDomain}";
maxUploadMegabytes = 600;
in {
options.modules.services.dendrite = {
enable = mkOption {
type = types.bool;
default = false;
};
hostDomain = mkOption {
type = types.str;
default = null;
};
prefix = mkOption {
type = types.str;
default = "matrix";
};
port = mkOption {
type = types.port;
default = 8008;
};
};
config = mkIf cfg.enable {
assertions = [
{ assertion = cfg.hostDomain != null;
description = "@config.modules.services.dendrite.hostDomain@ must not equal null";
}
];
services.dendrite = {
enable = true;
httpPort = cfg.port;
# httpsPort = cfg.port;
tlsCert = "/var/lib/dendrite_keys/server.crt";
tlsKey = "/var/lib/dendrite_keys/server.key";
loadCredential = [ "private_key:/var/lib/dendrite_keys/private/private_key.pem" ];
environmentFile = "/var/lib/dendrite_keys/registration_secret";
settings = {
global = {
server_name = cfg.hostDomain;
private_key = "/var/lib/dendrite_keys/private/private_key.pem";
presence = {
enable_inbound = true;
enable_outbound = true;
};
};
client_api = {
registration_shared_secret = "$REGISTRATION_SHARED_SECRET";
};
media_api = {
max_file_size_bytes = maxUploadMegabytes;
dynamic_thumbnails = true;
};
};
};
services.nginx.virtualHosts."${fullDomain}" = {
forceSSL = true;
enableACME = true;
#listen = [
# { addr = "0.0.0.0";
# port = 443;
# ssl = true;
# }
# { addr = "[::]";
# port = 443;
# ssl = true;
# }
#];
locations."/_matrix".proxyPass = "http://127.0.0.1:${toString cfg.port}";
#locations."/_matrix".proxyPass = "https://localhost:${toString cfg.port}";
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-RealIP $remote_addr;
proxy_read_timeout 600;
client_max_body_size ${toString maxUploadMegabytes}M;
'';
};
services.nginx.virtualHosts."${cfg.hostDomain}" = {
forceSSL = true;
enableACME = true;
locations."/.well-known/matrix/server".return = "200 '{ \"m.server\": \"${fullDomain}:443\"}'";
# locations."/.well-known/matrix/client".return = "200 '{ \"m.homserver\": { \"base_url\": \"https://${cfg.hostDomain}\"} }'";
locations."/.well-known/matrix/client".extraConfig = ''
add_header Access-Control-Allow-Origin '*';
return 200 '{ \"m.homeserver\": { \"base_url\": \"https://${fullDomain}\"} }';
'';
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = [ 80 443 ];
};
}

43
modules/services/gitea.nix → modules/services/forgejo.nix
View File

@ -2,9 +2,9 @@
with lib;
let
cfg = config.modules.services.gitea;
cfg = config.modules.services.forgejo;
in {
options.modules.services.gitea = {
options.modules.services.forgejo = {
enable = mkOption {
type = types.bool;
default = false;
@ -17,30 +17,55 @@ in {
type = types.int;
default = 3000;
};
package = mkOption {
type = types.package;
default = pkgs.unstable.forgejo;
};
enableActions = mkOption {
type = types.bool;
default = false;
};
};
config = mkIf cfg.enable {
virtualisation.docker.enable = cfg.enableActions;
services = {
gitea = {
enable = true;
package = pkgs.unstable.gitea;
domain = cfg.domain;
httpPort = cfg.port;
rootUrl = "https://${cfg.domain}/";
package = cfg.package;
stateDir = "/var/lib/${cfg.domain}";
appName = "Gitea: dark-firepit hosted Git";
appName = "Forgejo: dark-firepit hosted Git";
database = {
type = "postgres";
name = "gitea";
};
settings = mkMerge [ (builtins.fromTOML (builtins.readFile "/etc/dotfiles/config/gitea/app.toml")) {
settings = mkMerge [ (builtins.fromTOML (builtins.readFile "/etc/dotfiles/config/forgejo/app.toml")) {
"ui.meta" = {
AUTHOR = "aether & oat";
AUTHOR = "dark-firepit.cloud";
DESCRIPTION = "dark-firepit's shared git instance";
};
"server" = {
DOMAIN = cfg.domain;
HTTP_PORT = cfg.port;
ROOT_URL = "https://${cfg.domain}/";
};
"actions" = {
ENABLED = cfg.enableActions;
};
}];
};
gitea-actions-runner = mkIf cfg.enableActions {
instances."${config.networking.hostName}" = {
enable = true;
name = "ci";
url = "https://${cfg.domain}/";
labels = []; # use the packaged instance list
token = removeSuffix "\n" (builtins.readFile "/etc/forgejo-runner-token");
};
};
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;

158
modules/services/ghost.nix
View File

@ -1,158 +0,0 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.modules.services.ghost;
# user used to run the Ghost service
userName = builtins.replaceStrings [ "." ] [ "_" ] cfg.domain;
in {
options.modules.services.ghost = {
enable = mkOption {
type = types.bool;
default = false;
};
package = mkOption {
type = types.package;
default = pkgs._.ghost;
};
domain = mkOption {
type = types.str;
default = "blog.oat.zone";
};
port = mkOption {
type = types.int;
default = 1357;
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/${userName}";
};
};
config = let
# directory used to save the blog content
dataDir = cfg.dataDir;
# script that sets up the Ghost content directory
setupScript = pkgs.writeScript "${cfg.domain}-setup.sh" ''
#! ${pkgs.stdenv.shell} -e
chmod g+s "${dataDir}"
[[ ! -d "${dataDir}/content" ]] && cp -r "${cfg.package}/content" "${dataDir}/content"
chown -R "${userName}":"${userName}" "${dataDir}/content"
chmod -R +w "${dataDir}/content"
ln -f -s "/etc/${cfg.domain}.json" "${dataDir}/config.production.json"
[[ -d "${dataDir}/current" ]] && rm "${dataDir}/current"
ln -f -s "${cfg.package}/current" "${dataDir}/current"
[[ -d "${dataDir}/content/themes/casper" ]] && rm "${dataDir}/content/themes/casper"
ln -f -s "${cfg.package}/current/content/themes/casper" "${dataDir}/content/themes/casper"
'';
in lib.mkIf cfg.enable {
# Creates the user and group
users.users.${userName} = {
isSystemUser = true;
group = userName;
createHome = true;
home = dataDir;
};
users.groups.${userName} = { };
# Creates the Ghost config
environment.etc."${cfg.domain}.json".text = ''
{
"url": "https://${cfg.domain}",
"server": {
"port": ${toString cfg.port},
"host": "0.0.0.0"
},
"database": {
"client": "mysql",
"connection": {
"host": "localhost",
"user": "${userName}",
"database": "${userName}",
"password": "",
"socketPath": "/run/mysqld/mysqld.sock"
}
},
"mail": {
"transport": "sendmail"
},
"logging": {
"transports": ["stdout"]
},
"paths": {
"contentPath": "${dataDir}/content"
}
}
'';
# Sets up the Systemd service
systemd.services."${cfg.domain}" = {
enable = true;
description = "${cfg.domain} ghost blog";
restartIfChanged = true;
restartTriggers =
[ cfg.package config.environment.etc."${cfg.domain}.json".source ];
requires = [ "mysql.service" ];
after = [ "mysql.service" ];
path = [ pkgs.nodejs pkgs.vips ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = userName;
Group = userName;
WorkingDirectory = dataDir;
# Executes the setup script before start
ExecStartPre = setupScript;
# Runs Ghost with node
ExecStart = "${pkgs.nodejs}/bin/node current/index.js";
# Sandboxes the Systemd service
AmbientCapabilities = [ ];
CapabilityBoundingSet = [ ];
KeyringMode = "private";
LockPersonality = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateMounts = true;
PrivateTmp = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectSystem = "full";
RemoveIPC = true;
RestrictAddressFamilies = [ ];
RestrictNamespaces = true;
RestrictRealtime = true;
};
environment = { NODE_ENV = "production"; };
};
# Sets up the blog virtual host on NGINX
services.nginx.virtualHosts.${cfg.domain} = {
# Sets up Lets Encrypt SSL certificates for the blog
forceSSL = true;
enableACME = true;
locations."/" = { proxyPass = "http://127.0.0.1:${toString cfg.port}"; };
extraConfig = ''
charset UTF-8;
add_header Strict-Transport-Security "max-age=2592000; includeSubDomains" always;
add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
'';
};
# Sets up MySQL database and user for Ghost
services.mysql = {
ensureDatabases = [ userName ];
ensureUsers = [{
name = userName;
ensurePermissions = { "${userName}.*" = "ALL PRIVILEGES"; };
}];
};
};
}

82
modules/services/isso.nix
View File

@ -1,82 +0,0 @@
{ config, lib, pkgs, options, ... }:
with lib;
let
cfg = config.modules.services.isso;
in {
options.modules.services.isso = {
enable = mkOption {
type = types.bool;
default = false;
};
domain = mkOption {
type = types.str;
default = "comments.oat.zone";
};
target = mkOption {
type = types.str;
default = "blog.oat.zone";
};
port = mkOption {
type = types.port;
default = 1550;
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/isso";
};
};
config = mkIf cfg.enable {
services = {
isso = {
enable = true;
settings = {
general = {
dbpath = "${cfg.dataDir}/comments.db";
host = "https://${cfg.target}";
latest-enabled = true;
};
server = {
listen = "http://localhost:${toString cfg.port}";
samesite = "Lax";
public-endpoint = "https://${cfg.domain}";
};
guard = {
enabled = true;
require-author = true;
ratelimit = 4;
};
admin = {
enabled = true;
password = removeSuffix "\n" (builtins.readFile /etc/isso_admin_pass);
};
};
};
nginx.enable = true;
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString cfg.port}";
extraConfig = ''
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
'';
};
};
};
systemd.services.isso.serviceConfig = {
preStart = ''
umask u=rwx,g=rwx,o=rx
mkdir -p ${cfg.dataDir}
cd ${cfg.dataDir}
${pkgs.coreutils}/bin/chown -R isso:isso .
${pkgs.coreutils}/bin/chmod -R 775 .
'';
};
};
}

50
modules/services/jillo.nix
View File

@ -1,50 +0,0 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.modules.services.jillo;
in {
options.modules.services.jillo = {
enable = mkOption {
type = types.bool;
default = false;
};
package = mkOption {
type = types.package;
default = pkgs._.jillo;
};
dataDir = mkOption {
type = types.either [types.path types.str];
};
};
config = mkIf cfg.enable {
users.users.jillo = {
group = "jillo";
home = cfg.dataDir;
createHome = true;
isSystemUser = true;
shell = "${pkgs.bash}/bin/bash";
};
users.groups.jillo = {};
environment.systemPackages = [ pkgs.nodejs-18_x ];
systemd.services.jillo = {
description = "Jillo Discord bot";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "notify";
User = "jillo";
Group = "jillo";
WorkingDirectory = cfg.dataDir;
ExecStart = "${pkgs.nodejs-18_x}/bin/npm run start";
Restart = "on-failure";
};
};
};
}

372
modules/services/jmusicbot.nix Normal file
View File

@ -0,0 +1,372 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.modules.services.jmusicbot;
in {
options.modules.services.jmusicbot = {
enable = mkOption {
description = ''
JMusicBot is a self-hostable Discord music bot. This service lets
you host multiple instances of it with seperate configurations.
'';
type = types.bool;
default = false;
};
instances = mkOption {
default = {};
type = types.attrsOf (types.submodule {
options = {
enable = mkOption {
type = types.bool;
default = false;
};
package = mkOption {
type = types.package;
default = pkgs.jmusicbot;
};
options = mkOption {
description = ''
The JMusicBot config, see here: https://jmusicbot.com/config/
'';
type = types.submodule {
options = {
token = mkOption {
type = types.str;
description = ''
This sets the token for the bot to log in with
This MUST be a bot token (user tokens will not work)
If you don't know how to get a bot token, please see the guide here:
https://github.com/jagrosh/MusicBot/wiki/Getting-a-Bot-Token
'';
};
owner = mkOption {
type = types.int;
description = ''
This sets the owner of the bot
This needs to be the owner's ID (a 17-18 digit number)
https://github.com/jagrosh/MusicBot/wiki/Finding-Your-User-ID
'';
default = 0;
};
prefix = mkOption {
type = types.str;
description = ''
This sets the prefix for the bot
The prefix is used to control the commands
If you use !!, the play command will be !!play
If you do not set this, the prefix will be a mention of the bot (@Botname play)
'';
default = "@mention";
};
game = mkOption {
type = types.str;
description = ''
If you set this, it modifies the default game of the bot
Set this to NONE to have no game
Set this to DEFAULT to use the default game
You can make the game "Playing X", "Listening to X", or "Watching X"
where X is the title. If you don't include an action, it will use the
default of "Playing"
'';
default = "DEFAULT";
};
status = mkOption {
type = types.enum ["ONLINE" "IDLE" "DND" "INVISIBLE"];
description = ''
If you set this, it will modify the default status of bot
Valid values: ONLINE IDLE DND INVISIBLE
'';
default = "ONLINE";
};
songinstatus = mkOption {
type = types.bool;
description = ''
If you set this to true, the bot will list the title of the song it is currently playing in its
"Playing" status. Note that this will ONLY work if the bot is playing music on ONE guild;
if the bot is playing on multiple guilds, this will not work.
'';
default = false;
};
altprefix = mkOption {
type = types.str;
description = ''
If you set this, the bot will also use this prefix in addition to
the one provided above
'';
default = "NONE";
};
success = mkOption {
type = types.str;
description = ''
If you set this, the bot will also use this prefix in addition to
the one provided above
'';
default = "🎶";
};
warning = mkOption {
type = types.str;
description = ''
If you set this, the bot will also use this prefix in addition to
the one provided above
'';
default = "💡";
};
error = mkOption {
type = types.str;
description = ''
If you set this, the bot will also use this prefix in addition to
the one provided above
'';
default = "🚫";
};
loading = mkOption {
type = types.str;
description = ''
If you set this, the bot will also use this prefix in addition to
the one provided above
'';
default = "";
};
searching = mkOption {
type = types.str;
description = ''
If you set this, the bot will also use this prefix in addition to
the one provided above
'';
default = "🔎";
};
help = mkOption {
type = types.str;
description = ''
If you set this, you change the word used to view the help.
For example, if you set the prefix to !! and the help to cmds, you would type
!!cmds to see the help text
'';
default = "help";
};
npimages = mkOption {
type = types.bool;
description = ''
If you set this, the "nowplaying" command will show youtube thumbnails
Note: If you set this to true, the nowplaying boxes will NOT refresh
This is because refreshing the boxes causes the image to be reloaded
every time it refreshes.
'';
default = false;
};
stayinchannel = mkOption {
type = types.bool;
description = ''
If you set this, the bot will not leave a voice channel after it finishes a queue.
Keep in mind that being connected to a voice channel uses additional bandwith,
so this option is not recommended if bandwidth is a concern.
'';
default = false;
};
maxtime = mkOption {
type = types.int;
description = ''
This sets the maximum amount of seconds any track loaded can be. If not set or set
to any number less than or equal to zero, there is no maximum time length. This time
restriction applies to songs loaded from any source.
'';
default = 0;
};
alonetimeuntilstop = mkOption {
type = types.int;
description = ''
This sets the amount of seconds the bot will stay alone on a voice channel until it
automatically leaves the voice channel and clears the queue. If not set or set
to any number less than or equal to zero, the bot won't leave when alone.
'';
default = 0;
};
playlistsfolder = mkOption {
type = types.str;
description = ''
This sets an alternative folder to be used as the Playlists folder
This can be a relative or absolute path
'';
default = "Playlists";
};
updatealerts = mkOption {
type = types.bool;
description = ''
By default, the bot will DM the owner if the bot is running and a new version of the bot
becomes available. Set this to false to disable this feature.
'';
default = true;
};
"lyrics.default" = mkOption {
type = types.enum ["A-Z Lyrics" "Genius" "MusicMatch" "LyricsFreak"];
description = ''
Changing this changes the lyrics provider
Currently available providers: "A-Z Lyrics", "Genius", "MusicMatch", "LyricsFreak"
At the time of writing, I would recommend sticking with A-Z Lyrics or MusicMatch,
as Genius tends to have a lot of non-song results and you might get something
completely unrelated to what you want.
If you are interested in contributing a provider, please see
https://github.com/jagrosh/JLyrics
'';
default = "A-Z Lyrics";
};
aliases = mkOption {
type = types.attrsOf (types.listOf types.str);
description = ''
These settings allow you to configure custom aliases for all commands.
Multiple aliases may be given, separated by commas.
Example 1: Giving command "play" the alias "p":
play = [ p ]
Example 2: Giving command "search" the aliases "yts" and "find":
search = [ yts, find ]
'';
default = {
settings = [ "status" ];
lyrics = [];
nowplaying = [ "np" "current" ];
play = [];
playlists = [ "pls" ];
queue = [ "list" ];
remove = [ "delete" ];
scsearch = [];
search = [ "ytsearch" ];
shuffle = [];
skip = [ "voteskip" ];
prefix = [ "setprefix" ];
setdj = [];
settc = [];
setvc = [];
forceremove = [ "forcedelete" "modremove" "moddelete" ];
forceskip = [ "modskip" ];
movetrack = [ "move" ];
pause = [];
playnext = [];
repeat = [];
skipto = [ "jumpto" ];
stop = [];
volume = [ "vol" ];
};
};
queuetype = mkOption {
type = types.enum ["FAIR" "REGULAR"];
description = ''
Sets the queue type
FAIR: Each user gets a fair chance at the queue by rearranging it such that no user can fill it up entirely
REGULAR: Queue works as first-come, first-served
'';
default = "FAIR";
};
eval = mkOption {
type = types.bool;
description = ''
If you set this to true, it will enable the eval command for the bot owner. This command
allows the bot owner to run arbitrary code from the bot's account.
WARNING:
This command can be extremely dangerous. If you don't know what you're doing, you could
cause horrific problems on your Discord server or on whatever computer this bot is running
on. Never run this command unless you are completely positive what you are running.
DO NOT ENABLE THIS IF YOU DON'T KNOW WHAT THIS DOES OR HOW TO USE IT
IF SOMEONE ASKS YOU TO ENABLE THIS, THERE IS AN 11/10 CHANCE THEY ARE TRYING TO SCAM YOU
'';
default = false;
};
};
};
};
};
});
};
};
config = let
dataDir = "/var/lib/jmusicbot";
# nabbed from https://github.com/NixOS/nixpkgs/blob/61d8fdca02b4647be8d38a94c6f53a7cf072d717/nixos/modules/services/networking/jitsi-videobridge.nix#L11
toHOCON = x: if isAttrs x && x ? __hocon_envvar then ("\${" + x.__hocon_envvar + "}")
else if isAttrs x then "{${ concatStringsSep "," (mapAttrsToList (k: v: ''"${k}":${toHOCON v}'') x) }}"
else if isList x then "[${ concatMapStringsSep "," toHOCON x }]"
else builtins.toJSON x;
in mkIf cfg.enable {
users.users.jmusicbot = {
group = "jmusicbot";
home = dataDir;
createHome = true;
isSystemUser = true;
shell = "${pkgs.bash}/bin/bash";
};
users.groups.jmusicbot = {};
system.activationScripts.jmusicbot-data-dir.text = ''
mkdir -p ${dataDir}
chown jmusicbot:jmusicbot ${dataDir}
chmod -R 775 ${dataDir}
'';
systemd.services = mapAttrs'
(name: conf:
let
stateDir = "${dataDir}/${name}/";
configFile = builtins.toFile "config.txt" (toHOCON conf.options);
in {
name = "jmusicbot-${name}";
value = {
enable = conf.enable;
# referencing https://jmusicbot.com/running-as-a-service/
description = "JMusicBot instance ${name}";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
requires = [ "network.target" ];
serviceConfig = {
ExecStart = pkgs.writeScript "jmusicbot-start-${name}" ''
#!${pkgs.runtimeShell}
umask u=rwx,g=rwx,o=rx
cd ${stateDir}
${getExe conf.package} -Dconfig=${configFile}
'';
Restart = "always";
RestartSec = 20;
User = "jmusicbot";
};
preStart = ''
umask u=rwx,g=rwx,o=rx
mkdir -p ${stateDir}
cd ${stateDir}
ln -sf ${configFile} config.txt
'';
};
}
) cfg.instances;
};
}

45
modules/services/libreddit.nix Normal file
View File

@ -0,0 +1,45 @@
{ config, lib, pkgs, options, ... }:
with lib;
let
cfg = config.modules.services.libreddit;
in {
options.modules.services.libreddit = {
enable = mkOption {
type = types.bool;
default = false;
};
domain = mkOption {
type = types.str;
default = "libreddit.oat.zone";
};
port = mkOption {
type = types.port;
default = 1590;
};
};
config = mkIf cfg.enable {
services = {
libreddit = {
enable = true;
package = pkgs.libreddit;
port = cfg.port;
};
nginx.enable = true;
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString cfg.port}";
extraConfig = ''
if ($http_user_agent = 'Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)') {
return 302 $scheme://proxy.knotty.dev$request_uri;
}
'';
};
};
};
};
}

55
modules/services/loki-local-config.yml Normal file
View File

@ -0,0 +1,55 @@
auth_enabled: false
server:
http_listen_port: 3100
ingester:
lifecycler:
address: 0.0.0.0
ring:
kvstore:
store: inmemory
replication_factor: 1
final_sleep: 0s
chunk_idle_period: 1h # Any chunk not receiving new logs in this time will be flushed
max_chunk_age: 1h # All chunks will be flushed when they hit this age, default is 1h
chunk_target_size: 1048576 # Loki will attempt to build chunks up to 1.5MB, flushing first if chunk_idle_period or max_chunk_age is reached first
chunk_retain_period: 30s # Must be greater than index read cache TTL if using an index cache (Default index read cache TTL is 5m)
max_transfer_retries: 0 # Chunk transfers disabled
schema_config:
configs:
- from: 2023-12-08
store: boltdb-shipper
object_store: filesystem
schema: v11
index:
prefix: index_
period: 24h
storage_config:
boltdb_shipper:
active_index_directory: /var/lib/loki/boltdb-shipper-active
cache_location: /var/lib/loki/boltdb-shipper-cache
cache_ttl: 24h # Can be increased for faster performance over longer query periods, uses more disk space
shared_store: filesystem
filesystem:
directory: /var/lib/loki/chunks
limits_config:
reject_old_samples: true
reject_old_samples_max_age: 168h
chunk_store_config:
max_look_back_period: 0s
table_manager:
retention_deletes_enabled: false
retention_period: 0s
compactor:
working_directory: /var/lib/loki
shared_store: filesystem
compactor_ring:
kvstore:
store: inmemory

110
modules/services/metrics.nix Normal file
View File

@ -0,0 +1,110 @@
{ config, lib, pkgs, options, ... }:
with lib;
let
cfg = config.modules.services.metrics;
in {
options.modules.services.metrics = {
enable = mkOption {
type = types.bool;
default = false;
};
domain = mkOption {
type = types.str;
# default = "grafana.oat.zone";
default = null;
};
port = mkOption {
type = types.int;
default = 2342;
};
};
config = mkIf cfg.enable {
assertions = [
{ assertion = cfg.domain != null;
description = "please set the domain for grafana";
}
];
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''
${pkgs.grafana-loki}/bin/promtail --config.file ${./promtail.yml}
'';
};
};
services = {
grafana = {
enable = true;
settings = {
server = {
domain = cfg.domain;
http_port = cfg.port;
http_addr = "127.0.0.1";
};
};
};
prometheus = let
ports = {
base = 9001;
node = 9002;
nginx = 9003;
};
in {
enable = true;
port = ports.base;
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
port = ports.node;
};
nginx = {
enable = true;
port = ports.nginx;
};
};
scrapeConfigs = [
{
job_name = "lucent-firepit";
static_configs = [{
targets = [
"127.0.0.1:${toString ports.node}"
"127.0.0.1:${toString ports.nginx}"
];
}];
}
];
};
loki = {
enable = true;
configFile = ./loki-local-config.yml;
};
nginx.statusPage = true;
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString cfg.port}";
proxyWebsockets = true;
};
locations."= /robots.txt" = {
extraConfig = ''
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
'';
};
};
};
};
}

21
modules/services/nextcloud.nix
View File

@ -7,12 +7,12 @@ in {
options.modules.services.nextcloud = {
enable = mkOption {
type = types.bool;
default = false;
default = mkForce false;
};
package = mkOption {
type = types.package;
default = pkgs.nextcloud24;
default = pkgs.nextcloud27;
};
domain = mkOption {
@ -28,15 +28,22 @@ in {
}
];
# vomit inducing
# nixpkgs.config.permittedInsecurePackages = [
# "openssl-1.1.1w"
# ];
services.nextcloud = {
enable = true;
package = cfg.package;
hostName = cfg.domain;
enableBrokenCiphersForSSE = false;
database.createLocally = true;
config = {
dbtype = "pgsql";
dbuser = "nextcloud";
dbuser = "nextcloud3";
dbhost = "/run/postgresql";
dbname = "nextcloud";
dbname = "nextcloud3";
adminpassFile = "/etc/nextcloudpass";
adminuser = "root";
# "log_type" = "systemd";
@ -53,10 +60,10 @@ in {
services.postgresql = {
enable = true;
ensureDatabases = [ "nextcloud" ];
ensureDatabases = [ "nextcloud3" ];
ensureUsers = [
{ name = "nextcloud";
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
{ name = "nextcloud3";
ensurePermissions."DATABASE nextcloud3" = "ALL PRIVILEGES";
}
];
};

2
modules/services/nginx-config.nix
View File

@ -39,7 +39,7 @@ in {
#add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
# Minimize information leaked to other domains
#add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header 'Referrer-Policy' 'origin-when-cross-origin';
# Disable embedding as a frame
#add_header X-Frame-Options DENY;

13
modules/services/nitter-age-check.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/src/auth.nim b/src/auth.nim
index b288c50..de1b1d8 100644
--- a/src/auth.nim
+++ b/src/auth.nim
@@ -202,7 +202,7 @@ proc initAccountPool*(cfg: Config; path: string) =
quit 1
let accountsPrePurge = accountPool.len
- accountPool.keepItIf(not it.hasExpired)
+ #accountPool.keepItIf(not it.hasExpired)
log "Successfully added ", accountPool.len, " valid accounts."
if accountsPrePurge > accountPool.len:

21
modules/services/nitter.nix
View File

@ -1,4 +1,4 @@
{ config, lib, pkgs, options, ... }:
{ config, lib, pkgs, options, inputs, ... }:
# heavily references https://github.com/erdnaxe/nixos-modules/blob/master/services/nitter.nix
@ -29,11 +29,24 @@ in {
};
};
# force unstable
disabledModules = [ "services/misc/nitter.nix" ];
imports = [
"${inputs.nixpkgs-unstable}/nixos/modules/services/misc/nitter.nix"
];
config = mkIf cfg.enable {
services = {
nitter = {
enable = true;
package = pkgs.unstable.nitter;
package = pkgs.unstable.nitter.overrideAttrs (old: {
patches = old.patches ++ [
./nitter-age-check.patch
];
});
config = {
proxy = ""; # https://github.com/NixOS/nixpkgs/issues/235359
};
server = {
address = "127.0.0.1";
port = cfg.port;
@ -61,6 +74,10 @@ in {
#add_header X-Content-Type-Options nosniff;
#add_header X-Frame-Options DENY;
#add_header X-XSS-Protection "1; mode=block";
if ($http_user_agent = 'Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)') {
return 302 $scheme://fxtwitter.com$request_uri;
}
'';
};
locations."= /robots.txt" = {

8
modules/services/phpfpm.nix
View File

@ -1,8 +0,0 @@
{ pkgs, config, lib, options, ... }:
with lib;
let
cfg = config.modules.services.phpfpm;
in {
}

1
modules/services/postgres.nix
View File

@ -14,6 +14,7 @@ in {
config = mkIf cfg.enable {
services.postgresql = {
enable = true;
package = pkgs.postgresql_15;
};
};
}

20
modules/services/promtail.yml Normal file
View File

@ -0,0 +1,20 @@
server:
http_listen_port: 28183
grpc_listen_port: 0
positions:
filename: /tmp/positions.yaml
clients:
- url: http://127.0.0.1:3100/loki/api/v1/push
scrape_configs:
- job_name: journal
journal:
max_age: 12h
labels:
job: systemd-journal
host: lucent-firepit
relabel_configs:
- source_labels: ["__journal__systemd_unit"]
target_label: "unit"

9
modules/services/ssh.nix
View File

@ -11,6 +11,7 @@ in {
default = false;
description = "Provide system SSH support though OpenSSH.";
};
requirePassword = mkOption {
type = types.bool;
default = true;
@ -20,9 +21,13 @@ in {
config = mkIf cfg.enable {
services.openssh = {
enable = true;
passwordAuthentication = cfg.requirePassword;
permitRootLogin = "no";
settings = {
PasswordAuthentication = cfg.requirePassword;
PermitRootLogin = "no";
};
};
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;

34
modules/services/update-itl.nix Normal file
View File

@ -0,0 +1,34 @@
{ config, lib, pkgs, options, inputs, ... }:
with lib;
let
cfg = config.modules.services.update-idl;
in {
options.modules.services.update-idl = {
enable = mkOption {
type = types.bool;
default = false;
};
};
config = mkIf cfg.enable {
systemd.timers."update-itl" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "60m";
OnUnitActiveSec = "60m";
Unit = "update-itl.service";
};
};
systemd.services."update-itl" = {
script = ''
${pkgs.curl} -X POST https://mayf.pink/itl/update -H "Connection: Spiritual"
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
};
}

2
modules/services/vaultwarden.nix
View File

@ -55,7 +55,7 @@ in {
ensureDatabases = [ "vaultwarden" ];
ensureUsers = [
{ name = "vaultwarden";
ensurePermissions = { "DATABASE vaultwarden" = "ALL PRIVILEGES"; };
ensureDBOwnership = true;
}
];
};

38
modules/services/watch-party.nix
View File

@ -1,38 +0,0 @@
{ config, lib, pkgs, options, inputs, ... }:
with lib;
let
cfg = config.modules.services.watch-party;
in {
options.modules.services.watch-party = {
enable = mkOption {
type = types.bool;
default = false;
};
domain = mkOption {
type = types.str;
default = "watch-party.oat.zone";
};
port = mkOption {
type = types.int;
default = 1984;
};
};
config = mkIf cfg.enable {
services = {
#watch-party = {
# enable = true;
# port = cfg.port;
#};
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString cfg.port}";
};
};
};
};
}

4
modules/shell/fish.nix
View File

@ -15,5 +15,9 @@ in {
home._.programs.fish = {
enable = true;
};
environment.systemPackages = with pkgs; [
fishPlugins.tide
];
};
}

9
packages/ghost/builder.sh
View File

@ -1,9 +0,0 @@
source "$stdenv"/setup
export HOME=$(mktemp -d)
npm install --loglevel=info --logs-max=0 "ghost-cli@$ghostCliVersion"
mkdir --parents "$out"/
node_modules/ghost-cli/bin/ghost install "$version" --db=sqlite3 \
--no-enable --no-prompt --no-stack --no-setup --no-start --dir "$out"

11
packages/ghost/default.nix
View File

@ -1,11 +0,0 @@
{ pkgs }:
let
pname = "ghost";
version = "5.33.2";
in pkgs.stdenv.mkDerivation {
inherit pname version;
buildInputs = with pkgs; [ nodejs yarn vips ];
ghostCliVersion = "1.24.0";
builder = ./builder.sh;
}

32
packages/gmusicbot.nix Normal file
View File

@ -0,0 +1,32 @@
{ stdenv, lib, fetchurl, makeWrapper, jre_headless }:
stdenv.mkDerivation rec {
pname = "GMusicBot";
version = "2023-05-19";
src = fetchurl {
url = "https://oat.zone/f/GMusicBot-2023-05-19.jar?v=3";
sha256 = "sha256-5c36did0kkaeu4Yi9vGIhlqRoeUBBRWKdihbaW9lwk4=";
};
dontUnpack = true;
nativeBuildInputs = [ makeWrapper ];
installPhase = ''
mkdir -p $out/lib
cp $src $out/lib/GMusicBot
makeWrapper ${jre_headless}/bin/java $out/bin/GMusicBot \
--add-flags "-Xmx1G -Dnogui=true -Djava.util.concurrent.ForkJoinPool.common.parallelism=1 -jar $out/lib/GMusicBot"
'';
meta = with lib; {
description = "Discord music bot that's easy to set up and run yourself";
homepage = "https://git.oat.zone/oat/GMusicBot";
sourceProvenance = with sourceTypes; [ binaryBytecode ];
license = licenses.asl20;
maintainers = with maintainers; [ SuperSandro2000 ];
inherit (jre_headless.meta) platforms;
};
}

36
packages/nidobyte.nix Normal file
View File

@ -0,0 +1,36 @@
{ stdenv, lib, fetchpijul
, pijul
, rustc
, cargo
, rustfmt
, postgresql
, sqlx-cli
, libiconv
, xxHash
, zstd
, ... }:
stdenv.mkDerivation rec {
pname = "nidobyte";
src = fetchpijul {
url = "https://nest.pijul.com/zj/nidobyte";
hash = "YZAHAQRQHK24QY2H3AXKCPPDIE2F53H35C5CNYUSXRDSNCWOUJVQC";
};
nativeBuildInputs = [
pijul
rustc
cargo
rustfmt
postgresql
sqlx-cli
libiconv
xxHash
zstd
];
}

10
packages/srb2kart/default.nix
View File

@ -17,23 +17,23 @@
let
releaseTag = "v1.5";
releaseTag = "v1.6";
assets = fetchurl {
url = "https://github.com/STJr/Kart-Public/releases/download/${releaseTag}/AssetsLinuxOnly.zip";
sha256 = "sha256-A4HkxnDGQICucsJyHXYc5GCRbMP0M4NjreohhFOQarA=";
sha256 = "sha256-ejhPuZ1C8M9B0S4+2HN1T5pbormT1eVL3nlivqOszdE=";
};
in stdenv.mkDerivation rec {
pname = "srb2kart";
version = "1.5.0";
version = "1.6.0";
src = fetchFromGitLab {
owner = "KartKrew";
repo = "Kart-Public";
domain = "git.do.srb2.org";
rev = "a69b3b0260665b8b0acac950a808a68e5a40894c";
sha256 = "sha256-pWnCvBb+XkUjCVmlT3MgqPWICaERFO0POFAItIyA6Ns=";
rev = "v1.6";
sha256 = "sha256-5sIHdeenWZjczyYM2q+F8Y1SyLqL+y77yxYDUM3dVA0=";
};
nativeBuildInputs = [