some refactoring

Co-authored-by: Jill Monoids <oatmealine@disroot.org>
This commit is contained in:
Aether 2022-09-05 18:16:09 +02:00
parent 35452b7be0
commit 9da0a143ae
67 changed files with 1877 additions and 1212 deletions

40
config/gitea/app.toml Executable file
View File

@ -0,0 +1,40 @@
[security]
INSTALL_LOCK = true
PASSWORD_HASH_ALGO = "argon2"
PASSWORD_CHECK_PWN = true
[repository]
DEFAULT_BRANCH = "main"
[ui]
DEFAULT_THEME = "arc-pink"
THEMES="auto,gitea,arc-green,arc-pink,arc-pink-modern,darkred,gitea-blue,gitea-modern,github"
CUSTOM_EMOJIS = "blurry_eyes,whenyoubigshit,he,ancapistanian,oralpleasure,horny,acab,tastymilk,gluttony,soul_of_fright,soul_of_night,soul_of_might,soul_of_blight,michael,bottom,spongesad,scripulous_fingore_point,scripulous_fingore,Tainted_John_F_Kennedy,John_F_Kennedy_Tainted,John_F_Kennedy,plumspin,despair,ihaveyourip,rusty50,entropy,peeeh,penis,gloopy,twister,stupib,speed,deadchat,cock,housj,dothejej,b_,trollgecommence,handsl,handsr,face,aiki,nervous,coffee,the_cowboy,dilf,child,closer,feddynite,orang,feddy_glamcock,elonmusk,slugclose,zonkerdoodle,pls,x3,slugloafspin,observer,pickle,zamiel_approves,ohgod,hapykity,i_see_chicory,i_see_pizza,cutely_blushes,gamer_boi,eeeeeeeeee,babytime,sleeby"
[mailer]
ENABLED = false
[service]
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
REQUIRE_SIGNIN_VIEW = false
DEFAULT_KEEP_EMAIL_PRIVATE = true
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = "noreply.oat.zone"
[picture]
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = true
[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false
[session]
PROVIDER = "file"
[other]
SHOW_FOOTER_BRANDING = true

View File

@ -1,7 +1,7 @@
{ config, inputs, lib, pkgs, ... }:
let
inherit (lib) _;
inherit (lib) filterAttrs _;
in {
imports =
[ inputs.home-manager.nixosModules.home-manager ]
@ -15,18 +15,18 @@ in {
boot.loader.systemd-boot.configurationLimit = 10;
nix = let
registry = lib.mapAttrs (_: v: { flake = v; }) (_.filterSelf inputs);
registry = lib.mapAttrs (name: value: { flake = value; }) (filterAttrs (name: value: name != "attrs") inputs);
in {
package = pkgs.nixFlakes;
autoOptimiseStore = true;
extraOptions = "experimental-features = nix-command flakes";
binaryCaches = [
registry = registry // { dotfiles.flake = inputs.self; };
settings.auto-optimise-store = true;
settings.experimental-features = [ "nix-command" "flakes"];
settings.substituters = [
"https://nix-community.cachix.org"
];
binaryCachePublicKeys = [
settings.trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
registry = registry // { dotfiles.flake = inputs.self; };
};
environment.systemPackages = with pkgs; [

View File

@ -7,11 +7,11 @@
]
},
"locked": {
"lastModified": 1641576265,
"narHash": "sha256-G4W39k5hdu2kS13pi/RhyTOySAo7rmrs7yMUZRH0OZI=",
"lastModified": 1652712410,
"narHash": "sha256-hMJ2TqLt0DleEnQFGUHK9sV2aAzJPU8pZeiZoqRozbE=",
"owner": "ryantm",
"repo": "agenix",
"rev": "08b9c96878b2f9974fc8bde048273265ad632357",
"rev": "7e5e58b98c3dcbf497543ff6f22591552ebfe65b",
"type": "github"
},
"original": {
@ -20,29 +20,58 @@
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1641205782,
"narHash": "sha256-4jY7RCWUoZ9cKD8co0/4tFARpWB+57+r1bLLvXNJliY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b7547d3eed6f32d06102ead8991ec52ab0a4f1a7",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1638122382,
"narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
"lastModified": 1631561581,
"narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
"rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1656928814,
"narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"locked": {
"lastModified": 1656928814,
"narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"locked": {
"lastModified": 1656928814,
"narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249",
"type": "github"
},
"original": {
@ -58,43 +87,86 @@
]
},
"locked": {
"lastModified": 1649887911,
"narHash": "sha256-Af0Ppb1RZ7HWuxUvF0/O7h3cy8tqU2eKFyVwyA1ZD+w=",
"lastModified": 1656169755,
"narHash": "sha256-Nlnm4jeQWEGjYrE6hxi/7HYHjBSZ/E0RtjCYifnNsWk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "7244c6715cb8f741f3b3e1220a9279e97b2ed8f5",
"rev": "4a3d01fb53f52ac83194081272795aa4612c2381",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-21.11",
"ref": "release-22.05",
"repo": "home-manager",
"type": "github"
}
},
"libnbtplusplus": {
"flake": false,
"jillo": {
"inputs": {
"mkNodePackage": "mkNodePackage",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1591558203,
"narHash": "sha256-QgvNvaoFflCXEPCCFBCeZvYTpuiwScBG7EosUgFwFNQ=",
"owner": "multimc",
"repo": "libnbtplusplus",
"rev": "dc72a20b7efd304d12af2025223fad07b4b78464",
"lastModified": 1659775351,
"narHash": "sha256-W1vRnGF4+JCr8BSempyaB2rNFlkUAzSR7RjXiF+5GnQ=",
"ref": "main",
"rev": "55476dce96057b62d8ff4ae666a5084c709e06d8",
"revCount": 19,
"type": "git",
"url": "file:///home/oatmealine/jillo"
},
"original": {
"type": "git",
"url": "file:///home/oatmealine/jillo"
}
},
"mkNodePackage": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs",
"npmlock2nix": "npmlock2nix",
"pnpm2nix": "pnpm2nix"
},
"locked": {
"lastModified": 1633790997,
"narHash": "sha256-1mk4EwNkWtTNpeRivZmJTzB+92g07maeFRVUMnnRh1U=",
"owner": "winston0410",
"repo": "mkNodePackage",
"rev": "a7eca5e027c8b260dca4ece7d8dd187f92420611",
"type": "github"
},
"original": {
"owner": "multimc",
"repo": "libnbtplusplus",
"owner": "winston0410",
"repo": "mkNodePackage",
"type": "github"
}
},
"nix-minecraft": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1661267391,
"narHash": "sha256-5u33JsRQCq6Fotjj3/+JbQNmDujLVX8i/82ruFsDbMc=",
"owner": "Infinidoge",
"repo": "nix-minecraft",
"rev": "3442139e21642082000271849abb1209484e8909",
"type": "github"
},
"original": {
"owner": "Infinidoge",
"repo": "nix-minecraft",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1639986101,
"narHash": "sha256-Ow0+pkY7qMw6lMAvR1mEdUT9svJnrkbaRoqp4bkMTpg=",
"lastModified": 1660407119,
"narHash": "sha256-04lWO0pDbhAXFdL4v2VzzwgxrZ5IefKn+TmZPiPeKxg=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "3f92db38374b2977aea8daf4c4fe2fa0eddbd60c",
"rev": "12620020f76b1b5d2b0e6fbbda831ed4f5fe56e1",
"type": "github"
},
"original": {
@ -105,26 +177,43 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1650501692,
"narHash": "sha256-ApKf0/dc0SyB7zZ6yiiOQgcXAhCXxbSDyihHfRDIzx0=",
"owner": "NixOS",
"lastModified": 1633351077,
"narHash": "sha256-z38JG4Bb0GtM1aF1pANVdp1dniMP23Yb3HnRoJRy2uU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9887f024766aa27704d1f89f623efd1d063da92a",
"rev": "14aef06d9b3ad1d07626bdbb16083b83f92dc6c1",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-21.11",
"type": "indirect"
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1661278267,
"narHash": "sha256-eqJH9nHQrFsAGpG7YRfUipAT0mG8ZW0AusI5MeX716s=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1ded9c47d54c1fcd3a9e6a4ed4e2bb65984ca691",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1640139330,
"narHash": "sha256-Nkp3wUOGwtoQ7EH28RLVJ7EqB/e0TU7VcsM7GLy+SdY=",
"lastModified": 1661239211,
"narHash": "sha256-pNJzBlSNpWEiFJZnLF2oETYq8cGWx1DJPW33aMtG6n8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "81cef6b70fb5d5cdba5a0fef3f714c2dadaf0d6d",
"rev": "5e804cd8a27f835a402b22e086e36e797716ef8b",
"type": "github"
},
"original": {
@ -135,11 +224,27 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1641528457,
"narHash": "sha256-FyU9E63n1W7Ql4pMnhW2/rO9OftWZ37pLppn/c1aisY=",
"lastModified": 1659153955,
"narHash": "sha256-BAdA1WBHi/TBSaeyDjsVIqe62r0w/5ZvsaglXivOLLM=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ff377a78794d412a35245e05428c8f95fef3951f",
"rev": "1e5d0fbd82f0f1370c70026d255deda2d9c8a585",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1650161686,
"narHash": "sha256-70ZWAlOQ9nAZ08OU6WY7n4Ij2kOO199dLfNlvO/+pf8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1ffba9f2f683063c2b14c9f4d12c55ad5f4ed887",
"type": "github"
},
"original": {
@ -149,41 +254,83 @@
"type": "github"
}
},
"polymc": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"libnbtplusplus": "libnbtplusplus",
"nixpkgs": "nixpkgs_2",
"quazip": "quazip"
},
"nixpkgs_4": {
"locked": {
"lastModified": 1641930261,
"narHash": "sha256-3RR/rjMFDYoA7qJHXLHdw1sauBCdO9kqMEGUpuxB1Sw=",
"owner": "PolyMC",
"repo": "PolyMC",
"rev": "3b524e99cceb734fa9f2433e3738ce0d185a75aa",
"lastModified": 1661187878,
"narHash": "sha256-/wCqoQB1BsaVi4nb8Iz0PreeBNMTim0p78NLtyWejFE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "52527082ea267fe486f0648582d57c85486b2031",
"type": "github"
},
"original": {
"owner": "PolyMC",
"repo": "PolyMC",
"id": "nixpkgs",
"ref": "nixos-22.05",
"type": "indirect"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1659219666,
"narHash": "sha256-pzYr5fokQPHv7CmUXioOhhzDy/XyWOIXP4LZvv/T7Mk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7b9be38c7250b22d829ab6effdee90d5e40c6e5c",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1659102345,
"narHash": "sha256-Vbzlz254EMZvn28BhpN8JOi5EuKqnHZ3ujFYgFcSGvk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "11b60e4f80d87794a2a4a8a256391b37c59a1ea7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"quazip": {
"npmlock2nix": {
"flake": false,
"locked": {
"lastModified": 1633895098,
"narHash": "sha256-+Of0M2IAoTf1CyC0teCpsyurv6xfqiBo84V49dSeNTA=",
"owner": "multimc",
"repo": "quazip",
"rev": "b1a72ac0bb5a732bf887a535ab75c6f9bedb6b6b",
"lastModified": 1633729941,
"narHash": "sha256-v2YPcEWI1Wz8ErivorubgLcDT06H6YzFT7uhp1ymqnE=",
"owner": "winston0410",
"repo": "npmlock2nix",
"rev": "6ade47a330b6919defb45c0eb984a64234aa8468",
"type": "github"
},
"original": {
"owner": "multimc",
"repo": "quazip",
"owner": "winston0410",
"ref": "issue113",
"repo": "npmlock2nix",
"type": "github"
}
},
"pnpm2nix": {
"flake": false,
"locked": {
"lastModified": 1594396611,
"narHash": "sha256-UXOUQ+2A89/zaxYhTHiRrRBU5exbUWrg+FoJYMcNwuI=",
"owner": "nix-community",
"repo": "pnpm2nix",
"rev": "f67be0925a91b92f54d99dbdead7a06920b979ac",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "master",
"repo": "pnpm2nix",
"type": "github"
}
},
@ -191,10 +338,49 @@
"inputs": {
"agenix": "agenix",
"home-manager": "home-manager",
"jillo": "jillo",
"nix-minecraft": "nix-minecraft",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_4",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-unstable": "nixpkgs-unstable",
"polymc": "polymc"
"watch-party": "watch-party"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1659179790,
"narHash": "sha256-HhCjnO20QbJFJExExiwAslpx0YpB0qpovKejE+HpSQ4=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "cc3c93a28de41ac38b93cdf075a6776c6e42d2a1",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"watch-party": {
"inputs": {
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_5",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1657657296,
"narHash": "sha256-eJnE1a3EiVM2EFhJ7nQvkTyEZ6/fOWYsnb6GYOSfizg=",
"type": "git",
"url": "file:///home/oatmealine/watch-party"
},
"original": {
"type": "git",
"url": "file:///home/oatmealine/watch-party"
}
}
},

View File

@ -2,41 +2,31 @@
description = "Frosted Flakes";
inputs = {
# NixOS unstable
# nixpkgs.url = "nixpkgs/nixos-unstable";
nixpkgs.url = "nixpkgs/nixos-21.11";
nixpkgs.url = "nixpkgs/nixos-22.05";
# WARNING: Where possible, prefer the stable branch of nixpkgs as nixpkgs-unstable may have incompatable or vulnerable software.
nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
# home-manager
# home-manager.url = "github:nix-community/home-manager/master";
home-manager.url = "github:nix-community/home-manager/release-21.11";
# WARNING: The master branch of nixpkgs is unsafe to use and software may break or contain various security vulnerabilities. Use at your own discretion.
nixpkgs-master.url = "github:nixos/nixpkgs/master";
home-manager.url = "github:nix-community/home-manager/release-22.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
# agenix - age-encrypted secrets
agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "nixpkgs";
# nixos-hardware
nixos-hardware.url = "github:nixos/nixos-hardware";
nixos-hardware.inputs.nixpkgs.follows = "nixpkgs";
/*
# fzf-hoogle
fzf-hoogle-vim.url = "github:monkoose/fzf-hoogle.vim";
fzf-hoogle-vim.flake = false;
nix-minecraft.url = "github:Infinidoge/nix-minecraft";
# asyncrun-vim
asyncrun-vim.url = "github:skywind3000/asyncrun.vim";
asyncrun-vim.flake = false;
*/
# blender-30.url = "github:blender/blender/blender-v3.0-release";
# blender-30.flake = false;
polymc.url = "github:PolyMC/PolyMC";
jillo.url = "/home/oatmealine/jillo";
watch-party.url = "/home/oatmealine/watch-party";
};
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, ... }:
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nix-minecraft, ... }:
let
system = "x86_64-linux";
@ -49,16 +39,19 @@
overlays = overlays ++ (lib.attrValues self.overlays);
};
pkgs = mkPkgs nixpkgs [ self.overlay inputs.polymc.overlay.${system} ];
pkgs = mkPkgs nixpkgs [ self.overlay nix-minecraft.overlay ];
in {
packages."${system}" = mapModules ./packages (p: pkgs.callPackage p {});
overlay = final: prev: {
_ = self.packages."${system}";
unstable = mkPkgs nixpkgs-unstable [];
master = mkPkgs nixpkgs-master [];
};
overlays = mapModules ./overlays import;
nixosModules = mapModulesRec ./modules import;
nixosConfigurations = mapModules ./hosts (mkHost system);
nixosConfigurations = mapModules ./hosts (host: mkHost host { inherit system; });
devShell."${system}" = import ./shell.nix { inherit pkgs; };
};
}

View File

@ -1,14 +1,14 @@
{
"aether@subsurface" = {
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4lh7dN9Ohh2/WoGiZ4WlpVb01YPNto/9ungOAk6TH+65wkxMjY4a+1OsO8Znguj46tXVErn8xv2ZVX0K7ql0hzypPkP2Dvvim99tz6FKSf9Nwj6RRtIKPoYkJjtGYAqLJl8JPy50HkFXkDVQ/z4d4iwpneSODIJdkUFSzZR91jz9FX+4t2h+2xtuuRDI43+gHRqvwPP8XaE0srtMzZoQDUBKhwOynoo2vZnyd3O7kkpD9T+jzYEeLKppHdaoYN5UxZ4L0xnig0WFZiBH36/YGXA8gT56FHRw5GKhwWwfSvliEw63/6IxiVZBuM1Mj7syg2Ndhhmmay05QqvyTrdHA9veyzJG5l0HlnCmXe7ss9lVQnxxPfbHbnDZUhH1ax01sQUeTK3Bs3AvbsTLyXBbd4NCY5ovz85MqzM/Q84B1zX1i8KbFEBh0xkumNsPAXzY8ar+tq5rFa23bY9qF4s6CMv++JEXSJJufcf3BS2dBlw0lTGBn7UEO9FHHsU3xKCc= aether@subsurface";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFLDtlpOnQFQq9mPMhR1uQnjrTexcof+c+y+ot/7Jgnt aether@subsurface";
wg = "XEVSwNNPR7RTt/O0ihYmv3nopbPmqkCMGrVRCixnPWw=";
};
"oatmealine@beppy" = {
"oatmealine@void-defragmented" = {
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDbJDo79TD9RV77MnArQwS94wzBo+6l6dYQnaNdPk2xo019+tc7GyuQ+GHyh4qewIUQOwe3Ddj4YxJN9IS3E360/6RdaNDxn3hUp2jh/x9SOjh0W86FJfdHEQViNeFVSXJv+QBZT9ibR9IbOHYezhD6gtz15pNhEqhQyqw2hJuQzxLvnictTc4lPQnWN9I8ga+OVSh7Uauu5OKbUOyRRj1Er/hasNviCaGBJnLDYjSqTDRvEbdYlfuhrYITJ+viZOQq7Nczs6dbsl627FCvhr5vQi+/vvpx9DKHDvpGvbEglOmOwgffSkaOIIx/pNHTsRccX7c3/im6z4pCDj4bEuiqqawv2C6DV0aM01bW8cchOJrmSQGTygTrJuuVPHp4IRIZNvQGS+97j4u+d7ofricLR1RoxJcQibvRA9rhhYI2FhwrAweuuLktjSj5RkQnypd9kjOuH+nhgLZunreNoyPNDCmcOBA7BA0rD2pCIKB9SzlelMjVuvy0PA8uWfNFfxGU+m3BH7lQS/A6V+NeYrMGiZ+u+t9Pgr6kAoR7mAUO+obIdMM/lOp1/zGBY8lk2Aq3GQcyGVNi18VR0uA+NMaJYXA1JzSiPCz7cQn1pKIAKiDEnzicf5MxDHIi5F1iQ/Lc+NftgmDXZEAHDY1bQepScOttaOZQZLpYP/eWwlEQJQ== oatmealine@beppy";
wg = "533BncNpHKzJVx5lwdxBg+aUfLGqea9uUYz70C6wxyg=";
};
"skye@DESKTOP-VB4940J" = {
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGPFAyr1zYL5+/VIUVhT5sIfikhlj37tuTHVSfW/xbHfBqvR/Ga21j2k6HAa6acpHBa3+Ri1DZIjIkzjco447ZP7ahwOF3Ci6Cv9oSXxmw43hUMypfMTLu9+v9sjFJFPg7F39X2ngZzzLxO1/fPMuQm3kK6T3WyVqpNUMaenXhnT2i641lo2tRjs1LeGIk6h3Ermp4V3WQo+exbf+nc1Lqt5Yos/jWn1HnsjxI2N1SQDiT9J+MpNN7wUz4Q57+aDKeXH2oBsnRjNGU90qudwZIdUUJunfVaFXZHuVopLv1DlY1rcjtTP/8P9WcFXsnqb4yiA4uon0fbo7IZISt+ffw+TDjPaDH/8TsfgeT36Dd2mKZ/Z9XdzdWiez4fZxExR9MZcJafxnnw6Bfsfb4sSw52VRE2R65apasDTHTE3toRr7JWDNOg35ULDuGiQMnWhbr1c/0aHOtxoIIjOTtWUAl1LqemAELq/sJhKc/B/ywN1421FCcyivn8meZUII0Ccc= skye@DESKTOP-VB4940J";
wg = "";
"oatmealine@beppy-phone" = {
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJUgEsAQ7EL5/3STLAk/0qWJddYqfBY71yS9RtRSWd3w JuiceSSH";
wg = "qT7gX8beM/kW9AYg5dV1e3cLzLDTLxMO2CmnbFpMVj4=";
};
}

View File

@ -1,12 +1,18 @@
{ pkgs, inputs, lib, ... }:
let
keys = import ./authorizedKeys;
keys = import ./authorizedKeys.nix;
in {
imports = [
./hardware-configuration.nix
inputs.nix-minecraft.nixosModules.minecraft-servers
#inputs.watch-party.nixosModules.watch-party
(fetchTarball "https://github.com/msteen/nixos-vscode-server/tarball/master")
];
# services.auto-fix-vscode-server.enable = true;
services.vscode-server.enable = true;
user = {
packages = with pkgs; [
git
@ -14,27 +20,39 @@ in {
];
};
defaultUsers = {
normalUsers = {
aether = {
packages = [ ];
shell = "fish";
extraGroups = [ "wheel" ];
initialHashedPassword = "!";
openssh.authorizedKeys.keys = [ keys."aether@subsurface".ssh ];
conf = {
packages = with pkgs; [ bat duf broot nftables tmux ];
shell = pkgs.unstable.fish;
extraGroups = [ "wheel" "nix-users" ];
initialHashedPassword = "!";
openssh.authorizedKeys.keys = [ keys."aether@subsurface".ssh ];
};
homeConf.home = {
sessionVariables = {
EDITOR = "nvim";
NIX_REMOTE = "daemon";
};
};
};
oatmealine = {
packages = [ ];
shell = "zsh";
extraGroups = [ "wheel" ];
initialHashedPassword = "!";
openssh.authorizedKeys.keys = [ keys."oatmealine@beppy".shh ];
};
skye = {
packages = [ ];
shell = "fish";
extraGroups = [ "wheel" ];
initialHashedPassword = "!";
openssh.authorizedKeys.keys = [ keys."skye@DESKTOP-VB4940J".shh ];
conf = {
packages = with pkgs; [ bat tmux micro direnv nix-direnv ripgrep ];
shell = pkgs.unstable.fish;
extraGroups = [ "wheel" "nix-users" ];
initialHashedPassword = "!";
openssh.authorizedKeys.keys = [ keys."oatmealine@void-defragmented".ssh keys."oatmealine@beppy-phone".ssh ];
};
homeConf.home = {
sessionVariables = {
EDITOR = "micro";
NIX_REMOTE = "daemon";
};
};
};
};
@ -44,41 +62,220 @@ in {
};
modules = {
# theme.active = "still";
shell.zsh.enable = true;
shell.fish.enable = true;
security = {
isLocalMachine = false;
};
desktop = {
editors = {
neovim.enable = true;
};
};
dev = {
security.isLocalMachine = false;
editors.neovim.enable = true;
remote = {
enable = true;
keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAoV7ymOtfC8SYvv31/GGso8DoHKE/KOfoEZ0hjmYtaQg7dyi5ijfDikLZUux8aWivvRofa7SqyaK0Ea+s9KuTX/dreJKz/RKG+QHLjw6U0FSoJ765q56pUy0j0TZoVy4PjSb38of56urg1UmHkK13WQXrvjwdHUjAcVx6PurHAxsbmxhYkJO9Jmvr8CB+PZFKIHjewkgBWkBxD97WFNwDfmBmvh1F5xRn8WhgT+2DVdQ2coN4Eqwc4NWzBUSfrro0gARsJsUvQxdx8f1kJDQKy2lQWCnlgRiD+pK5ocf1wCZfJMs0NQ6xqCZDKDJTcyGNLWH/L57Pg5U5t7BWRTTPmQ== yugoslavia"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCX2uRTaL1Nu4KzsSJSVc7R2yCIa4Mw3KuJAMluQO746eXBFeTmRN6Pqc+H0Rpz9nkQ/fB8tYl70FfrYy4suM0QCY1IDbPWaUBmLQYCt6nzCfFY8PTpLoJmeQW3jzG7VqSjjl+uG2KLQqPtzxmvukIJRovhrKcUnPzw4tU4BLy2uGWgJN9sGofWczmtxdijADyOYtasVIr6/Hca5IwMCldbqQ9B1k+VIE87Kv2k5n+LVRVMsVHaVSubIMYZFbZFDW2/oRVg2ainewO0e9XPbtBREVraPnuf7s4uBByk4goQfLhz3B6L4JLbYYijw25+SmeJcesDxJUIIKMCuZChNcyb aura@LAPTOP-MEN8UH6Q"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRI9sGl0EmOkNNnh8SgRq197gkEy3XEwKZjLIr27V9PfaVOLIAcZiGcOa5q7rc5FjcCtkQ9+/twE24bZpxkK0ygrRJBEdT+HGAUmpY/kRPEn/tqjmwNu43vQqOhNSYmAAzdjJ4AuRPK5st8QQyOzKv5Pnghwy8xPAjOM3o4n9ULMLjVvAu0eTmCJMKxEvz5FUEIVZtEid/ng46k/bJ/njSh8vyGBQV4fJei6M9Ovw0HPqqzWyV/e0c3hTClG4dfLCK3Qv3hLhXQ+8I9iaL7D2wZdr3F2lbg0vS/QctPZc28f1gpkFEzVflEzAk4aFwJMMflY04IG1Dr44IfM1gJbpj rsa-key-20220423"
keys."oatmealine@void-defragmented".ssh
keys."oatmealine@beppy-phone".ssh
];
packages = with pkgs; [ tmux ];
shell = pkgs.unstable.fish;
};
services = {
ssh.enable = true;
ssh = {
enable = true;
requirePassword = false;
};
postgres.enable = true;
nextcloud = {
enable = true;
domain = "cloud.aether.gay";
};
gitea = {
enable = true;
site = "git.oat.zone";
domain = "git.oat.zone";
port = 3000;
};
matrix.conduit = {
enable = false;
domain = "matrix.aether.gay";
};
minecraft = {
enable = true;
servers = {
"dark-firepit" = {
enable = true;
autoStart = true;
openFirewall = true;
serverProperties = {
server-port = 25565;
gamemode = 0;
motd = "dark-firepit, 1.19.2 Fabric";
white-list = true;
max-players = 8;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
level-type = "terra:overworld/overworld";
snooper-enabled = false;
spawn-protection = 0;
};
whitelist = {
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
RustyMyHabibi = "e20305fa-a44c-44c9-b62e-6918e7c779d6";
Dj_Afganistan = "1f879917-1ad4-49c3-9908-90769ee73f85";
DumbDogDoodles = "d33e5e3b-85ab-4c93-a61b-605e2673fbe8";
SuneFoxie = "82e82ef9-ea17-4794-9051-928b5b8629c1";
FuzziestRedMoth = "21e1adf8-93f7-4173-a087-b3a9c02edec5";
};
package = pkgs.minecraftServers.fabric-1_19_2;
jvmOpts = "-Xmx6G";
};
};
};
wireguard = {
enable = true;
server = true;
externalInterface = "eno1";
interfaces."wg0" = import ./wireguardInterface.nix;
};
webapps = lib.mkMerge (import ./webapps);
vaultwarden = {
enable = true;
domain = "vault.aether.gay";
};
jillo = {
enable = false;
dataDir = "/var/lib/jillo";
};
# not entirely necessary but makes it so that invalid domains and/or direct ip access aborts connection
# prevents other domains from "stealing" content by settings their dns to our ip
# this has happened before by the way on the vps. i have no clue how or why
# update: also optimizes gzip and tls stuff
nginx-config = {
enable = true;
};
staticSites = {
"aether.gay".dataDir = "/var/www/aether.gay";
"dark-firepit.oat.zone".dataDir = "/var/www/dark-firepit.oat.zone";
"va11halla.oat.zone".dataDir = "/var/www/va11halla.oat.zone";
"giger.yugoslavia.fishing".dataDir = "/var/www/giger.yugoslavia.fishing";
"modfiles.oat.zone".dataDir = "/var/www/modfiles.oat.zone";
"shop.yugoslavia.best".dataDir = "/var/www/shop.yugoslavia.best";
"tesco-underground-dev.oat.zone".dataDir = "/var/www/tesco-underground-dev.oat.zone";
"tesco-underground-dev.oat.zone".auth = { tesco = "Jn2DVTM7yVZtRKKyz3b2Tjj7Ss8vpuLB"; };
"oat.zone".dataDir = "/var/www/oat.zone";
"oat.zone".php = true;
"yugoslavia.fishing".dataDir = "/var/www/yugoslavia.fishing";
"yugoslavia.fishing".php = true;
};
nitter = {
enable = true;
lightweight = false; # enable if shit gets wild; check config for more info
port = 3005;
domain = "nitter.oat.zone";
};
#watch-party = {
# enable = true;
# port = 1984;
#};
terraria = {
enable = false;
port = 7777; # port-forwarded
messageOfTheDay = "hi";
openFirewall = true;
worldPath = "/var/lib/terraria/gbj.wld";
autoCreatedWorldSize = "large";
dataDir = "/var/lib/terraria";
};
matomo = {
enable = true;
};
isso = {
enable = true;
port = 1995;
};
yugoslavia-best = {
enable = true;
domain = "yugoslavia.best";
};
};
};
services.nginx.virtualHosts."oat.zone" = {
locations."/f/".extraConfig = ''
add_header Access-Control-Allow-Origin "*";
'';
};
security.doas = {
extraRules = [
{ users = [ "aether" "oatmealine" "skye" ]; noPass = false; keepEnv = true; }
{ users = [ "aether" ]; noPass = false; persist = true; keepEnv = true; }
{ users = [ "oatmealine" ]; noPass = true; persist = false; keepEnv = true; }
];
};
time.timeZone = "Europe/Amsterdam";
# If you uncomment this, I will uncomment the spores in your body
# mmm spores ymmnu.uyyy.., :)
networking.useDHCP = false;
networking = {
# for docs, start here
# https://nixos.org/manual/nixos/stable/options.html#opt-networking.enableB43Firmware
enableIPv6 = true; # true by default, but better safe than sorry
interfaces.eno1.ipv4.addresses = [
{ address = "51.89.98.8";
prefixLength = 24;
}
];
defaultGateway = "51.89.98.254";
nameservers = [ "8.8.8.8" "1.1.1.1" ];
interfaces.eno1.ipv6.addresses = [
{ address = "2001:41d0:0700:3308::";
prefixLength = 64;
}
];
defaultGateway6 = {
address = "2001:41d0:0700:33ff:00ff:00ff:00ff:00ff";
# address = "33ff::1";
# address = "2001::1";
interface = "eno1";
};
/*
dhcpcd.persistent = true;
dhcpcd.extraConfig = ''
clientid d0:50:99:d4:04:68:d0:50:99:d4:04:68
noipv6rs
interface eno1
ia_pd 1/2001:41d0:700:3308::/56 eno1
static ip6_address=2001:41d0:700:3308::1/56
'';
*/
firewall.allowPing = true;
# minecraft proximity voice chat
firewall.allowedTCPPorts = [ 24454 ];
firewall.allowedUDPPorts = [ 24454 ];
};
# environment.etc."dhcpcd.duid".text = "d0:50:99:d4:04:68:d0:50:99:d4:04:68";
}

View File

@ -19,6 +19,9 @@
};
};
nix.settings.cores = 3;
nix.settings.max-jobs = 6;
modules.hardware.fs = {
enable = true;
ssd.enable = true;

View File

@ -1 +1,6 @@
{}
let
keys = import ../authorizedKeys.nix;
"subsurface.aether" = keys."aether@subsurface".ssh;
in
{}

View File

@ -1,2 +1,3 @@
[
]
{
# "git.oat.zone" = import ./git-oat-zone;
}

View File

@ -0,0 +1,6 @@
{
locations."/" = {
proxy_cache = "simple_cache";
proxy_pass = "http://localhost:3000";
};
}

View File

@ -0,0 +1,2 @@
{
}

View File

@ -6,7 +6,7 @@ let
in {
ips = [ "10.100.0.1/24" ];
privateKeyFile = readFile "/etc/wg0.keys/wg0";
privateKeyFile = "/etc/wg0.keys/wg0";
listenPort = 51820;
@ -15,3 +15,4 @@ in {
allowedIPs = [ "10.100.0.${toString (n+2)}/32" ];
}) (length (attrValues peerKeys));
}

View File

@ -1,20 +0,0 @@
# Lib
The `default.nix` defines a lib extended with a `_` attribute under which mine
custom lib functions live. The `default.nix` loads every `.nix` file in the
`libs` (current) directory and imports it.
The importing is quite simple:
1. First the `libsInFolder` reads the contents of the `libs` directory, filters
out non `.nix` files and the `default.nix` file and then returns a list of
paths to the individual `.nix` files it found.
2. This list gets passed to `importLibs` which imports the libraries and
merges the individual imported attribute sets together, so that all the
functions are available directly under one attribute set.
3. This attribute then gets bind to the `_` attribute in the `lib` extension.
Individual `.nix` files can use the functions defined in other local library
files normally using the `nix._.someFunctionName`.
## Overview
TODO

View File

@ -1,129 +0,0 @@
{ lib, ... }:
let
inherit (builtins) elemAt listToAttrs substring;
inherit (lib) concatStringsSep fixedWidthString nameValuePair
stringToCharacters sublist toInt toUpper zipListsWith;
inherit (lib._) joinWithSep;
in rec {
/* Converts a hex color string to RGB triplet, an array of exactly 3 elements
Type:
toRGB :: String -> [Int]
Example:
toRGB "ffFFff"
=> [ 255 255 255 ]
*/
toRGB = hex: let
chars = stringToCharacters hex;
r = sublist 0 2 chars;
g = sublist 2 2 chars;
b = sublist 4 2 chars;
/* Converts a pair of characters (array of two strings, each of one char
long) in hexadecimal to a number. Expects a valid hexadecimal string.
Type:
hexPairToNum :: [String] -> Int
Example:
hexPairToNum [ "F" "1" ]
=> 241
*/
hexPairToNum = pair: let
c1 = elemAt pair 0; c2 = elemAt pair 1;
hexMapping = {
"A" = 10;
"B" = 11;
"C" = 12;
"D" = 13;
"E" = 14;
"F" = 15;
};
toNum = c: if hexMapping ? ${toUpper c} then hexMapping.${toUpper c} else toInt c;
in 16 * (toNum c1) + (toNum c2);
in [
(hexPairToNum r)
(hexPairToNum g)
(hexPairToNum b)
];
/* Both hexColor and rgbColor accept a color in 6 char long hexadecimal
representation. Their variants hexColor' and rgbaColor accept an
additional parameter opacity specified as an int in range from 0 to 100.
*/
/* Type:
hexColor :: String -> String
Example:
hexColor "FECACA"
=> "#FECACA"
*/
hexColor = color: "#" + color;
/* Type:
hexColor' :: String -> Int -> String
Example:
hexColor' "FECACA" 54
=> "#FECACA54"
*/
hexColor' = color: opacity: "#" + color + toString opacity;
_rgbColor = color: extra: "(" + (joinWithSep ((toRGB color) ++ extra) ", ") + ")";
/* Type:
rgbColor :: String -> String
Example:
rgbColor "FFFFFF"
=> "rgb(255, 255, 255)"
*/
rgbColor = color: "rgb" + _rgbColor color [];
/* Type:
rgbaColor :: String -> Int -> String
Example:
rgbaColor "FFFFFF" 42
=> "rgba(255, 255, 255, 0.42)"
*/
rgbaColor = color: _opacity: let
opacityStr = fixedWidthString 3 "0" (toString _opacity);
opacity = substring 0 1 opacityStr + "." + substring 1 2 opacityStr;
in "rgba" + _rgbColor color [opacity];
/* colors defines a color palette according to the Tailwind colors:
https://tailwindcss.com/docs/customizing-colors#color-palette-reference
Each individual color has 10 variants, for example to access the variant
700 of color red following notation is used: colors.red._700
The _ in front of the variant is there because numbers cannot be
used as keys.
*/
colors = let
scaleDef = [ 50 100 200 300 400 500 600 700 800 900 ];
scale = s: listToAttrs (zipListsWith (variant: color: nameValuePair "_${toString variant}" color) scaleDef s);
in rec {
# Default palette
coolGray = scale [ "F9FAFB" "F3F4F6" "E5E7EB" "D1D5DB" "9CA3AF" "6B7280" "4B5563" "374151" "1F2937" "111827" ];
red = scale [ "FEF2F2" "FEE2E2" "FECACA" "FCA5A5" "F87171" "EF4444" "DC2626" "B91C1C" "991B1B" "7F1D1D" ];
amber = scale [ "FFFBEB" "FEF3C7" "FDE68A" "FCD34D" "FBBF24" "F59E0B" "D97706" "B45309" "92400E" "78350F" ];
emerald = scale [ "ECFDF5" "D1FAE5" "A7F3D0" "6EE7B7" "34D399" "10B981" "059669" "047857" "065F46" "064E3B" ];
blue = scale [ "EFF6FF" "DBEAFE" "BFDBFE" "93C5FD" "60A5FA" "3B82F6" "2563EB" "1D4ED8" "1E40AF" "1E3A8A" ];
indigo = scale [ "EEF2FF" "E0E7FF" "C7D2FE" "A5B4FC" "818CF8" "6366F1" "4F46E5" "4338CA" "3730A3" "312E81" ];
violet = scale [ "F5F3FF" "EDE9FE" "DDD6FE" "C4B5FD" "A78BFA" "8B5CF6" "7C3AED" "6D28D9" "5B21B6" "4C1D95" ];
pink = scale [ "FDF2F8" "FCE7F3" "FBCFE8" "F9A8D4" "F472B6" "EC4899" "DB2777" "BE185D" "9D174D" "831843" ];
# Extra
blueGray = scale [ "F8FAFC" "F1F5F9" "E2E8F0" "CBD5E1" "94A3B8" "64748B" "475569" "334155" "1E293B" "0F172A" ];
# Aliases
gray = coolGray;
yellow = amber;
green = emerald;
purple = violet;
};
}

View File

@ -1,25 +1,12 @@
# _ _ _
# | (_) |__
# | | | '_ \
# | | | |_) |
# |_|_|_.__/
#
{ inputs, lib, pkgs, ... }:
lib.extend (lib: super:
lib.extend (self: super:
let
inherit (builtins) attrNames map readDir;
inherit (lib) filterAttrs foldr hasSuffix;
inherit (lib) attrValues foldr;
inherit (modules) mapModules;
importLib = file: import file { inherit inputs lib pkgs; };
merge = foldr (a: b: a // b) {};
importLibs = libs: merge (map importLib libs);
isLib = name: type: type == "regular" && name != "default.nix" && hasSuffix ".nix" name;
libPath = name: "${toString ./.}/${name}";
libsInFolder = map libPath (attrNames (filterAttrs isLib (readDir ./.)));
modules = import ./modules.nix { inherit lib; };
in {
_ = importLibs libsInFolder;
_ = foldr (a: b: a // b) {} (attrValues (mapModules ./. (file: import file { inherit pkgs inputs; lib = self; })));
}
)

View File

@ -1,29 +1,27 @@
{ lib, ... }:
let
inherit (builtins) attrValues pathExists readDir;
inherit (lib) filterAttrs hasSuffix mapAttrs' mkDefault mkOption
nameValuePair nixosSystem removeSuffix types;
inherit (lib._) mapFilterAttrs attrValuesRec;
inherit (builtins) attrValues readDir pathExists;
inherit (lib) id filterAttrs hasPrefix hasSuffix nameValuePair removeSuffix mapAttrs' trace fix fold isAttrs;
in rec {
mapModules' = dir: fn: dirfn:
mapFilterAttrs
(_: v: v != null)
(name: type:
let
path = "${toString dir}/${name}";
in
if type == "directory" then
nameValuePair name (dirfn path)
else if type == "regular" && name != "default.nix" && hasSuffix ".nix" name then
# else if type == "regular" && hasSuffix ".nix" name then
nameValuePair (removeSuffix ".nix" name) (fn path)
else
nameValuePair "" null
)
(readDir dir);
filterAttrs
(name: type: type != null && !(hasPrefix "_" name))
(mapAttrs'
(name: type:
let path = "${toString dir}/${name}"; in
if type == "directory"
then nameValuePair name (dirfn path)
else if
type == "regular" &&
name != "default.nix" &&
hasSuffix ".nix" name
then nameValuePair (removeSuffix ".nix" name) (fn path)
else nameValuePair "" null
)
(readDir dir));
mapModules = dir: fn: mapModules' dir fn (path: if pathExists "${path}/default.nix" then (fn path) else null);
mapModules = dir: fn: mapModules' dir fn (path: if pathExists "${path}/default.nix" then fn path else null);
mapModulesRec = dir: fn: mapModules' dir fn (path: mapModulesRec path fn);
mapModulesRec' = dir: fn: attrValuesRec (mapModulesRec dir fn);
mapModulesRec' = dir: fn: fix (f: attrs: fold (x: xs: (if isAttrs x then f x else [x]) ++ xs) [] (attrValues attrs)) (mapModulesRec dir fn);
}

View File

@ -1,18 +1,20 @@
{ inputs, lib, pkgs, ... }:
let
inherit (lib) mkDefault nixosSystem;
in {
mkHost = system: path:
with lib;
{
mkHost = path: attrs@{ system, ... }:
nixosSystem {
inherit system;
specialArgs = { inherit lib inputs system; };
modules = [
{
nixpkgs.pkgs = pkgs;
networking.hostName = mkDefault (baseNameOf path);
networking.hostName = mkDefault (removeSuffix ".nix" (baseNameOf path));
}
(filterAttrs (n: v: !elem n [ "system" ]) attrs)
../.
(import path)