Compare commits
1 Commits
Author | SHA1 | Date |
---|---|---|
Aether | 468d77619d |
16
README.md
16
README.md
|
@ -1,23 +1,23 @@
|
|||
# Frosted Flakes
|
||||
|
||||
Nix Flake dotfiles shared across a [few hosts](./hosts/). Most development here will go into the [`lucent-firepit`](https://dark-firepit.cloud/) host, however.
|
||||
Nix Flake dotfiles shared across a [few hosts](./hosts/). Most development here will go into the [`dark-firepit`](https://dark-firepit.cloud/) host, however.
|
||||
|
||||
## Development
|
||||
|
||||
_Commands here will use `lucent-firepit`-based paths and names as an example_
|
||||
_Commands here will use `dark-firepit`-based paths and names as an example_
|
||||
|
||||
- To build the system (doesn't apply changes):
|
||||
```sh
|
||||
nixos-rebuild build --upgrade --impure --flake /etc/dotfiles#lucent-firepit
|
||||
nixos-rebuild build --upgrade --impure --flake /etc/dotfiles#dark-firepit
|
||||
```
|
||||
- To build & switch to a new system (applies changes):
|
||||
```sh
|
||||
doas nixos-rebuild switch --impure --upgrade --flake /etc/dotfiles#lucent-firepit
|
||||
doas nixos-rebuild switch --impure --upgrade --flake /etc/dotfiles#dark-firepit
|
||||
```
|
||||
|
||||
### `lucent-firepit`
|
||||
### `dark-firepit`
|
||||
|
||||
Things here mostly only apply to the [`lucent-firepit`](https://dark-firepit.cloud/) host.
|
||||
Things here mostly only apply to the [`dark-firepit`](https://dark-firepit.cloud/) host.
|
||||
|
||||
#### Adding modules
|
||||
|
||||
|
@ -26,7 +26,7 @@ Generally when adding modules (even those pulled from `nixpkgs`) you'd want to:
|
|||
1. Create a new module under `modules/services/`; `gitea.nix` and `nitter.nix` are pretty okay examples of what to do
|
||||
2. **`git add .`** or else Nix will act clueless about everything you've just done
|
||||
3. Set it to enabled, set port, domain, etc. in `hosts/.../default.nix` or wherever else is more appropriate
|
||||
- For webapps, follow what's done in `hosts/lucent-firepit/webapps/default.nix`; if you're doing something bigger, it may be worth abstracting into a seperate file
|
||||
- For webapps, follow what's done in `hosts/dark-firepit/webapps/default.nix`; if you're doing something bigger, it may be worth abstracting into a seperate file
|
||||
4. Rebuild/switch to the new system (as described [above](#development))
|
||||
|
||||
#### `yugoslavia-best.nix`
|
||||
|
@ -43,4 +43,4 @@ This can be done directly on the server (as long as you have the `dotfiles` grou
|
|||
|
||||
If you encounter permission funnies, don't hesitate to `doas` your way into `chmod`dding/`chown`ing files as necessary; directories should be `775` and files should be `664`, however we've yet to figure out how to consistently enforce this across the directory.
|
||||
|
||||
Be sure to commit regularly to prevent [tons of](https://git.oat.zone/dark-firepit/dotfiles/commit/021fab40f7f815708d4cf918ec0ac0bd16c0bc8f) [densely packed](https://git.oat.zone/dark-firepit/dotfiles/commit/07f9ac6a9ee53f6689a5f8ee87b94b96a409c375) [undocumented commits](https://git.oat.zone/dark-firepit/dotfiles/commit/9da0a143ae392ec7f8abc731e8c245f29b55e685) building up after noone bothers to commit anything.
|
||||
Be sure to commit regularly to prevent [tons of](https://git.oat.zone/dark-firepit/dotfiles/commit/021fab40f7f815708d4cf918ec0ac0bd16c0bc8f) [densely packed](https://git.oat.zone/dark-firepit/dotfiles/commit/07f9ac6a9ee53f6689a5f8ee87b94b96a409c375) [undocumented commits](https://git.oat.zone/dark-firepit/dotfiles/commit/9da0a143ae392ec7f8abc731e8c245f29b55e685) building up after noone bothers to commit anything.
|
|
@ -7,8 +7,8 @@ PASSWORD_CHECK_PWN = true
|
|||
DEFAULT_BRANCH = "main"
|
||||
|
||||
[ui]
|
||||
DEFAULT_THEME = "forgejo-auto"
|
||||
THEMES="forgejo-auto,forgejo-light,forgejo-dark"
|
||||
DEFAULT_THEME = "arc-pink"
|
||||
THEMES="auto,gitea,arc-green,arc-pink,arc-pink-modern,darkred,gitea-blue,gitea-modern,github"
|
||||
CUSTOM_EMOJIS = "blurry_eyes,horny,acab,tastymilk,gluttony,soul_of_fright,soul_of_night,soul_of_blight,bottom,spongesad,Tainted_John_F_Kennedy,John_F_Kennedy_Tainted,John_F_Kennedy,plumspin,despair,ihaveyourip,peeeh,penis,twister,speed,deadchat,housj,dothejej,b_,trollgecommence,nervous,coffee,dilf,closer,slugclose,pls,x3,observer,zamiel_approves,i_see_pizza,cutely_blushes,babytime,sleeby,zonkerdoodle,whenyoubigshit,the_cowboy,stupib,soul_of_might,scripulous_fingore_point,scripulous_fingore,rusty50,pickle,orang,oralpleasure,ohgod,michael,i_see_chicory,he,hapykity,handsr,handsl,slugloafspin,gamer_boi,feddynite,cock,feddy_glamcock,face,entropy,elonmusk,eeeeeeeeee,child,ancapistanian,aiki,gloopy,lamb,YOU,slightYOU,citat,ionn,eede,ed,blank,michael,BABAXD,BABA,EyesPepe,spamdance,pickledance,BABA_IS_OO,wieldr,wieldl,cinnamon,jillo,she,hydrogenperoxide,ObedientCitizen,misinformation,maenod,Snowsgiving22_AnimatedEmojis_mal"
|
||||
|
||||
[mailer]
|
724
flake.lock
724
flake.lock
|
@ -1,229 +1,22 @@
|
|||
{
|
||||
"nodes": {
|
||||
"agenix": {
|
||||
"inputs": {
|
||||
"darwin": "darwin",
|
||||
"home-manager": "home-manager",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1707830867,
|
||||
"narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"cohost-blogger": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1692493363,
|
||||
"narHash": "sha256-Y/nefO52W64AtXdEGFVMMBwXw+3m1SswOaO7Dq8b5UA=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "5fd335bbf5026e81e9dd3b4dacc13e93eb980112",
|
||||
"revCount": 21,
|
||||
"type": "git",
|
||||
"url": "https://git.oat.zone/oat/cohost-blogger"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.oat.zone/oat/cohost-blogger"
|
||||
}
|
||||
},
|
||||
"darwin": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"agenix",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1700795494,
|
||||
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "lnl7",
|
||||
"ref": "master",
|
||||
"repo": "nix-darwin",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"emacs-overlay": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_2",
|
||||
"nixpkgs": "nixpkgs_3",
|
||||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1708679224,
|
||||
"narHash": "sha256-V66NAQSTakocPST2GYv4SKK+ALBg3sgCNq0jIOpNkpc=",
|
||||
"owner": "nix-community",
|
||||
"repo": "emacs-overlay",
|
||||
"rev": "841abef01afbd293aa80130bcbd811e4102d5770",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "emacs-overlay",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1673956053,
|
||||
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1681202837,
|
||||
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"inputs": {
|
||||
"systems": "systems_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1705309234,
|
||||
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_3": {
|
||||
"inputs": {
|
||||
"systems": "systems_5"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1681202837,
|
||||
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_4": {
|
||||
"inputs": {
|
||||
"systems": "systems_6"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1705309234,
|
||||
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_5": {
|
||||
"inputs": {
|
||||
"systems": "systems_7"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1681202837,
|
||||
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"agenix",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703113217,
|
||||
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
|
||||
"lastModified": 1667907331,
|
||||
"narHash": "sha256-bHkAwkYlBjkupPUFcQjimNS8gxWSWjOTevEuwdnp5m0=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
|
||||
"rev": "6639e3a837fc5deb6f99554072789724997bc8e5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home-manager_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1706981411,
|
||||
"narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "652fda4ca6dafeb090943422c34ae9145787af37",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-23.11",
|
||||
"ref": "release-22.05",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -231,18 +24,18 @@
|
|||
"hyprland": {
|
||||
"inputs": {
|
||||
"hyprland-protocols": "hyprland-protocols",
|
||||
"hyprlang": "hyprlang",
|
||||
"nixpkgs": "nixpkgs_5",
|
||||
"systems": "systems_4",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"wlroots": "wlroots",
|
||||
"xdph": "xdph"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1708650152,
|
||||
"narHash": "sha256-OZUS5FED7KKAPpNaJYQr4BPGXQzGrDFgkKVg9U2aZh8=",
|
||||
"lastModified": 1674296335,
|
||||
"narHash": "sha256-jUvjOqKGuEk1XfZNPXU3hcPtIJKkSNzwUm5yN1EFYZA=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "Hyprland",
|
||||
"rev": "8c3613632a6ccebf9fb797ec756ecfce99514eec",
|
||||
"rev": "fcbfd193930dd146b141531a9cf5301d55f26907",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -256,18 +49,14 @@
|
|||
"nixpkgs": [
|
||||
"hyprland",
|
||||
"nixpkgs"
|
||||
],
|
||||
"systems": [
|
||||
"hyprland",
|
||||
"systems"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1691753796,
|
||||
"narHash": "sha256-zOEwiWoXk3j3+EoF3ySUJmberFewWlagvewDRuWYAso=",
|
||||
"lastModified": 1671839510,
|
||||
"narHash": "sha256-+PY1qqJfmZzzROgcIY4I7AkCwpnC+qBIYk2eFoA9RWc=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprland-protocols",
|
||||
"rev": "0c2ce70625cb30aef199cb388f99e19a61a6ce03",
|
||||
"rev": "b8f55e02a328c47ed373133c52483bbfa20a1b75",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -276,78 +65,18 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"hyprlang": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"hyprland",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1708005943,
|
||||
"narHash": "sha256-9TT3xk++LI5/SPYgjYX34xZ4ebR93c1uerIq+SE/ues=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprlang",
|
||||
"rev": "aeb3e012adc7b3235335c540b214b82267c2b983",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprlang",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"hyprlang_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"hyprland",
|
||||
"xdph",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704287638,
|
||||
"narHash": "sha256-TuRXJGwtK440AXQNl5eiqmQqY4LZ/9+z/R7xC0ie3iA=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprlang",
|
||||
"rev": "6624f2bb66d4d27975766e81f77174adbe58ec97",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprlang",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"hyprlang_3": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_6"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704230242,
|
||||
"narHash": "sha256-S8DM+frECqmAdaUb3y5n3RjY73ajZcL5rnmx5YO+CkY=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprlang",
|
||||
"rev": "db5e1399b90d5a339330bdd49c5bca6fe58d6f60",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprlang",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"hyprpaper": {
|
||||
"inputs": {
|
||||
"hyprlang": "hyprlang_3",
|
||||
"nixpkgs": "nixpkgs_7"
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1708532919,
|
||||
"narHash": "sha256-G4PX7NlRLIlBYTDisbWx/Sif01SLSVzLThGU6v6Wrgg=",
|
||||
"lastModified": 1673799209,
|
||||
"narHash": "sha256-GMRM1IyIuDEzjEw5E4zWI/TCg3zWs65v86NuR+BAtW0=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprpaper",
|
||||
"rev": "897cf0ae26c7c54ce15c4946efe63970be75dadb",
|
||||
"rev": "f77a664e9d168fb7b332ede9db4a3e35a46dd6c5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -358,14 +87,16 @@
|
|||
},
|
||||
"hyprpicker": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_8"
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703987863,
|
||||
"narHash": "sha256-MHhAk74uk0qHVwSkLCcXLXMe4478M2oZEFPXwjSoo2E=",
|
||||
"lastModified": 1673270158,
|
||||
"narHash": "sha256-22VKnL4PT3CSy0IErOkL1U85jq8sXmI7VPhcPtRYSko=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprpicker",
|
||||
"rev": "2ef703474fb96e97e03e66e8820f213359f29382",
|
||||
"rev": "fe4535a27389624445b96450a7c338136c619c95",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -374,33 +105,13 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-minecraft": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-utils": "flake-utils_3",
|
||||
"nixpkgs": "nixpkgs_9"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1708650820,
|
||||
"narHash": "sha256-O6nq8oHT4iPrWuBoKH0/9B7QC91N/zPnns8QYxPJniY=",
|
||||
"owner": "Infinidoge",
|
||||
"repo": "nix-minecraft",
|
||||
"rev": "fe3753b7025fd7f3a302be698a0896e70ea24450",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "Infinidoge",
|
||||
"repo": "nix-minecraft",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1708594753,
|
||||
"narHash": "sha256-c/gH7iXS/IYH9NrFOT+aJqTq+iEBkvAkpWuUHGU3+f0=",
|
||||
"lastModified": 1673803274,
|
||||
"narHash": "sha256-zaJDlHFXewT4KUsidMpRcPE+REymGH1Y3Eoc3Pjv4Xs=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "3f7d0bca003eac1a1a7f4659bbab9c8f8c2a0958",
|
||||
"rev": "7bd6b87b3712e68007823e8dd5c37ee9b114fee3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -411,43 +122,26 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1703013332,
|
||||
"narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
|
||||
"lastModified": 1674211260,
|
||||
"narHash": "sha256-xU6Rv9sgnwaWK7tgCPadV6HhI2Y/fl4lKxJoG2+m9qs=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
|
||||
"rev": "5ed481943351e9fd354aeb557679624224de38d5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1708566995,
|
||||
"narHash": "sha256-e/THimsoxxMAHSbwMKov5f5Yg+utTj6XVGEo24Lhx+0=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "3cb4ae6689d2aa3f363516234572613b31212b78",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-23.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1708475490,
|
||||
"narHash": "sha256-g1v0TsWBQPX97ziznfJdWhgMyMGtoBFs102xSYO4syU=",
|
||||
"lastModified": 1674211260,
|
||||
"narHash": "sha256-xU6Rv9sgnwaWK7tgCPadV6HhI2Y/fl4lKxJoG2+m9qs=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0e74ca98a74bc7270d28838369593635a5db3260",
|
||||
"rev": "5ed481943351e9fd354aeb557679624224de38d5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -456,355 +150,32 @@
|
|||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_10": {
|
||||
"locked": {
|
||||
"lastModified": 1708566995,
|
||||
"narHash": "sha256-e/THimsoxxMAHSbwMKov5f5Yg+utTj6XVGEo24Lhx+0=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "3cb4ae6689d2aa3f363516234572613b31212b78",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-23.11",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_11": {
|
||||
"locked": {
|
||||
"lastModified": 1706826059,
|
||||
"narHash": "sha256-N69Oab+cbt3flLvYv8fYnEHlBsWwdKciNZHUbynVEOA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "25e3d4c0d3591c99929b1ec07883177f6ea70c9d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-23.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_12": {
|
||||
"locked": {
|
||||
"lastModified": 1682134069,
|
||||
"narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "fd901ef4bf93499374c5af385b2943f5801c0833",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1685533922,
|
||||
"narHash": "sha256-y4FCQpYafMQ42l1V+NUrMel9RtFtZo59PzdzflKR/lo=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "3a70dd92993182f8e514700ccf5b1ae9fc8a3b8d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-23.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1708475490,
|
||||
"narHash": "sha256-g1v0TsWBQPX97ziznfJdWhgMyMGtoBFs102xSYO4syU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0e74ca98a74bc7270d28838369593635a5db3260",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_4": {
|
||||
"locked": {
|
||||
"lastModified": 1705331948,
|
||||
"narHash": "sha256-qjQXfvrAT1/RKDFAMdl8Hw3m4tLVvMCc8fMqzJv0pP4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "b8dd8be3c790215716e7c12b247f45ca525867e2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-23.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_5": {
|
||||
"locked": {
|
||||
"lastModified": 1707546158,
|
||||
"narHash": "sha256-nYYJTpzfPMDxI8mzhQsYjIUX+grorqjKEU9Np6Xwy/0=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "d934204a0f8d9198e1e4515dd6fec76a139c87f0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_6": {
|
||||
"locked": {
|
||||
"lastModified": 1702645756,
|
||||
"narHash": "sha256-qKI6OR3TYJYQB3Q8mAZ+DG4o/BR9ptcv9UnRV2hzljc=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "40c3c94c241286dd2243ea34d3aef8a488f9e4d0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_7": {
|
||||
"locked": {
|
||||
"lastModified": 1703637592,
|
||||
"narHash": "sha256-8MXjxU0RfFfzl57Zy3OfXCITS0qWDNLzlBAdwxGZwfY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "cfc3698c31b1fb9cdcf10f36c9643460264d0ca8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_8": {
|
||||
"locked": {
|
||||
"lastModified": 1683014792,
|
||||
"narHash": "sha256-6Va9iVtmmsw4raBc3QKvQT2KT/NGRWlvUlJj46zN8B8=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "1a411f23ba299db155a5b45d5e145b85a7aafc42",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_9": {
|
||||
"locked": {
|
||||
"lastModified": 1698318101,
|
||||
"narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "63678e9f3d3afecfeafa0acead6239cdb447574c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nlw-api": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_4",
|
||||
"nixpkgs": "nixpkgs_11"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1708639350,
|
||||
"narHash": "sha256-g7LL658p4deIme0fPq+WceTNGigXcN6uPNrVraZN3RY=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "704581d013b9d16fda5dc8e30d448b358c4e127d",
|
||||
"revCount": 23,
|
||||
"type": "git",
|
||||
"url": "https://git.oat.zone/oat/nlw-api"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.oat.zone/oat/nlw-api"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"agenix": "agenix",
|
||||
"cohost-blogger": "cohost-blogger",
|
||||
"emacs-overlay": "emacs-overlay",
|
||||
"home-manager": "home-manager_2",
|
||||
"home-manager": "home-manager",
|
||||
"hyprland": "hyprland",
|
||||
"hyprpaper": "hyprpaper",
|
||||
"hyprpicker": "hyprpicker",
|
||||
"nix-minecraft": "nix-minecraft",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixpkgs": "nixpkgs_10",
|
||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||
"nlw-api": "nlw-api",
|
||||
"vscode-server": "vscode-server"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_2": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_3": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_4": {
|
||||
"locked": {
|
||||
"lastModified": 1689347949,
|
||||
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default-linux",
|
||||
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default-linux",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_5": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_6": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_7": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"vscode-server": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_5",
|
||||
"nixpkgs": "nixpkgs_12"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1684517665,
|
||||
"narHash": "sha256-SaAr66uCQ8CF75jIr23FZjk1+9Kfwm5sQnwV25206Gs=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixos-vscode-server",
|
||||
"rev": "1e1358493df6529d4c7bc4cc3066f76fd16d4ae6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "nixos-vscode-server",
|
||||
"type": "github"
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-unstable": "nixpkgs-unstable"
|
||||
}
|
||||
},
|
||||
"wlroots": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"host": "gitlab.freedesktop.org",
|
||||
"lastModified": 1708558866,
|
||||
"narHash": "sha256-Mz6hCtommq7RQfcPnxLINigO4RYSNt23HeJHC6mVmWI=",
|
||||
"lastModified": 1672824257,
|
||||
"narHash": "sha256-SbYoZj57VlopTzI+OSW9jlgYxN1gI1KLg/s/HV+87eE=",
|
||||
"owner": "wlroots",
|
||||
"repo": "wlroots",
|
||||
"rev": "0cb091f1a2d345f37d2ee445f4ffd04f7f4ec9e5",
|
||||
"rev": "5f264a7d6c8af27d41ff440c05262b022c055593",
|
||||
"type": "gitlab"
|
||||
},
|
||||
"original": {
|
||||
"host": "gitlab.freedesktop.org",
|
||||
"owner": "wlroots",
|
||||
"repo": "wlroots",
|
||||
"rev": "0cb091f1a2d345f37d2ee445f4ffd04f7f4ec9e5",
|
||||
"type": "gitlab"
|
||||
}
|
||||
},
|
||||
|
@ -814,22 +185,17 @@
|
|||
"hyprland",
|
||||
"hyprland-protocols"
|
||||
],
|
||||
"hyprlang": "hyprlang_2",
|
||||
"nixpkgs": [
|
||||
"hyprland",
|
||||
"nixpkgs"
|
||||
],
|
||||
"systems": [
|
||||
"hyprland",
|
||||
"systems"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1706521509,
|
||||
"narHash": "sha256-AInZ50acOJ3wzUwGzNr1TmxGTMx+8j6oSTzz4E7Vbp8=",
|
||||
"lastModified": 1673116118,
|
||||
"narHash": "sha256-eR0yDSkR2XYMesfdRWJs25kAdXET2mbNNHu5t+KUcKA=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "xdg-desktop-portal-hyprland",
|
||||
"rev": "c06fd88b3da492b8f9067be021b9184f7012b5a8",
|
||||
"rev": "d479c846531fd0e1d2357c9588b8310a2b859ef2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
46
flake.nix
46
flake.nix
|
@ -2,63 +2,39 @@
|
|||
description = "Frosted Flakes";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "nixpkgs/nixos-23.11";
|
||||
nixpkgs.url = "nixpkgs/nixos-unstable";
|
||||
|
||||
# WARNING: Where possible, prefer the stable branch of nixpkgs as nixpkgs-unstable may have incompatable or vulnerable software.
|
||||
nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
|
||||
|
||||
home-manager.url = "github:nix-community/home-manager/release-23.11";
|
||||
#home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
# agenix - age-encrypted secrets
|
||||
agenix = {
|
||||
url = "github:ryantm/agenix";
|
||||
#inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
home-manager.url = "github:nix-community/home-manager/release-22.05";
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
nixos-hardware = {
|
||||
url = "github:nixos/nixos-hardware";
|
||||
#inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
nix-minecraft = {
|
||||
url = "github:Infinidoge/nix-minecraft";
|
||||
#inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
cohost-blogger = {
|
||||
url = "git+https://git.oat.zone/oat/cohost-blogger";
|
||||
#inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
nlw-api.url = "git+https://git.oat.zone/oat/nlw-api";
|
||||
|
||||
emacs-overlay = {
|
||||
url = "github:nix-community/emacs-overlay";
|
||||
#inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
hyprland = {
|
||||
url = "github:hyprwm/Hyprland";
|
||||
#inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
hyprpaper = {
|
||||
url = "github:hyprwm/hyprpaper";
|
||||
#inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
hyprpicker = {
|
||||
url = "github:hyprwm/hyprpicker";
|
||||
#inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
vscode-server.url = "github:nix-community/nixos-vscode-server";
|
||||
};
|
||||
|
||||
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, nix-minecraft, /* hyprland, hyprpaper, hyprpicker, */ ... }:
|
||||
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, hyprland, hyprpaper, hyprpicker, ... }:
|
||||
let
|
||||
system = "x86_64-linux";
|
||||
system = "aarch64-linux";
|
||||
|
||||
lib = import ./lib { inherit pkgs inputs; lib = nixpkgs.lib; };
|
||||
inherit (lib._) mapModules mapModulesRec mkHost;
|
||||
|
@ -69,7 +45,7 @@
|
|||
overlays = overlays ++ (lib.attrValues self.overlays);
|
||||
};
|
||||
|
||||
pkgs = mkPkgs nixpkgs [ self.overlay nix-minecraft.overlay ];
|
||||
pkgs = mkPkgs nixpkgs [ self.overlay ];
|
||||
in {
|
||||
packages."${system}" = mapModules ./packages (p: pkgs.callPackage p {});
|
||||
overlay = final: prev: {
|
||||
|
@ -78,7 +54,7 @@
|
|||
};
|
||||
overlays = mapModules ./overlays import;
|
||||
nixosModules = (mapModulesRec ./modules import) ++ [
|
||||
#hyprland.nixosModules.default
|
||||
hyprland.nixosModules.default
|
||||
];
|
||||
nixosConfigurations = mapModules ./hosts (host: mkHost host { inherit system; });
|
||||
devShell."${system}" = import ./shell.nix { inherit pkgs; };
|
||||
|
|
|
@ -1,52 +1,33 @@
|
|||
[
|
||||
# Aether
|
||||
{ hostname = "aether@subsurface";
|
||||
{
|
||||
hostname = "aether@subsurface";
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFLDtlpOnQFQq9mPMhR1uQnjrTexcof+c+y+ot/7Jgnt aether@subsurface";
|
||||
wg = "XEVSwNNPR7RTt/O0ihYmv3nopbPmqkCMGrVRCixnPWw=";
|
||||
}
|
||||
{ hostname = "aether@Aethers-Mini.station";
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINmy7rPZky0M8p5+d9smUnSTjG25CIsQPYibKsBxgvdw aether@Aethers-Mini.station";
|
||||
}
|
||||
{ hostname = "aether@phone";
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP5LPWVgsFAH9XErXGZB+lzwb/+7EiEb6eatNWoJag5i JuiceSSH";
|
||||
}
|
||||
|
||||
# oatmealine
|
||||
{ hostname = "oatmealine@void-defragmented";
|
||||
{
|
||||
hostname = "oatmealine@void-defragmented";
|
||||
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDbJDo79TD9RV77MnArQwS94wzBo+6l6dYQnaNdPk2xo019+tc7GyuQ+GHyh4qewIUQOwe3Ddj4YxJN9IS3E360/6RdaNDxn3hUp2jh/x9SOjh0W86FJfdHEQViNeFVSXJv+QBZT9ibR9IbOHYezhD6gtz15pNhEqhQyqw2hJuQzxLvnictTc4lPQnWN9I8ga+OVSh7Uauu5OKbUOyRRj1Er/hasNviCaGBJnLDYjSqTDRvEbdYlfuhrYITJ+viZOQq7Nczs6dbsl627FCvhr5vQi+/vvpx9DKHDvpGvbEglOmOwgffSkaOIIx/pNHTsRccX7c3/im6z4pCDj4bEuiqqawv2C6DV0aM01bW8cchOJrmSQGTygTrJuuVPHp4IRIZNvQGS+97j4u+d7ofricLR1RoxJcQibvRA9rhhYI2FhwrAweuuLktjSj5RkQnypd9kjOuH+nhgLZunreNoyPNDCmcOBA7BA0rD2pCIKB9SzlelMjVuvy0PA8uWfNFfxGU+m3BH7lQS/A6V+NeYrMGiZ+u+t9Pgr6kAoR7mAUO+obIdMM/lOp1/zGBY8lk2Aq3GQcyGVNi18VR0uA+NMaJYXA1JzSiPCz7cQn1pKIAKiDEnzicf5MxDHIi5F1iQ/Lc+NftgmDXZEAHDY1bQepScOttaOZQZLpYP/eWwlEQJQ== oatmealine@beppy";
|
||||
wg = "533BncNpHKzJVx5lwdxBg+aUfLGqea9uUYz70C6wxyg=";
|
||||
}
|
||||
{ hostname = "oatmealine@beppy-phone";
|
||||
{
|
||||
hostname = "oatmealine@beppy-phone";
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJUgEsAQ7EL5/3STLAk/0qWJddYqfBY71yS9RtRSWd3w JuiceSSH";
|
||||
wg = "ubIo/l7llVx8HDIqcBPebPsneCBunZUM6cQS7SaXn2Y=";
|
||||
wg = "qT7gX8beM/kW9AYg5dV1e3cLzLDTLxMO2CmnbFpMVj4=";
|
||||
}
|
||||
{ hostname = "oatmealine@dark-firepit";
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKz3Zkhrht1EX32LIbkSvql1p15EXqxTy/4xQKlj0CUx oatmealine@disroot.org";
|
||||
}
|
||||
{ hostname = "oatmealine@boykisser";
|
||||
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDhgwhNQuM+iozuHk4OH+s5xS7U93W6hVtkpgF6arKPsWM6CUIUCyOwpNnGGH/HpBlFwYf4jN+NapVZ3bL8YHLUDayNO6uTfLLNvtaGeE65U/S0xGXhTyE0+bn7KWBFUlbO8CdjuBGGym0JVa0SMH4ppFBNJVR4HCe9fC83fD0T7gDZc5koApgxZfCyCu3bE03ulhRc5P8cKnTZAG0pVqK0doOIO7ociCbh4HhjTC83xRbfI9tlf52Y3xo14odpQhfXsPNNqxP0FzkC3zAOyT7iyrpQk1bgSLx/GzWh0KkljjJYGdMiiY6cVBxVYxjgrG7vDh/h3xMwBEhue4L9jmD4K4Eb5RZTxMyK83eHcomqZYigZjFKJ75TKdL17HbKgFGmfs9P0VhZUDUMp5Xm1yTVJqm6cQEhot1mT0F8FRYDiEadjw6vFZqz5dPzh2FRXsectNf60AiPRqF5HbitntgYvsLKZWAViOojbBc9gdQutu2AyuivteTEVG6Uq/LwE70= oatmealine@boykisser";
|
||||
wg = "MPZLxzy+rvDvgZiaCwWjb+5hhhvWC3PH6cWLDv1Ga0U=";
|
||||
}
|
||||
{ hostname = "oatmealine@seven-red-suns";
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVBLBD/JrGFMvPNiiX/QFixSWXyGjDT6vDHVWg9cE5D oatmealine@seven-red-suns";
|
||||
wg = "HQfsS+DUdgmDvliIv7yNnf4T9Q3YIN9ObSXhrNuQUi8=";
|
||||
}
|
||||
|
||||
# mayflower
|
||||
{ hostname = "mayflower@BMW-M550d-xDrive";
|
||||
{
|
||||
hostname = "mayflower@BMW-M550d-xDrive"; # car 5
|
||||
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCIeoFll8XBRwu6vbQHUj4LNbvRvLMTdqUP1su9hGxow8olGKIZf/nINkt+/B5w4UumLFnOOROIWVhSH/04oxGVCWdk29ibPo3yYJIAoQrqOXYWCrGpMDd0z2n/0CwyXRAqmQ4rubnUZtnlabYCLh0eWMu9ZRSsSrQ+MiaUHES/vv1MxlLWHoEGfhLzoq7SyIsK88Mirgu9lSeHd/+2JybkQ9kNEWTxnzUPKwOMT0zLGo7vNLmfPhJ1WilQoV4F8skDbbgFNRuLO13ZDn6W2jqZ+zjf3H9khzPivG+oaKfHLMDD/zCwHM3rm3JyJzX7GF9EV73AqbNkzzsf54vKhYRT";
|
||||
}
|
||||
{ hostname = "swag@BMW-M550d-xDrive";
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC1fJn2ZY9fhBr4E1Gc91uRWS5r+EZ4OHy3RmuAjx7kr swag@BMW-M550d-xDrive";
|
||||
{
|
||||
hostname = "aether@phone";
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP5LPWVgsFAH9XErXGZB+lzwb/+7EiEb6eatNWoJag5i JuiceSSH";
|
||||
}
|
||||
|
||||
# winter
|
||||
{ hostname = "lilith@bms-cab";
|
||||
{
|
||||
hostname = "lilith@bms-cab";
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFb9uVy1x4XaO1uFOQBuERy6xw8cf7Dh24UT0jJs7g3z lilith@bms-cab";
|
||||
}
|
||||
|
||||
# marco
|
||||
{ hostname = "marco@the-flesh-portal";
|
||||
wg = "mttUSatpYdEOmHqnzo7HdhuvTkMpz1Np8kMtsIz6nTY=";
|
||||
{
|
||||
hostname = "swag@BMW-M550d-xDrive"; # mayflower 2
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC1fJn2ZY9fhBr4E1Gc91uRWS5r+EZ4OHy3RmuAjx7kr swag@BMW-M550d-xDrive";
|
||||
}
|
||||
]
|
|
@ -4,23 +4,20 @@ let
|
|||
keys = import ./authorizedKeys.nix;
|
||||
fetchSSH = (host: lib._.getSSH host keys);
|
||||
fetchSSHKeys = map fetchSSH;
|
||||
|
||||
agenixPkg = inputs.agenix.packages.${pkgs.system}.default;
|
||||
in {
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./minecraft
|
||||
./minecraft.nix
|
||||
./srb2k.nix
|
||||
./yugoslavia-best.nix
|
||||
./webapps/default.nix
|
||||
inputs.nix-minecraft.nixosModules.minecraft-servers
|
||||
#inputs.watch-party.nixosModules.watch-party
|
||||
inputs.cohost-blogger.nixosModules.cohost-blogger
|
||||
inputs.nlw-api.nixosModules.nlw-api
|
||||
inputs.vscode-server.nixosModules.default
|
||||
(fetchTarball "https://github.com/msteen/nixos-vscode-server/tarball/master")
|
||||
];
|
||||
|
||||
services.vscode-server.enable = true;
|
||||
# services.auto-fix-vscode-server.enable = true;
|
||||
# services.vscode-server.enable = true;
|
||||
|
||||
user = {
|
||||
packages = with pkgs; [
|
||||
|
@ -29,8 +26,6 @@ in {
|
|||
];
|
||||
};
|
||||
|
||||
services.logrotate.checkConfig = false;
|
||||
|
||||
users.groups.dotfiles = {};
|
||||
users.groups.yugoslavia = {};
|
||||
|
||||
|
@ -38,20 +33,19 @@ in {
|
|||
# aether??? is that... reference.../.??? aether https://www.curseforge.com/minecraft/mc-mods/aether mod Curseforge minecraft Forge Patreon Chat twitter code license Assets license All rights reserved categories Last Updated apr 17 2021 Game Version 1.12.2 aether
|
||||
aether = {
|
||||
conf = {
|
||||
packages = with pkgs; [ bat duf broot helix nil packwiz ];
|
||||
packages = with pkgs; [ bat duf broot nftables tmux bottom writefreely helix ];
|
||||
shell = pkgs.unstable.fish;
|
||||
extraGroups = [ "wheel" "nix-users" "dotfiles" ];
|
||||
initialHashedPassword = "!";
|
||||
openssh.authorizedKeys.keys = fetchSSHKeys [
|
||||
"aether@subsurface"
|
||||
"aether@phone"
|
||||
"aether@Aethers-Mini.station"
|
||||
];
|
||||
};
|
||||
|
||||
homeConf.home = {
|
||||
sessionVariables = {
|
||||
EDITOR = "hx";
|
||||
EDITOR = "nvim";
|
||||
NIX_REMOTE = "daemon";
|
||||
};
|
||||
};
|
||||
|
@ -60,27 +54,24 @@ in {
|
|||
# oatmealine ?? is that a reference to jill oatmealine monoids from the beloved videogame franchise "oateamelin jill monoids???" .oat. zone??? from va11hall-a??? video game???? woman????? minecraft???????
|
||||
oatmealine = {
|
||||
conf = {
|
||||
packages = with pkgs; [ bat tmux micro direnv nix-direnv ripgrep agenixPkg ];
|
||||
packages = with pkgs; [ bat tmux micro direnv nix-direnv ripgrep ];
|
||||
shell = pkgs.unstable.fish;
|
||||
extraGroups = [ "wheel" "nix-users" "dotfiles" "yugoslavia" ];
|
||||
initialHashedPassword = "!";
|
||||
openssh.authorizedKeys.keys = fetchSSHKeys [
|
||||
"oatmealine@void-defragmented"
|
||||
"oatmealine@beppy-phone"
|
||||
"oatmealine@boykisser"
|
||||
"oatmealine@seven-red-suns"
|
||||
];
|
||||
};
|
||||
|
||||
homeConf.home = {
|
||||
sessionVariables = {
|
||||
#EDITOR = lib.trace (lib.readFile age.secrets.huge-furry-cock.path) "micro";
|
||||
EDITOR = "micro";
|
||||
NIX_REMOTE = "daemon";
|
||||
};
|
||||
};
|
||||
};
|
||||
# i yearn for the day this name ceases to mean
|
||||
|
||||
mayflower = {
|
||||
conf = {
|
||||
packages = with pkgs; [ micro tmux ];
|
||||
|
@ -101,17 +92,17 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
#winter = {
|
||||
# conf = {
|
||||
# packages = with pkgs; [ micro ];
|
||||
# shell = pkgs.unstable.fish;
|
||||
# extraGroups = [ "wheel" "nix-users" "dotfiles" ];
|
||||
# initialHashedPassword = "!";
|
||||
# openssh.authorizedKeys.keys = fetchSSHKeys [
|
||||
# "lilith@bms-cab"
|
||||
# ];
|
||||
# };
|
||||
#};
|
||||
winter = {
|
||||
conf = {
|
||||
packages = with pkgs; [ micro ];
|
||||
shell = pkgs.unstable.fish;
|
||||
extraGroups = [ "wheel" "nix-users" "dotfiles" ];
|
||||
initialHashedPassword = "!";
|
||||
openssh.authorizedKeys.keys = fetchSSHKeys [
|
||||
"lilith@bms-cab"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
keyboard = {
|
||||
|
@ -119,6 +110,8 @@ in {
|
|||
variant = "qwerty";
|
||||
};
|
||||
|
||||
services.vscode-server.enable = true;
|
||||
|
||||
modules = {
|
||||
shell.fish.enable = true;
|
||||
security.isLocalMachine = false;
|
||||
|
@ -131,10 +124,8 @@ in {
|
|||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRI9sGl0EmOkNNnh8SgRq197gkEy3XEwKZjLIr27V9PfaVOLIAcZiGcOa5q7rc5FjcCtkQ9+/twE24bZpxkK0ygrRJBEdT+HGAUmpY/kRPEn/tqjmwNu43vQqOhNSYmAAzdjJ4AuRPK5st8QQyOzKv5Pnghwy8xPAjOM3o4n9ULMLjVvAu0eTmCJMKxEvz5FUEIVZtEid/ng46k/bJ/njSh8vyGBQV4fJei6M9Ovw0HPqqzWyV/e0c3hTClG4dfLCK3Qv3hLhXQ+8I9iaL7D2wZdr3F2lbg0vS/QctPZc28f1gpkFEzVflEzAk4aFwJMMflY04IG1Dr44IfM1gJbpj rsa-key-20220423"
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCL75/Pg5bP7LaXE6uPyyv8QDRivWJC6YcH6oJJztkjqL6g+0xPPiN6I54q/bNF4nHA2BHVUktKUU9bGDEOpYIRq7kegp2/K/+FNTM1Kz6rJSrSc8e0Ogxg8vhD6maxqLU8q+D1OMhBu0UiWUB+GxXmeYfBtXPjpcE+AaJ80BPs7vwiulHPGn7UAcRuP36Z+3JJiN2BQnU2aizXWsgyU575Uy3DVvAt7eHon+SoJiTCs2//5KexJ42U6ZiE6f/oTFdiud70lpxhGgiiFvj6M9RZ0aLoxspiskW45jKLXIMJ+mO6husg9GfvCchbps3YkmH0hZ24Ii1EiFhi5HZMY0Lt mayflower"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHrlqH2OShvXdzq1sV5IDuWQzeC9OHBVvwj0+Y0XXwi7 mayflower-thinkpad"
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCBKMXTLBJ5iIPiO9jiN+AHWxpgG1kcdI0h23+G1FLMnK+xhkmaP9Vjr9QbqQ4mmRqfGERfJW5H2/OvTEUXnrkAp1Jc8oPrc14/auwKivtbMC5tsWzioDMbcAYKrcP37D3Kw1P7nzSyAz3QsRXBRx26OE5NeTo4YfGl/TOkQnoBCDTt8kcziWEvUVeOgnHf3hnszs2H4P6RAyOqjuOH6BWhtbKsCHThTHaAadLgeH5nB1WXLYqG2N1KEzAhj8WBBzPmeZcMMRr5xkqYVj14cd+9syEaenV+wXapoPyDtOb6YtOKArN9RkT0OOqQk17OzxvGqHUEXQ4eGmNgc8BLsGJn rsa-key-20230402"
|
||||
#fetchSSH "oatmealine@void-defragmented"
|
||||
#fetchSSH "oatmealine@beppy-phone"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAIphRdy+g7zfj+KxfONoD24lzk+/mGhQ0EnOe8QGf8 oatmealine@disroot.org" # gh actions
|
||||
];
|
||||
packages = with pkgs; [ tmux micro ];
|
||||
shell = pkgs.unstable.fish;
|
||||
|
@ -158,9 +149,9 @@ in {
|
|||
interfaces."wg0" = import ./wireguardInterface.nix;
|
||||
};
|
||||
|
||||
dendrite = {
|
||||
enable = true;
|
||||
hostDomain = "dark-firepit.cloud";
|
||||
jillo = {
|
||||
enable = false;
|
||||
dataDir = "/var/lib/jillo";
|
||||
};
|
||||
|
||||
terraria = {
|
||||
|
@ -172,74 +163,13 @@ in {
|
|||
autoCreatedWorldSize = "large";
|
||||
dataDir = "/var/lib/terraria";
|
||||
};
|
||||
|
||||
nextcloud = {
|
||||
enable = false;
|
||||
domain = "nextcloud.dark-firepit.cloud";
|
||||
};
|
||||
|
||||
jmusicbot = let
|
||||
baseOptions = {
|
||||
owner = 276416332894044160;
|
||||
game = "Listening to your heartbeat :heart";
|
||||
status = "ONLINE";
|
||||
songinstatus = true;
|
||||
|
||||
success = "<:observer:1004408859831586907>";
|
||||
warning = "<:slugclose:1000202980403974144>";
|
||||
error = "🚫!!!!! 🚫🚫🚫 >:((((";
|
||||
loading = "<:handsl:966010145698086993><:handsr:966010145886830692>";
|
||||
searching = "<:scripulous_fingore_point:1012777703323222087><:scripulous_fingore:1012777704455667754>";
|
||||
|
||||
npimages = true;
|
||||
stayinchannel = true;
|
||||
updatealerts = false;
|
||||
|
||||
aliases = {
|
||||
nowplaying = [ "np" "current" ];
|
||||
play = [ "p" ];
|
||||
queue = [ "list" "q" ];
|
||||
remove = [ "delete" "d" ];
|
||||
skip = [ "s" ];
|
||||
forceskip = [ "fs" ];
|
||||
movetrack = [ "move" "m" ];
|
||||
};
|
||||
|
||||
queuetype = "REGULAR";
|
||||
};
|
||||
in {
|
||||
enable = true;
|
||||
instances = {
|
||||
"jomble" = {
|
||||
enable = true;
|
||||
package = pkgs._.gmusicbot;
|
||||
|
||||
options = baseOptions // {
|
||||
token = lib.removeSuffix "\n" (builtins.readFile /etc/jomble_token);
|
||||
prefix = ";";
|
||||
};
|
||||
};
|
||||
"jillo" = {
|
||||
enable = true;
|
||||
package = pkgs._.gmusicbot;
|
||||
|
||||
options = baseOptions // {
|
||||
token = lib.removeSuffix "\n" (builtins.readFile /etc/jillo_token);
|
||||
prefix = ":";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
programs.fish.enable = true;
|
||||
|
||||
security.doas = {
|
||||
extraRules = [
|
||||
{ users = [ "aether" ]; noPass = false; persist = true; keepEnv = true; }
|
||||
{ users = [ "oatmealine" ]; noPass = true; persist = false; keepEnv = true; }
|
||||
{ users = [ "remote" ]; noPass = true; persist = false; keepEnv = true; }
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -254,37 +184,38 @@ in {
|
|||
# https://nixos.org/manual/nixos/stable/options.html#opt-networking.enableB43Firmware
|
||||
|
||||
# temporarily disabled
|
||||
# enableIPv6 = true;
|
||||
enableIPv6 = false;
|
||||
|
||||
usePredictableInterfaceNames = false;
|
||||
interfaces.eth0 = {
|
||||
ipv4.addresses = [{
|
||||
address = "46.4.96.113";
|
||||
# prefixLength = 27;
|
||||
interfaces.eno1.ipv4.addresses = [
|
||||
{ address = "51.89.98.8";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
}
|
||||
];
|
||||
|
||||
/*
|
||||
ipv6.addresses = [{
|
||||
address = "2a01:4f8:140::1";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
*/
|
||||
};
|
||||
|
||||
defaultGateway = "46.4.96.97";
|
||||
/*
|
||||
defaultGateway6 = {
|
||||
address = "fe80::1";
|
||||
interface = "eth0";
|
||||
};
|
||||
*/
|
||||
defaultGateway = "51.89.98.254";
|
||||
nameservers = [ "8.8.8.8" "1.1.1.1" ];
|
||||
|
||||
#interfaces.eno1.ipv6.addresses = [
|
||||
# { address = "2001:41d0:0700:3308::";
|
||||
# prefixLength = 64;
|
||||
# }
|
||||
#
|
||||
# { address = "2001:41d0:0700:33ff::";
|
||||
# prefixLength = 64;
|
||||
# }
|
||||
#];
|
||||
|
||||
#defaultGateway6 = {
|
||||
# address = "2001:41d0:0700:33ff:00ff:00ff:00ff:00ff";
|
||||
# address = "33ff::1";
|
||||
# address = "2001::1";
|
||||
# interface = "eno1";
|
||||
#};
|
||||
|
||||
firewall.allowPing = true;
|
||||
# minecraft proximity voice chat
|
||||
firewall.allowedTCPPorts = [ 24454 24464 25567 25577 4499 21025 21027 ];
|
||||
firewall.allowedUDPPorts = [ 24454 24464 25567 25577 4499 21025 21027 ];
|
||||
firewall.allowedTCPPorts = [ 24454 25567 4499 ];
|
||||
firewall.allowedUDPPorts = [ 24454 25567 4499 ];
|
||||
};
|
||||
|
||||
# environment.etc."dhcpcd.duid".text = "d0:50:99:d4:04:68:d0:50:99:d4:04:68";
|
|
@ -9,12 +9,12 @@
|
|||
initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
|
||||
initrd.kernelModules = [ ];
|
||||
kernelPackages = pkgs.linuxPackages_hardened;
|
||||
kernelModules = [ "kvm-amd" ];
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
loader = {
|
||||
# and them squiggles steady shifting in the wind
|
||||
grub.enable = lib.mkForce false;
|
||||
|
||||
systemd-boot.enable = true;
|
||||
systemd-boot = {
|
||||
enable = true;
|
||||
configurationLimit = 10;
|
||||
};
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
};
|
||||
|
@ -29,10 +29,7 @@
|
|||
# i don't know of a cleaner way to do this, and i
|
||||
# don't want to deal with ghost any longer than i
|
||||
# already have, so This Will Do
|
||||
#
|
||||
# edit: ghost is now dead! we're going back to true.
|
||||
# rest in piss ghost, you will be forgotten
|
||||
nix.settings.sandbox = true;
|
||||
nix.settings.sandbox = false;
|
||||
|
||||
modules.hardware.fs = {
|
||||
enable = true;
|
||||
|
@ -42,25 +39,21 @@
|
|||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/disk/by-uuid/2fb43a32-d7c2-4ed1-97c6-4588d731a132";
|
||||
device = "/dev/disk/by-uuid/819f03bb-73d2-4ae1-9fd2-01099e8efae6";
|
||||
fsType = "xfs";
|
||||
options = [
|
||||
"noatime"
|
||||
"nodiratime"
|
||||
"discard"
|
||||
];
|
||||
};
|
||||
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-uuid/7192-FE7C";
|
||||
device = "/dev/disk/by-uuid/D018-F9AF";
|
||||
fsType = "vfat";
|
||||
};
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
swapDevices = [
|
||||
{ device = "/dev/disk/by-uuid/01ba93e4-71e3-404d-9549-351e22130185"; }
|
||||
{ device = "/dev/disk/by-uuid/dee63218-1666-4035-8d63-b9e0e0b2cd28"; }
|
||||
];
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
|
@ -0,0 +1,113 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
in {
|
||||
config = {
|
||||
modules.services.minecraft = {
|
||||
enable = true;
|
||||
servers = {
|
||||
"dark-firepit" = {
|
||||
enable = false;
|
||||
#autoStart = false;
|
||||
openFirewall = true;
|
||||
serverProperties = {
|
||||
server-port = 25565;
|
||||
gamemode = 0;
|
||||
motd = "dark-firepit, 1.19.2 Fabric";
|
||||
white-list = true;
|
||||
max-players = 8;
|
||||
allow-flight = true;
|
||||
enable-command-block = true;
|
||||
enforce-secure-profile = false;
|
||||
level-type = "terra:overworld/overworld";
|
||||
snooper-enabled = false;
|
||||
spawn-protection = 0;
|
||||
};
|
||||
whitelist = {
|
||||
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
|
||||
RustyMyHabibi = "e20305fa-a44c-44c9-b62e-6918e7c779d6";
|
||||
Dj_Afganistan = "1f879917-1ad4-49c3-9908-90769ee73f85";
|
||||
DumbDogDoodles = "d33e5e3b-85ab-4c93-a61b-605e2673fbe8";
|
||||
SuneFoxie = "82e82ef9-ea17-4794-9051-928b5b8629c1";
|
||||
FuzziestRedMoth = "21e1adf8-93f7-4173-a087-b3a9c02edec5";
|
||||
};
|
||||
package = pkgs.minecraftServers.fabric-1_19_2;
|
||||
jvmOpts = "-Xmx6G";
|
||||
};
|
||||
"n3ko-test" = {
|
||||
enable = true;
|
||||
autoStart = true;
|
||||
openFirewall = true;
|
||||
serverProperties = {
|
||||
server-port = 25595;
|
||||
gamemode = 1;
|
||||
motd = "N3KO SMP Testing server";
|
||||
white-list = true;
|
||||
max-players = 8;
|
||||
allow-flight = true;
|
||||
enable-command-block = true;
|
||||
enforce-secure-profile = false;
|
||||
#level-type = "terra:overworld/overworld";
|
||||
snooper-enabled = false;
|
||||
spawn-protection = 0;
|
||||
};
|
||||
whitelist = {
|
||||
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
|
||||
Cardboxneko = "3d406152-008c-4ec9-bf49-44c883baca6d";
|
||||
};
|
||||
package = pkgs.fabricServers.fabric-1_18_2;
|
||||
jvmOpts = "-Xmx4G";
|
||||
};
|
||||
"gbj" = {
|
||||
enable = true;
|
||||
autoStart = true;
|
||||
openFirewall = true;
|
||||
serverProperties = {
|
||||
server-port = 25585;
|
||||
gamemode = 0;
|
||||
motd = "gay baby jail";
|
||||
max-players = 16;
|
||||
allow-flight = true;
|
||||
enable-command-block = true;
|
||||
enforce-secure-profile = false;
|
||||
snooper-enabled = false;
|
||||
spawn-protection = 0;
|
||||
level-type = "terra:overworld/overworld";
|
||||
white-list = true;
|
||||
view-distance = 32;
|
||||
};
|
||||
whitelist = {
|
||||
UnderSunandSky = "b788f46e-50a2-4af3-a668-15ae393c59d8";
|
||||
PianoBoyBenini = "042d6cef-6194-46b4-9bfc-87b3c4cdf94a";
|
||||
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
|
||||
Starblazerz128 = "d45eb172-8360-42fd-a185-ab2197b71f9a";
|
||||
Chevreau = "b594ba84-f10c-42ff-83a6-8046f90ad0b8";
|
||||
Yarn01 = "40fee73f-d4b3-47c6-adf7-fe7c717a1f55";
|
||||
"1C3doggo" = "48c3a077-9e3b-47a6-b17b-4ed0b1bc33b2";
|
||||
CosmicCats = "32148b79-12a8-48f1-b158-3c97c45e39e5";
|
||||
m3bo = "6e33434c-1ec0-4c69-9dad-b32b1197496e";
|
||||
SomewhatSyl = "d8bac1ef-27d5-4c94-a9e7-e2d079edef22";
|
||||
Nightmare_Tank = "92840daa-823e-4b8e-9741-be296147e823";
|
||||
JDavisBro = "e8529c4b-701e-46c5-a8d7-0dfb0e0b642d";
|
||||
Ironic_queen = "443fe20d-77e0-4a4a-8bb7-a4b9ad654550";
|
||||
azurehaiku = "fd7aba33-4307-4eba-aa63-70bc3e38a2d7";
|
||||
TryHardGamerTV = "8273b84d-a687-49fb-98de-a3e626e26c3b";
|
||||
"_AtlasFox_" = "0ce1bbe0-ea57-463c-8df3-4c046dc6eff2";
|
||||
};
|
||||
package = pkgs.minecraftServers.fabric-1_19_2;
|
||||
jvmOpts = "-Xmx4G";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.minecraft-server-dark-firepit.serviceConfig = {
|
||||
# packwiz workaround
|
||||
# https://github.com/Infinidoge/nix-minecraft/issues/12#issuecomment-1235999072
|
||||
# TODO: this doesn't work!!! it just goes "error code 1" and refuses to elaborate
|
||||
#ExecStartPre = [
|
||||
# ''cd "/srv/minecraft/dark-firepit"; nix-shell -p adoptopenjdk-hotspot-bin-16 --run "java -jar /srv/minecraft/dark-firepit/packwiz-installer-bootstrap.jar -g 'https://dark-firepit.oat.zone/Fire Pit 1.19.2/pack.toml'"''
|
||||
#];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,6 @@
|
|||
let
|
||||
keys = import ../authorizedKeys.nix;
|
||||
|
||||
"subsurface.aether" = keys."aether@subsurface".ssh;
|
||||
in
|
||||
{}
|
|
@ -4,28 +4,6 @@ with lib;
|
|||
let
|
||||
in {
|
||||
config = {
|
||||
services.cohost-blogger = {
|
||||
enable = true;
|
||||
domain = "blog.oat.zone";
|
||||
port = 3500;
|
||||
};
|
||||
services.nlw-api = {
|
||||
enable = true;
|
||||
domain = "nlw.oat.zone";
|
||||
apiKey = builtins.readFile /etc/sheets-api-key;
|
||||
#apiKey = "";
|
||||
port = 1995;
|
||||
};
|
||||
services.cardgen = {
|
||||
enable = true;
|
||||
port = 25290;
|
||||
};
|
||||
services.gd-icon-renderer-web = {
|
||||
enable = true;
|
||||
port = 3435;
|
||||
domain = "gdicon.oat.zone";
|
||||
};
|
||||
|
||||
modules = {
|
||||
services = {
|
||||
#nextcloud = {
|
||||
|
@ -40,11 +18,10 @@ in {
|
|||
# domain = "blog.dark-firepit.cloud";
|
||||
#};
|
||||
|
||||
forgejo = {
|
||||
gitea = {
|
||||
enable = true;
|
||||
domain = "git.oat.zone";
|
||||
port = 3000;
|
||||
enableActions = true;
|
||||
};
|
||||
|
||||
matrix.conduit = {
|
||||
|
@ -54,7 +31,7 @@ in {
|
|||
|
||||
vaultwarden = {
|
||||
enable = true;
|
||||
domain = "vault.dark-firepit.cloud";
|
||||
domain = "vault.aether.gay";
|
||||
};
|
||||
|
||||
# not entirely necessary but makes it so that invalid domains and/or direct ip access aborts connection
|
||||
|
@ -73,12 +50,10 @@ in {
|
|||
"giger.yugoslavia.fishing".dataDir = "/var/www/giger.yugoslavia.fishing";
|
||||
"modfiles.oat.zone".dataDir = "/var/www/modfiles.oat.zone";
|
||||
"shop.yugoslavia.best".dataDir = "/var/www/shop.yugoslavia.best";
|
||||
"shop.yugoslavia.best".forceSSL = false;
|
||||
"tesco-underground-dev.oat.zone".dataDir = "/var/www/tesco-underground-dev.oat.zone";
|
||||
"tesco-underground-dev.oat.zone".auth = { tesco = builtins.readFile /etc/tesco; };
|
||||
"oat.zone".dataDir = "/var/www/oat.zone";
|
||||
"oat.zone".php = true;
|
||||
#"beta-blog.oat.zone".dataDir = "/var/www/beta.blog.oat.zone";
|
||||
"yugoslavia.fishing".dataDir = "/var/www/yugoslavia.fishing";
|
||||
"yugoslavia.fishing".php = true;
|
||||
"educationmath.oat.zone".dataDir = "/var/www/proxy.oat.zone";
|
||||
|
@ -86,26 +61,16 @@ in {
|
|||
"educationmath.oat.zone".auth = { twh = builtins.readFile /etc/proxy_twh; };
|
||||
"rivervalleychocolate.com".dataDir = "/var/www/rivervalleychocolate.com";
|
||||
"rivervalleychocolate.com".php = true;
|
||||
"play.mayf.pink".dataDir = "/var/www/play.mayf.pink/";
|
||||
"play.mayf.pink".php = true;
|
||||
"play.mayf.pink".phpHandlePathing = true;
|
||||
"tac.yugoslavia.best".dataDir = "/var/www/tac.yugoslavia.best/public";
|
||||
"tac.yugoslavia.best".php = true;
|
||||
"tac.yugoslavia.best".phpHandlePathing = true;
|
||||
"pjsk.oat.zone".dataDir = "/var/www/pjsk.oat.zone";
|
||||
"mayf.pink".dataDir = "/var/www/mayf.pink";
|
||||
"mayf.pink".dataDir = "/var/www/mayf.pink/public";
|
||||
"mayf.pink".php = true;
|
||||
"mayf.pink".phpHandlePathing = true;
|
||||
"promotion.yugoslavia.best".dataDir = "/var/www/promotion.yugoslavia.best/public";
|
||||
"promotion.yugoslavia.best".php = true;
|
||||
"promotion.yugoslavia.best".phpHandlePathing = true;
|
||||
"promotion.yugoslavia.best".forceSSL = false;
|
||||
"star.yugoslavia.best".dataDir = "/var/www/star.yugoslavia.best";
|
||||
"star.yugoslavia.best".forceSSL = false;
|
||||
#"wint0r.zone".dataDir = "/var/www/wint0r.zone";
|
||||
#"puzzle.wint0r.zone".dataDir = "/var/www/puzzle.wint0r.zone";
|
||||
"femboy.industries".dataDir = "/var/www/femboy.industries";
|
||||
} // (listToAttrs (map (value: {
|
||||
name = "${value}.femboy.industries";
|
||||
value = { dataDir = "/var/www/femboy.industries/_subdomains/${value}/"; };
|
||||
}) ["sage"]));
|
||||
"wint0r.zone".dataDir = "/var/www/wint0r.zone";
|
||||
"puzzle.wint0r.zone".dataDir = "/var/www/puzzle.wint0r.zone";
|
||||
};
|
||||
|
||||
nitter = {
|
||||
enable = true;
|
||||
|
@ -114,12 +79,6 @@ in {
|
|||
domain = "nitter.oat.zone";
|
||||
};
|
||||
|
||||
libreddit = {
|
||||
enable = true;
|
||||
domain = "libreddit.oat.zone";
|
||||
port = 1950;
|
||||
};
|
||||
|
||||
#watch-party = {
|
||||
# enable = true;
|
||||
# port = 1984;
|
||||
|
@ -129,10 +88,23 @@ in {
|
|||
enable = true;
|
||||
};
|
||||
|
||||
metrics = {
|
||||
code-server = {
|
||||
enable = true;
|
||||
domain = "grafana.dark-firepit.cloud";
|
||||
port = 2342;
|
||||
domain = "dev-firepit.oat.zone";
|
||||
port = 4444;
|
||||
};
|
||||
|
||||
ghost = {
|
||||
enable = true;
|
||||
domain = "blog.oat.zone";
|
||||
port = 1357;
|
||||
};
|
||||
|
||||
isso = {
|
||||
enable = true;
|
||||
port = 1995;
|
||||
domain = "comments.oat.zone";
|
||||
target = "blog.oat.zone";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -143,21 +115,6 @@ in {
|
|||
locations."/f/".extraConfig = ''
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
'';
|
||||
locations."/f/cards/gen".extraConfig = ''
|
||||
rewrite /f/cards/gen/(.*) /$1 break;
|
||||
proxy_pass http://127.0.0.1:25290;
|
||||
proxy_redirect off;
|
||||
'';
|
||||
extraConfig = ''
|
||||
error_page 404 /404.html;
|
||||
error_page 403 /403.html;
|
||||
'';
|
||||
};
|
||||
"femboy.industries" = {
|
||||
locations."/_subdomains".extraConfig = ''
|
||||
deny all;
|
||||
return 404;
|
||||
'';
|
||||
};
|
||||
# todo: move to flake
|
||||
"gdpstest.oat.zone" = {
|
||||
|
@ -172,25 +129,31 @@ in {
|
|||
'';
|
||||
};
|
||||
# todo: move to flake
|
||||
"jillo.oat.zone" = {
|
||||
"gdicon.oat.zone" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:15385/";
|
||||
proxyPass = "http://127.0.0.1:3436/";
|
||||
};
|
||||
};
|
||||
"drawdog.oat.zone" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:33363/";
|
||||
extraConfig = ''
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
'';
|
||||
};
|
||||
|
||||
# https://www.edwinwenink.xyz/posts/47-tilde_server/
|
||||
# todo: fix this
|
||||
"dark-firepit.cloud" = {
|
||||
locations."~ ^/~([^/\\s]+?)(/[^\\s]*)?$".extraConfig = ''
|
||||
add_header X-debug-message "/home/$1/www$2" always;
|
||||
alias /home/$1/www$2;
|
||||
index index.html index.htm;
|
||||
autoindex on;
|
||||
'';
|
||||
};
|
||||
|
||||
"nitter.oat.zone" = {
|
||||
locations."/".extraConfig = ''
|
||||
if ($http_user_agent = 'Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)') {
|
||||
return 302 $scheme://fxtwitter.com$request_uri;
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
#"git.oat.zone" = {
|
|
@ -0,0 +1,51 @@
|
|||
{ pkgs, inputs, lib, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
user = {
|
||||
packages = with pkgs; [
|
||||
git
|
||||
curl
|
||||
helix
|
||||
];
|
||||
};
|
||||
|
||||
users.groups.dotfiles = {};
|
||||
|
||||
normalUsers = {
|
||||
aether = {
|
||||
conf = {
|
||||
packages = with pkgs; [ bat duf broot bottom ];
|
||||
shell = pkgs.fish;
|
||||
extraGroups = [ "wheel" /* "nix-users" */ "dotfiles" ];
|
||||
initialHashedPassword = "!";
|
||||
};
|
||||
|
||||
homeConf.home = {
|
||||
sessionVariables = {
|
||||
EDITOR = "hx";
|
||||
# NIX_REMOTE = "daemon";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
keyboard = {
|
||||
locale = "en_US.UTF-8";
|
||||
variant = "qwerty";
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Dublin";
|
||||
|
||||
modules = {
|
||||
shell.fish.enable = true;
|
||||
security.isLocalMachine = true;
|
||||
|
||||
hyprland.enable = true;
|
||||
|
||||
dev.zig.enable = true;
|
||||
};
|
||||
}
|
|
@ -0,0 +1,65 @@
|
|||
{ config, lib, pkgs, inputs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
];
|
||||
|
||||
boot = {
|
||||
initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
|
||||
initrd.kernelModules = [ ];
|
||||
# kernelPackages = pkgs.linuxPackages_hardened;
|
||||
# kernelModules = [ "kvm-intel" ];
|
||||
loader = {
|
||||
systemd-boot = {
|
||||
enable = true;
|
||||
configurationLimit = 10;
|
||||
};
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
};
|
||||
|
||||
nix.settings.cores = 3;
|
||||
nix.settings.max-jobs = 6;
|
||||
|
||||
# disabling this is what's considered a "Bad Idea"
|
||||
# however it is required by packages/ghost.nix, which
|
||||
# is borrowed from https://notes.abhinavsarkar.net/2022/ghost-on-nixos
|
||||
#
|
||||
# i don't know of a cleaner way to do this, and i
|
||||
# don't want to deal with ghost any longer than i
|
||||
# already have, so This Will Do
|
||||
nix.settings.sandbox = false;
|
||||
|
||||
modules.hardware.fs = {
|
||||
enable = true;
|
||||
ssd.enable = true;
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/a4278811-e227-4dea-b7a2-5eaaab003679";
|
||||
fsType = "f2fs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/688D-5046";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/a3611c1a-5d34-484d-9fda-e9af0806b13a"; }
|
||||
];
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp0s1.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||
|
||||
}
|
|
@ -1,21 +0,0 @@
|
|||
"dark-firepit" = {
|
||||
enable = false;
|
||||
#autoStart = false;
|
||||
openFirewall = true;
|
||||
serverProperties = {
|
||||
server-port = 25565;
|
||||
gamemode = 0;
|
||||
motd = "dark-firepit, 1.19.2 Fabric";
|
||||
white-list = true;
|
||||
max-players = 8;
|
||||
allow-flight = true;
|
||||
enable-command-block = true;
|
||||
enforce-secure-profile = false;
|
||||
level-type = "terra:overworld/overworld";
|
||||
snooper-enabled = false;
|
||||
spawn-protection = 0;
|
||||
};
|
||||
whitelist = darkFirepitWhitelist;
|
||||
package = pkgs.minecraftServers.fabric-1_19_2;
|
||||
jvmOpts = "-Xmx6G";
|
||||
};
|
|
@ -1,144 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
# https://git.sleeping.town/unascribed/unsup/releases
|
||||
unsup = pkgs.fetchurl {
|
||||
url = "https://git.sleeping.town/unascribed/unsup/releases/download/v0.2.3/unsup-0.2.3.jar";
|
||||
hash = "sha256-DBMxiZwfUUiLqXYOMD8EUz4HubAZIEjAPmk32T0NYtA=";
|
||||
};
|
||||
|
||||
mkUnsupINI = { url, extraConfig ? "" }: pkgs.writeTextFile {
|
||||
name = "unsup.ini";
|
||||
text = ''
|
||||
version=1
|
||||
preset=minecraft
|
||||
|
||||
source_format=packwiz
|
||||
source=${url}
|
||||
|
||||
force_env=server
|
||||
no_gui=true
|
||||
'' + extraConfig;
|
||||
};
|
||||
|
||||
gayrats = {
|
||||
whitelist = {
|
||||
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
|
||||
RustyMyHabibi = "e20305fa-a44c-44c9-b62e-6918e7c779d6";
|
||||
Dj_Afganistan = "1f879917-1ad4-49c3-9908-90769ee73f85";
|
||||
DumbDogDoodles = "d33e5e3b-85ab-4c93-a61b-605e2673fbe8";
|
||||
SuneFoxie = "82e82ef9-ea17-4794-9051-928b5b8629c1";
|
||||
FuzziestRedMoth = "21e1adf8-93f7-4173-a087-b3a9c02edec5";
|
||||
hewoicvewse = "98e715cf-b1a4-4d50-9ed0-7d20fbdf240e";
|
||||
numpad_7 = "44e6e6d7-770d-4afc-96b1-9999b61ced1d";
|
||||
_Zydra = "0af7b31f-63a5-426d-8cee-6c54385856b6";
|
||||
};
|
||||
unsupINI = mkUnsupINI { url = "https://oat.zone/f/gayrats/pack.toml"; };
|
||||
};
|
||||
in {
|
||||
config = {
|
||||
modules.services.minecraft.enable = true;
|
||||
modules.services.minecraft.servers = {
|
||||
"gayrats" = import ./gayrats.nix {
|
||||
inherit pkgs;
|
||||
|
||||
enable = false;
|
||||
server-port = 25565;
|
||||
|
||||
inherit unsup;
|
||||
inherit (gayrats) whitelist;
|
||||
|
||||
unsupINI = mkUnsupINI { url = "https://oat.zone/f/gayrats/pack.toml"; };
|
||||
};
|
||||
|
||||
"gayrats-creative" = import ./gayrats-creative.nix {
|
||||
inherit pkgs;
|
||||
|
||||
enable = false;
|
||||
server-port = 25575;
|
||||
|
||||
inherit unsup;
|
||||
inherit (gayrats) whitelist;
|
||||
|
||||
unsupINI = mkUnsupINI { url = "https://oat.zone/f/gayrats-creative/pack.toml"; };
|
||||
};
|
||||
|
||||
"gay-capybaras" = import ./gay-capybaras.nix {
|
||||
inherit pkgs;
|
||||
|
||||
enable = true;
|
||||
server-port = 25505;
|
||||
|
||||
inherit unsup;
|
||||
inherit (gayrats) whitelist;
|
||||
|
||||
unsupINI = mkUnsupINI { url = "https://aether.gay/f/gay-capybaras/pack.toml"; };
|
||||
};
|
||||
|
||||
"n3ko-test" = import ./n3ko-test.nix {
|
||||
inherit pkgs;
|
||||
|
||||
enable = false;
|
||||
server-port = 25595;
|
||||
};
|
||||
|
||||
"wafflecraft" = import ./wafflecraft.nix {
|
||||
inherit pkgs;
|
||||
inherit lib;
|
||||
|
||||
enable = false;
|
||||
server-port = 25535;
|
||||
|
||||
inherit unsup;
|
||||
unsupINI = mkUnsupINI {
|
||||
url = "https://oat.zone/f/wafflecraft/pack.toml";
|
||||
extraConfig = ''
|
||||
[flavors]
|
||||
shaders=no_shaders
|
||||
minimap=no_minimap
|
||||
barrel_roll=no_barrel_roll
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
"modfest-build" = let
|
||||
unsupINI = mkUnsupINI {
|
||||
url = "https://raw.githack.com/ModFest/modfest-1-20/main/pack/pack.toml";
|
||||
};
|
||||
in {
|
||||
enable = false;
|
||||
package = pkgs.fabricServers."fabric-1_20_4".override { loaderVersion = "0.15.3"; };
|
||||
jvmOpts = ((import ./mc-flags.nix) "4G") + " -javaagent:${unsup}";
|
||||
|
||||
openFirewall = true;
|
||||
|
||||
serverProperties = {
|
||||
server-port = 25525;
|
||||
gamemode = 1;
|
||||
motd = "modfest build server !";
|
||||
white-list = true;
|
||||
max-players = 128;
|
||||
allow-flight = true;
|
||||
enable-command-block = true;
|
||||
enforce-secure-profile = false;
|
||||
snooper-enabled = false;
|
||||
spawn-protection = 0;
|
||||
};
|
||||
|
||||
symlinks = {
|
||||
"unsup.ini" = unsupINI;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.minecraft-server-dark-firepit.serviceConfig = {
|
||||
# packwiz workaround
|
||||
# https://github.com/Infinidoge/nix-minecraft/issues/12#issuecomment-1235999072
|
||||
# TODO: this doesn't work!!! it just goes "error code 1" and refuses to elaborate
|
||||
#ExecStartPre = [
|
||||
# ''cd "/srv/minecraft/dark-firepit"; nix-shell -p adoptopenjdk-hotspot-bin-16 --run "java -jar /srv/minecraft/dark-firepit/packwiz-installer-bootstrap.jar -g 'https://dark-firepit.oat.zone/Fire Pit 1.19.2/pack.toml'"''
|
||||
#];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,29 +0,0 @@
|
|||
{ pkgs, enable ? false, server-port, whitelist, unsup, unsupINI, ... }:
|
||||
|
||||
{
|
||||
inherit enable;
|
||||
autoStart = true;
|
||||
openFirewall = true;
|
||||
|
||||
inherit whitelist;
|
||||
serverProperties = {
|
||||
inherit server-port;
|
||||
gamemode = 0;
|
||||
motd = "dark-firepit, 1.20.1 Fabric";
|
||||
white-list = true;
|
||||
max-players = 8;
|
||||
allow-flight = true;
|
||||
enable-command-block = true;
|
||||
enforce-secure-profile = false;
|
||||
snooper-enabled = false;
|
||||
spawn-protection = 0;
|
||||
};
|
||||
|
||||
symlinks = { "unsup.ini" = unsupINI; };
|
||||
|
||||
package = pkgs.fabricServers."fabric-1_20_1".override { loaderVersion = "0.15.6"; };
|
||||
# package = pkgs.fabricServers."fabric-1_20_1";
|
||||
|
||||
jvmOpts = "-Xmx6G -javaagent:${unsup}";
|
||||
|
||||
}
|
|
@ -1,27 +0,0 @@
|
|||
{ pkgs, enable ? false, server-port, whitelist, unsup, unsupINI, ... }:
|
||||
|
||||
{
|
||||
inherit enable;
|
||||
autoStart = true;
|
||||
openFirewall = true;
|
||||
|
||||
inherit whitelist;
|
||||
serverProperties = {
|
||||
inherit server-port;
|
||||
gamemode = 1;
|
||||
motd = "dark-firepit, 1.19.2 Fabric";
|
||||
white-list = true;
|
||||
max-players = 8;
|
||||
allow-flight = true;
|
||||
enable-command-block = true;
|
||||
enforce-secure-profile = false;
|
||||
snooper-enabled = false;
|
||||
spawn-protection = 0;
|
||||
};
|
||||
|
||||
symlinks = { "unsup.ini" = unsupINI; };
|
||||
|
||||
package = pkgs.fabricServers."fabric-1_19_2".override { loaderVersion = "0.14.17"; };
|
||||
|
||||
jvmOpts = "-Xmx6G -javaagent:${unsup}";
|
||||
}
|
|
@ -1,28 +0,0 @@
|
|||
{ pkgs, enable ? false, server-port, whitelist, unsup, unsupINI, ... }:
|
||||
|
||||
{
|
||||
inherit enable;
|
||||
autoStart = true;
|
||||
openFirewall = true;
|
||||
|
||||
inherit whitelist;
|
||||
serverProperties = {
|
||||
inherit server-port;
|
||||
gamemode = 0;
|
||||
motd = "dark-firepit, 1.19.2 Fabric";
|
||||
white-list = true;
|
||||
max-players = 8;
|
||||
allow-flight = true;
|
||||
enable-command-block = true;
|
||||
enforce-secure-profile = false;
|
||||
snooper-enabled = false;
|
||||
spawn-protection = 0;
|
||||
};
|
||||
|
||||
symlinks = { "unsup.ini" = unsupINI; };
|
||||
|
||||
package = pkgs.fabricServers."fabric-1_19_2".override { loaderVersion = "0.14.17"; };
|
||||
|
||||
jvmOpts = "-Xmx6G -javaagent:${unsup}";
|
||||
|
||||
}
|
|
@ -1 +0,0 @@
|
|||
memory: "-Xms${memory} -Xmx${memory} -XX:+UseShenandoahGC"
|
|
@ -1,27 +0,0 @@
|
|||
{ pkgs, enable ? false, server-port, ... }:
|
||||
|
||||
{
|
||||
inherit enable;
|
||||
autoStart = true;
|
||||
openFirewall = true;
|
||||
serverProperties = {
|
||||
inherit server-port;
|
||||
gamemode = 1;
|
||||
motd = "N3KO SMP Testing server";
|
||||
white-list = true;
|
||||
max-players = 8;
|
||||
allow-flight = true;
|
||||
enable-command-block = true;
|
||||
enforce-secure-profile = false;
|
||||
#level-type = "terra:overworld/overworld";
|
||||
snooper-enabled = false;
|
||||
spawn-protection = 0;
|
||||
};
|
||||
whitelist = {
|
||||
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
|
||||
Cardboxneko = "3d406152-008c-4ec9-bf49-44c883baca6d";
|
||||
};
|
||||
package = pkgs.fabricServers.fabric-1_18_2;
|
||||
jvmOpts = "-Xmx4G";
|
||||
}
|
||||
|
|
@ -1,45 +0,0 @@
|
|||
{ pkgs, lib, enable ? false, server-port, unsup, unsupINI, ... }:
|
||||
|
||||
{
|
||||
inherit enable;
|
||||
autoStart = true;
|
||||
openFirewall = true;
|
||||
|
||||
serverProperties = {
|
||||
inherit server-port;
|
||||
gamemode = "survival";
|
||||
motd = "wafflecraft Real";
|
||||
max-players = 32;
|
||||
allow-flight = true;
|
||||
enable-command-block = false;
|
||||
enforce-secure-profile = false;
|
||||
snooper-enabled = false;
|
||||
spawn-protection = 0;
|
||||
white-list = true;
|
||||
view-distance = 16;
|
||||
};
|
||||
|
||||
whitelist = {
|
||||
oatmealine = "241d7103-4c9d-4c45-9464-83b5365ce48e";
|
||||
plightshift = "de87f3e6-d44f-40af-8bff-48828694b616";
|
||||
mangoafterdawn = "840ad485-1060-4bcf-8730-c552e5c8d62a";
|
||||
drazilspirits = "1d912f45-978b-4edc-b026-26bd5ed6ce31";
|
||||
segaskullll = "e6d510e6-a1d3-4801-8a5e-52d2c75b2446";
|
||||
Tetaes = "4b149260-d56e-4835-b3f6-2dce173a92a5";
|
||||
sorae_ = "9639d272-4c20-459d-adea-4aa89ee3cdc1";
|
||||
GelloISMello = "a2883a99-fe5d-454d-98b9-d65e4cec7e7e";
|
||||
Triplejy2k = "dced0fad-3802-4544-aaad-64d8fd12b1e8";
|
||||
RAKKIIsan = "0706e583-82e3-478c-8769-1131fb9aef5d";
|
||||
CyberBlue = "151bea19-3d16-45eb-8ae3-3057cde8e8f4";
|
||||
numpad_7 = "44e6e6d7-770d-4afc-96b1-9999b61ced1d";
|
||||
CERiNG = "8dd710ce-fd30-45a5-9252-739d3c03df19";
|
||||
electr1ca = "c18dcc3b-6c11-42e9-b7d8-4b458ea7017d";
|
||||
bigboyty69 = "ed735421-c22b-467a-9eac-5c08437ea3e8";
|
||||
};
|
||||
|
||||
symlinks = { "unsup.ini" = unsupINI; };
|
||||
# this is UGLY as FUCK; but unfortunately https://github.com/Infinidoge/nix-minecraft/issues/15
|
||||
package = pkgs.jdk17;
|
||||
jvmOpts = "-Xmx6G -javaagent:${unsup} "
|
||||
+ lib.replaceStrings ["\n"] [" "] (lib.readFile "/srv/minecraft/wafflecraft/libraries/net/minecraftforge/forge/1.18.2-40.2.1/unix_args.txt");
|
||||
}
|
|
@ -1,115 +0,0 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
# Use the GRUB 2 boot loader.
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
# boot.loader.grub.efiSupport = true;
|
||||
# boot.loader.grub.efiInstallAsRemovable = true;
|
||||
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||
# Define on which hard drive you want to install Grub.
|
||||
# boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
|
||||
|
||||
# networking.hostName = "nixos"; # Define your hostname.
|
||||
# Pick only one of the below networking options.
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
|
||||
|
||||
# Set your time zone.
|
||||
# time.timeZone = "Europe/Amsterdam";
|
||||
|
||||
# Configure network proxy if necessary
|
||||
# networking.proxy.default = "http://user:password@proxy:port/";
|
||||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||
|
||||
# Select internationalisation properties.
|
||||
# i18n.defaultLocale = "en_US.UTF-8";
|
||||
# console = {
|
||||
# font = "Lat2-Terminus16";
|
||||
# keyMap = "us";
|
||||
# useXkbConfig = true; # use xkbOptions in tty.
|
||||
# };
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
# services.xserver.enable = true;
|
||||
|
||||
|
||||
|
||||
|
||||
# Configure keymap in X11
|
||||
# services.xserver.layout = "us";
|
||||
# services.xserver.xkbOptions = {
|
||||
# "eurosign:e";
|
||||
# "caps:escape" # map caps to escape.
|
||||
# };
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
# services.printing.enable = true;
|
||||
|
||||
# Enable sound.
|
||||
# sound.enable = true;
|
||||
# hardware.pulseaudio.enable = true;
|
||||
|
||||
# Enable touchpad support (enabled default in most desktopManager).
|
||||
# services.xserver.libinput.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
# users.users.alice = {
|
||||
# isNormalUser = true;
|
||||
# extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||
# packages = with pkgs; [
|
||||
# firefox
|
||||
# tree
|
||||
# ];
|
||||
# };
|
||||
|
||||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
# environment.systemPackages = with pkgs; [
|
||||
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
|
||||
# wget
|
||||
# ];
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.mtr.enable = true;
|
||||
# programs.gnupg.agent = {
|
||||
# enable = true;
|
||||
# enableSSHSupport = true;
|
||||
# };
|
||||
|
||||
# List services that you want to enable:
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
# services.openssh.enable = true;
|
||||
|
||||
# Open ports in the firewall.
|
||||
# networking.firewall.allowedTCPPorts = [ ... ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
# Or disable the firewall altogether.
|
||||
# networking.firewall.enable = false;
|
||||
|
||||
# Copy the NixOS configuration file and link it from the resulting system
|
||||
# (/run/current-system/configuration.nix). This is useful in case you
|
||||
# accidentally delete configuration.nix.
|
||||
# system.copySystemConfiguration = true;
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It’s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
|
||||
}
|
||||
|
|
@ -1,63 +0,0 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "tmpfs";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
|
||||
fileSystems."/nix/.ro-store" =
|
||||
{ device = "/nix/store/bg6n34zcsz3vil02fjf7lk35xli2ssd6-squashfs.img (deleted)";
|
||||
fsType = "squashfs";
|
||||
options = [ "loop" ];
|
||||
};
|
||||
|
||||
fileSystems."/nix/.rw-store" =
|
||||
{ device = "tmpfs";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
|
||||
fileSystems."/nix/store" =
|
||||
{ device = "overlay";
|
||||
fsType = "overlay";
|
||||
};
|
||||
|
||||
fileSystems."/mnt" =
|
||||
{ device = "/dev/disk/by-uuid/2fb43a32-d7c2-4ed1-97c6-4588d731a132";
|
||||
fsType = "xfs";
|
||||
};
|
||||
|
||||
fileSystems."/mnt/boot" =
|
||||
{ device = "/dev/disk/by-uuid/ABFD-C238";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
fileSystems."/mnt/mnt" =
|
||||
{ device = "/dev/disk/by-uuid/b5adde13-80af-4314-b0d5-ab79b10cc078";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
Binary file not shown.
|
@ -1,9 +0,0 @@
|
|||
let
|
||||
userKeys = builtins.catAttrs "ssh" (import ../authorizedKeys.nix);
|
||||
systemKeys = [
|
||||
# /etc/ssh/ssh_host_ed25519_key.pub
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHp0gLv1FiavpvnXinySlZsWrNkAzo4c8GWvN2WRhQqn root@lucent-firepit"
|
||||
];
|
||||
in {
|
||||
"huge-furry-cock.age".publicKeys = userKeys ++ systemKeys;
|
||||
}
|
|
@ -1,31 +0,0 @@
|
|||
{ options, lib, inputs, pkgs, config, ... }:
|
||||
|
||||
with builtins;
|
||||
with lib;
|
||||
with lib._;
|
||||
let
|
||||
inherit (inputs) agenix;
|
||||
secretsDir = "${toString ../hosts}/${config.networking.hostName}/secrets";
|
||||
secretsFile = "${secretsDir}/secrets.nix";
|
||||
in {
|
||||
imports = [ agenix.nixosModules.default ];
|
||||
|
||||
age = let
|
||||
# ugly, lazy, but works
|
||||
users = map (user: "/home/${user}/.ssh") (attrNames (readDir "/home/"));
|
||||
|
||||
usersWithKeys = filter (path: pathExists path) users;
|
||||
|
||||
userIdentityPaths = concatLists (map (keysPath:
|
||||
let
|
||||
# find all files that are id_* and not *.pub
|
||||
# todo: maybe make a startsWith / endsWith?
|
||||
files = map (f: keysPath + "/" + f)
|
||||
(filter (f: (substring 0 3 f == "id_") && (substring (stringLength f - 4) 4 f != ".pub"))
|
||||
(attrNames (readDir keysPath)));
|
||||
in files) usersWithKeys);
|
||||
in {
|
||||
secrets = mkMerge (map (x: {"${x}".file = "${secretsDir}/${x}";}) (attrNames (import secretsFile)));
|
||||
identityPaths = options.age.identityPaths.default ++ userIdentityPaths;
|
||||
};
|
||||
}
|
|
@ -5,6 +5,8 @@ with lib;
|
|||
config = {
|
||||
environment.systemPackages = with pkgs; [
|
||||
valgrind
|
||||
gcc
|
||||
musl
|
||||
# nix-linter
|
||||
];
|
||||
};
|
||||
|
|
|
@ -14,7 +14,9 @@ in {
|
|||
config = mkIf cfg.enable {
|
||||
user.packages = with pkgs; [
|
||||
cargo
|
||||
rustc
|
||||
rust-analyzer
|
||||
libiconv
|
||||
glibc
|
||||
];
|
||||
|
||||
environment.sessionVariables.RUST_SRC_PATH = "${pkgs.rust.packages.stable.rustPlatform.rustLibSrc}";
|
||||
|
|
|
@ -15,6 +15,7 @@ in {
|
|||
config = mkIf cfg.enable {
|
||||
user.packages = with pkgs; [
|
||||
zig
|
||||
zls
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,17 +0,0 @@
|
|||
{ pkgs, lib, config, options, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.editors.helix;
|
||||
in {
|
||||
options = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
};
|
||||
}
|
|
@ -11,19 +11,16 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
/*
|
||||
config = mkIf cfg.enable {
|
||||
programs.hyprland = {
|
||||
enable = true;
|
||||
};
|
||||
#programs.hyprland = {
|
||||
# enable = true;
|
||||
#};
|
||||
# this was failing to build so i removed it. sorry!!!!!!
|
||||
# -oat
|
||||
# look outside your window!!!
|
||||
# -aether
|
||||
# ok done (i removed it again)
|
||||
# -oat
|
||||
# Do not trust the [Flower].
|
||||
# -aether
|
||||
|
||||
user.packages = with pkgs; [
|
||||
grim
|
||||
|
@ -32,8 +29,11 @@ in {
|
|||
brightnessctl
|
||||
gammastep
|
||||
wdisplays
|
||||
nwg-launchers
|
||||
wezterm
|
||||
];
|
||||
|
||||
home-manager.sharedModules = [ inputs.hyprland.homeManagerModules.default ];
|
||||
home._.wayland.windowManager.hyprland = {
|
||||
enable = true;
|
||||
extraConfig = ''
|
||||
|
@ -49,14 +49,12 @@ in {
|
|||
}
|
||||
|
||||
general {
|
||||
main_mod = SUPER
|
||||
gaps_in = 4
|
||||
gaps_out = 4
|
||||
border_size = 2
|
||||
col.active_border = rgba(f7cd23ff)
|
||||
col.inactive_border = rbga(0f0f0fff)
|
||||
col.active_border = 0xfff7cd23
|
||||
col.inactive_border = 0xff0f0f0f
|
||||
cursor_inactive_timeout = 5
|
||||
damage_tracking = full
|
||||
layout = dwindle
|
||||
}
|
||||
|
||||
|
@ -73,8 +71,8 @@ in {
|
|||
drop_shadow = true
|
||||
shadow_range = 4
|
||||
shadow_render_
|
||||
col.shadow = rgba(0f0f0f33)
|
||||
col.shadow_inactive = rgba(0f0f0f1e)
|
||||
col.shadow = 0x330f0f0f
|
||||
col.shadow_inactive = 0x1e0f0f0f
|
||||
}
|
||||
|
||||
gestures {
|
||||
|
@ -82,19 +80,19 @@ in {
|
|||
}
|
||||
|
||||
animations {
|
||||
enable = true
|
||||
enabled = true
|
||||
|
||||
bezier = workspacesBezier, 0.1, 0.9, 0.1, 0.9
|
||||
bezier = fadeBezier, 0, 0, 0.6, 1
|
||||
|
||||
animation = fade, 1, 8, fadeBezier
|
||||
animation = windows, 1, 8, fadeBezier, popin 60%
|
||||
animation = workspaces, 1, 4, workspacesbezier, slide
|
||||
animation = workspaces, 1, 4, workspacesBezier, slide
|
||||
}
|
||||
|
||||
$mainMod = SUPER
|
||||
|
||||
bind = $mainMod, enter, exec, alacritty
|
||||
bind = $mainMod, enter, exec, wezterm
|
||||
bind = $mainMod, C, killactive,
|
||||
bind = $mainMod, P, exec, nwggrid
|
||||
|
||||
|
@ -125,5 +123,4 @@ in {
|
|||
'';
|
||||
};
|
||||
};
|
||||
*/
|
||||
}
|
||||
}
|
||||
|
|
|
@ -35,8 +35,8 @@ in {
|
|||
}
|
||||
];
|
||||
|
||||
boot.tmp.useTmpfs = lib.mkDefault true;
|
||||
boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs);
|
||||
boot.tmpOnTmpfs = lib.mkDefault true;
|
||||
boot.cleanTmpDir = lib.mkDefault (!config.boot.tmpOnTmpfs);
|
||||
|
||||
security.rtkit.enable = true;
|
||||
|
||||
|
@ -51,7 +51,11 @@ in {
|
|||
security.sudo.enable = false;
|
||||
security.doas = {
|
||||
enable = true;
|
||||
extraRules = if cfg.isLocalMachine then [{ users = builtins.attrNames config.defaultUsers; keepEnv = true; noPass = true; }] else [];
|
||||
extraRules = if cfg.isLocalMachine then [{
|
||||
users = builtins.attrNames config.normalUsers;
|
||||
keepEnv = true;
|
||||
noPass = true;
|
||||
}] else [];
|
||||
};
|
||||
|
||||
boot.kernel.sysctl = {
|
||||
|
|
|
@ -0,0 +1,61 @@
|
|||
{ config, lib, pkgs, options, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.code-server;
|
||||
in {
|
||||
options.modules.services.code-server = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
default = "dev-firepit.oat.zone";
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
default = 4444;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services = {
|
||||
code-server = {
|
||||
enable = true;
|
||||
port = cfg.port;
|
||||
# temporary
|
||||
auth = "password";
|
||||
# temporary
|
||||
hashedPassword = removeSuffix "\n" (builtins.readFile /etc/code-server-password);
|
||||
|
||||
extraPackages = with pkgs; [ git nix nixpkgs-fmt ];
|
||||
};
|
||||
|
||||
nginx.virtualHosts."${cfg.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString cfg.port}";
|
||||
extraConfig = ''
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
'';
|
||||
};
|
||||
locations."= /robots.txt" = {
|
||||
extraConfig = ''
|
||||
add_header Content-Type text/plain;
|
||||
return 200 "User-agent: *\nDisallow: /\n";
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
users.users.code-server = {
|
||||
extraGroups = [ "nix-users" "dotfiles" ];
|
||||
shell = pkgs.unstable.fish;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,27 @@
|
|||
{ config, lib, pkgs, options, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.dark-firepit-oat-zone;
|
||||
in {
|
||||
options.modules.services.dark-firepit-oat-zone = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
default = "dark-firepit.oat.zone";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services = {
|
||||
nginx.virtualHosts."${cfg.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
root = "/var/www/dark-firepit.oat.zone";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,108 +0,0 @@
|
|||
{ pkgs, config, lib, options, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.dendrite;
|
||||
fullDomain = "${cfg.prefix}.${cfg.hostDomain}";
|
||||
maxUploadMegabytes = 600;
|
||||
in {
|
||||
options.modules.services.dendrite = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
|
||||
hostDomain = mkOption {
|
||||
type = types.str;
|
||||
default = null;
|
||||
};
|
||||
|
||||
prefix = mkOption {
|
||||
type = types.str;
|
||||
default = "matrix";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 8008;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
assertions = [
|
||||
{ assertion = cfg.hostDomain != null;
|
||||
description = "@config.modules.services.dendrite.hostDomain@ must not equal null";
|
||||
}
|
||||
];
|
||||
|
||||
services.dendrite = {
|
||||
enable = true;
|
||||
httpPort = cfg.port;
|
||||
# httpsPort = cfg.port;
|
||||
tlsCert = "/var/lib/dendrite_keys/server.crt";
|
||||
tlsKey = "/var/lib/dendrite_keys/server.key";
|
||||
loadCredential = [ "private_key:/var/lib/dendrite_keys/private/private_key.pem" ];
|
||||
environmentFile = "/var/lib/dendrite_keys/registration_secret";
|
||||
settings = {
|
||||
global = {
|
||||
server_name = cfg.hostDomain;
|
||||
private_key = "/var/lib/dendrite_keys/private/private_key.pem";
|
||||
presence = {
|
||||
enable_inbound = true;
|
||||
enable_outbound = true;
|
||||
};
|
||||
};
|
||||
client_api = {
|
||||
registration_shared_secret = "$REGISTRATION_SHARED_SECRET";
|
||||
};
|
||||
media_api = {
|
||||
max_file_size_bytes = maxUploadMegabytes;
|
||||
dynamic_thumbnails = true;
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."${fullDomain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
||||
#listen = [
|
||||
# { addr = "0.0.0.0";
|
||||
# port = 443;
|
||||
# ssl = true;
|
||||
# }
|
||||
# { addr = "[::]";
|
||||
# port = 443;
|
||||
# ssl = true;
|
||||
# }
|
||||
#];
|
||||
|
||||
locations."/_matrix".proxyPass = "http://127.0.0.1:${toString cfg.port}";
|
||||
#locations."/_matrix".proxyPass = "https://localhost:${toString cfg.port}";
|
||||
|
||||
extraConfig = ''
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-RealIP $remote_addr;
|
||||
proxy_read_timeout 600;
|
||||
client_max_body_size ${toString maxUploadMegabytes}M;
|
||||
'';
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."${cfg.hostDomain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
||||
locations."/.well-known/matrix/server".return = "200 '{ \"m.server\": \"${fullDomain}:443\"}'";
|
||||
|
||||
# locations."/.well-known/matrix/client".return = "200 '{ \"m.homserver\": { \"base_url\": \"https://${cfg.hostDomain}\"} }'";
|
||||
locations."/.well-known/matrix/client".extraConfig = ''
|
||||
add_header Access-Control-Allow-Origin '*';
|
||||
return 200 '{ \"m.homeserver\": { \"base_url\": \"https://${fullDomain}\"} }';
|
||||
'';
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 80 443 ];
|
||||
};
|
||||
}
|
|
@ -0,0 +1,158 @@
|
|||
{ pkgs, lib, config, options, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.ghost;
|
||||
# user used to run the Ghost service
|
||||
userName = builtins.replaceStrings [ "." ] [ "_" ] cfg.domain;
|
||||
in {
|
||||
options.modules.services.ghost = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs._.ghost;
|
||||
};
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
default = "blog.oat.zone";
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
default = 1357;
|
||||
};
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/${userName}";
|
||||
};
|
||||
};
|
||||
|
||||
config = let
|
||||
# directory used to save the blog content
|
||||
dataDir = cfg.dataDir;
|
||||
# script that sets up the Ghost content directory
|
||||
setupScript = pkgs.writeScript "${cfg.domain}-setup.sh" ''
|
||||
#! ${pkgs.stdenv.shell} -e
|
||||
chmod g+s "${dataDir}"
|
||||
[[ ! -d "${dataDir}/content" ]] && cp -r "${cfg.package}/content" "${dataDir}/content"
|
||||
chown -R "${userName}":"${userName}" "${dataDir}/content"
|
||||
chmod -R +w "${dataDir}/content"
|
||||
ln -f -s "/etc/${cfg.domain}.json" "${dataDir}/config.production.json"
|
||||
[[ -d "${dataDir}/current" ]] && rm "${dataDir}/current"
|
||||
ln -f -s "${cfg.package}/current" "${dataDir}/current"
|
||||
[[ -d "${dataDir}/content/themes/casper" ]] && rm "${dataDir}/content/themes/casper"
|
||||
ln -f -s "${cfg.package}/current/content/themes/casper" "${dataDir}/content/themes/casper"
|
||||
'';
|
||||
in lib.mkIf cfg.enable {
|
||||
# Creates the user and group
|
||||
users.users.${userName} = {
|
||||
isSystemUser = true;
|
||||
group = userName;
|
||||
createHome = true;
|
||||
home = dataDir;
|
||||
};
|
||||
users.groups.${userName} = { };
|
||||
|
||||
# Creates the Ghost config
|
||||
environment.etc."${cfg.domain}.json".text = ''
|
||||
{
|
||||
"url": "https://${cfg.domain}",
|
||||
"server": {
|
||||
"port": ${toString cfg.port},
|
||||
"host": "0.0.0.0"
|
||||
},
|
||||
"database": {
|
||||
"client": "mysql",
|
||||
"connection": {
|
||||
"host": "localhost",
|
||||
"user": "${userName}",
|
||||
"database": "${userName}",
|
||||
"password": "",
|
||||
"socketPath": "/run/mysqld/mysqld.sock"
|
||||
}
|
||||
},
|
||||
"mail": {
|
||||
"transport": "sendmail"
|
||||
},
|
||||
"logging": {
|
||||
"transports": ["stdout"]
|
||||
},
|
||||
"paths": {
|
||||
"contentPath": "${dataDir}/content"
|
||||
}
|
||||
}
|
||||
'';
|
||||
|
||||
# Sets up the Systemd service
|
||||
systemd.services."${cfg.domain}" = {
|
||||
enable = true;
|
||||
description = "${cfg.domain} ghost blog";
|
||||
restartIfChanged = true;
|
||||
restartTriggers =
|
||||
[ cfg.package config.environment.etc."${cfg.domain}.json".source ];
|
||||
requires = [ "mysql.service" ];
|
||||
after = [ "mysql.service" ];
|
||||
path = [ pkgs.nodejs pkgs.vips ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
User = userName;
|
||||
Group = userName;
|
||||
WorkingDirectory = dataDir;
|
||||
# Executes the setup script before start
|
||||
ExecStartPre = setupScript;
|
||||
# Runs Ghost with node
|
||||
ExecStart = "${pkgs.nodejs}/bin/node current/index.js";
|
||||
# Sandboxes the Systemd service
|
||||
AmbientCapabilities = [ ];
|
||||
CapabilityBoundingSet = [ ];
|
||||
KeyringMode = "private";
|
||||
LockPersonality = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
PrivateMounts = true;
|
||||
PrivateTmp = true;
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectSystem = "full";
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = [ ];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
};
|
||||
environment = { NODE_ENV = "production"; };
|
||||
};
|
||||
|
||||
# Sets up the blog virtual host on NGINX
|
||||
services.nginx.virtualHosts.${cfg.domain} = {
|
||||
# Sets up Lets Encrypt SSL certificates for the blog
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = { proxyPass = "http://127.0.0.1:${toString cfg.port}"; };
|
||||
extraConfig = ''
|
||||
charset UTF-8;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=2592000; includeSubDomains" always;
|
||||
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
'';
|
||||
};
|
||||
|
||||
# Sets up MySQL database and user for Ghost
|
||||
services.mysql = {
|
||||
ensureDatabases = [ userName ];
|
||||
ensureUsers = [{
|
||||
name = userName;
|
||||
ensurePermissions = { "${userName}.*" = "ALL PRIVILEGES"; };
|
||||
}];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -2,9 +2,9 @@
|
|||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.forgejo;
|
||||
cfg = config.modules.services.gitea;
|
||||
in {
|
||||
options.modules.services.forgejo = {
|
||||
options.modules.services.gitea = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
|
@ -17,55 +17,30 @@ in {
|
|||
type = types.int;
|
||||
default = 3000;
|
||||
};
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.unstable.forgejo;
|
||||
};
|
||||
enableActions = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
virtualisation.docker.enable = cfg.enableActions;
|
||||
|
||||
services = {
|
||||
gitea = {
|
||||
enable = true;
|
||||
package = cfg.package;
|
||||
package = pkgs.unstable.gitea;
|
||||
domain = cfg.domain;
|
||||
httpPort = cfg.port;
|
||||
rootUrl = "https://${cfg.domain}/";
|
||||
stateDir = "/var/lib/${cfg.domain}";
|
||||
appName = "Forgejo: dark-firepit hosted Git";
|
||||
appName = "Gitea: dark-firepit hosted Git";
|
||||
database = {
|
||||
type = "postgres";
|
||||
name = "gitea";
|
||||
};
|
||||
settings = mkMerge [ (builtins.fromTOML (builtins.readFile "/etc/dotfiles/config/forgejo/app.toml")) {
|
||||
settings = mkMerge [ (builtins.fromTOML (builtins.readFile "/etc/dotfiles/config/gitea/app.toml")) {
|
||||
"ui.meta" = {
|
||||
AUTHOR = "dark-firepit.cloud";
|
||||
AUTHOR = "aether & oat";
|
||||
DESCRIPTION = "dark-firepit's shared git instance";
|
||||
};
|
||||
"server" = {
|
||||
DOMAIN = cfg.domain;
|
||||
HTTP_PORT = cfg.port;
|
||||
ROOT_URL = "https://${cfg.domain}/";
|
||||
};
|
||||
"actions" = {
|
||||
ENABLED = cfg.enableActions;
|
||||
};
|
||||
}];
|
||||
};
|
||||
|
||||
gitea-actions-runner = mkIf cfg.enableActions {
|
||||
instances."${config.networking.hostName}" = {
|
||||
enable = true;
|
||||
name = "ci";
|
||||
url = "https://${cfg.domain}/";
|
||||
labels = []; # use the packaged instance list
|
||||
token = removeSuffix "\n" (builtins.readFile "/etc/forgejo-runner-token");
|
||||
};
|
||||
};
|
||||
|
||||
nginx.virtualHosts."${cfg.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
|
@ -0,0 +1,82 @@
|
|||
{ config, lib, pkgs, options, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.isso;
|
||||
in {
|
||||
options.modules.services.isso = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
default = "comments.oat.zone";
|
||||
};
|
||||
target = mkOption {
|
||||
type = types.str;
|
||||
default = "blog.oat.zone";
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 1550;
|
||||
};
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/isso";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services = {
|
||||
isso = {
|
||||
enable = true;
|
||||
settings = {
|
||||
general = {
|
||||
dbpath = "${cfg.dataDir}/comments.db";
|
||||
host = "https://${cfg.target}";
|
||||
latest-enabled = true;
|
||||
};
|
||||
server = {
|
||||
listen = "http://localhost:${toString cfg.port}";
|
||||
samesite = "Lax";
|
||||
public-endpoint = "https://${cfg.domain}";
|
||||
};
|
||||
guard = {
|
||||
enabled = true;
|
||||
require-author = true;
|
||||
ratelimit = 4;
|
||||
};
|
||||
admin = {
|
||||
enabled = true;
|
||||
password = removeSuffix "\n" (builtins.readFile /etc/isso_admin_pass);
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
nginx.enable = true;
|
||||
nginx.virtualHosts."${cfg.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:${toString cfg.port}";
|
||||
extraConfig = ''
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.isso.serviceConfig = {
|
||||
preStart = ''
|
||||
umask u=rwx,g=rwx,o=rx
|
||||
mkdir -p ${cfg.dataDir}
|
||||
cd ${cfg.dataDir}
|
||||
${pkgs.coreutils}/bin/chown -R isso:isso .
|
||||
${pkgs.coreutils}/bin/chmod -R 775 .
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,372 +0,0 @@
|
|||
{ pkgs, lib, config, options, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.jmusicbot;
|
||||
in {
|
||||
options.modules.services.jmusicbot = {
|
||||
enable = mkOption {
|
||||
description = ''
|
||||
JMusicBot is a self-hostable Discord music bot. This service lets
|
||||
you host multiple instances of it with seperate configurations.
|
||||
'';
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
|
||||
instances = mkOption {
|
||||
default = {};
|
||||
type = types.attrsOf (types.submodule {
|
||||
options = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.jmusicbot;
|
||||
};
|
||||
|
||||
options = mkOption {
|
||||
description = ''
|
||||
The JMusicBot config, see here: https://jmusicbot.com/config/
|
||||
'';
|
||||
type = types.submodule {
|
||||
options = {
|
||||
token = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
This sets the token for the bot to log in with
|
||||
This MUST be a bot token (user tokens will not work)
|
||||
If you don't know how to get a bot token, please see the guide here:
|
||||
https://github.com/jagrosh/MusicBot/wiki/Getting-a-Bot-Token
|
||||
'';
|
||||
};
|
||||
|
||||
owner = mkOption {
|
||||
type = types.int;
|
||||
description = ''
|
||||
This sets the owner of the bot
|
||||
This needs to be the owner's ID (a 17-18 digit number)
|
||||
https://github.com/jagrosh/MusicBot/wiki/Finding-Your-User-ID
|
||||
'';
|
||||
default = 0;
|
||||
};
|
||||
|
||||
prefix = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
This sets the prefix for the bot
|
||||
The prefix is used to control the commands
|
||||
If you use !!, the play command will be !!play
|
||||
If you do not set this, the prefix will be a mention of the bot (@Botname play)
|
||||
'';
|
||||
default = "@mention";
|
||||
};
|
||||
|
||||
game = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
If you set this, it modifies the default game of the bot
|
||||
Set this to NONE to have no game
|
||||
Set this to DEFAULT to use the default game
|
||||
You can make the game "Playing X", "Listening to X", or "Watching X"
|
||||
where X is the title. If you don't include an action, it will use the
|
||||
default of "Playing"
|
||||
'';
|
||||
default = "DEFAULT";
|
||||
};
|
||||
|
||||
status = mkOption {
|
||||
type = types.enum ["ONLINE" "IDLE" "DND" "INVISIBLE"];
|
||||
description = ''
|
||||
If you set this, it will modify the default status of bot
|
||||
Valid values: ONLINE IDLE DND INVISIBLE
|
||||
'';
|
||||
default = "ONLINE";
|
||||
};
|
||||
|
||||
songinstatus = mkOption {
|
||||
type = types.bool;
|
||||
description = ''
|
||||
If you set this to true, the bot will list the title of the song it is currently playing in its
|
||||
"Playing" status. Note that this will ONLY work if the bot is playing music on ONE guild;
|
||||
if the bot is playing on multiple guilds, this will not work.
|
||||
'';
|
||||
default = false;
|
||||
};
|
||||
|
||||
altprefix = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
If you set this, the bot will also use this prefix in addition to
|
||||
the one provided above
|
||||
'';
|
||||
default = "NONE";
|
||||
};
|
||||
|
||||
success = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
If you set this, the bot will also use this prefix in addition to
|
||||
the one provided above
|
||||
'';
|
||||
default = "🎶";
|
||||
};
|
||||
warning = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
If you set this, the bot will also use this prefix in addition to
|
||||
the one provided above
|
||||
'';
|
||||
default = "💡";
|
||||
};
|
||||
error = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
If you set this, the bot will also use this prefix in addition to
|
||||
the one provided above
|
||||
'';
|
||||
default = "🚫";
|
||||
};
|
||||
loading = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
If you set this, the bot will also use this prefix in addition to
|
||||
the one provided above
|
||||
'';
|
||||
default = "⌚";
|
||||
};
|
||||
searching = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
If you set this, the bot will also use this prefix in addition to
|
||||
the one provided above
|
||||
'';
|
||||
default = "🔎";
|
||||
};
|
||||
|
||||
help = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
If you set this, you change the word used to view the help.
|
||||
For example, if you set the prefix to !! and the help to cmds, you would type
|
||||
!!cmds to see the help text
|
||||
'';
|
||||
default = "help";
|
||||
};
|
||||
|
||||
npimages = mkOption {
|
||||
type = types.bool;
|
||||
description = ''
|
||||
If you set this, the "nowplaying" command will show youtube thumbnails
|
||||
Note: If you set this to true, the nowplaying boxes will NOT refresh
|
||||
This is because refreshing the boxes causes the image to be reloaded
|
||||
every time it refreshes.
|
||||
'';
|
||||
default = false;
|
||||
};
|
||||
|
||||
stayinchannel = mkOption {
|
||||
type = types.bool;
|
||||
description = ''
|
||||
If you set this, the bot will not leave a voice channel after it finishes a queue.
|
||||
Keep in mind that being connected to a voice channel uses additional bandwith,
|
||||
so this option is not recommended if bandwidth is a concern.
|
||||
'';
|
||||
default = false;
|
||||
};
|
||||
|
||||
maxtime = mkOption {
|
||||
type = types.int;
|
||||
description = ''
|
||||
This sets the maximum amount of seconds any track loaded can be. If not set or set
|
||||
to any number less than or equal to zero, there is no maximum time length. This time
|
||||
restriction applies to songs loaded from any source.
|
||||
'';
|
||||
default = 0;
|
||||
};
|
||||
|
||||
alonetimeuntilstop = mkOption {
|
||||
type = types.int;
|
||||
description = ''
|
||||
This sets the amount of seconds the bot will stay alone on a voice channel until it
|
||||
automatically leaves the voice channel and clears the queue. If not set or set
|
||||
to any number less than or equal to zero, the bot won't leave when alone.
|
||||
'';
|
||||
default = 0;
|
||||
};
|
||||
|
||||
playlistsfolder = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
This sets an alternative folder to be used as the Playlists folder
|
||||
This can be a relative or absolute path
|
||||
'';
|
||||
default = "Playlists";
|
||||
};
|
||||
|
||||
updatealerts = mkOption {
|
||||
type = types.bool;
|
||||
description = ''
|
||||
By default, the bot will DM the owner if the bot is running and a new version of the bot
|
||||
becomes available. Set this to false to disable this feature.
|
||||
'';
|
||||
default = true;
|
||||
};
|
||||
|
||||
"lyrics.default" = mkOption {
|
||||
type = types.enum ["A-Z Lyrics" "Genius" "MusicMatch" "LyricsFreak"];
|
||||
description = ''
|
||||
Changing this changes the lyrics provider
|
||||
Currently available providers: "A-Z Lyrics", "Genius", "MusicMatch", "LyricsFreak"
|
||||
At the time of writing, I would recommend sticking with A-Z Lyrics or MusicMatch,
|
||||
as Genius tends to have a lot of non-song results and you might get something
|
||||
completely unrelated to what you want.
|
||||
If you are interested in contributing a provider, please see
|
||||
https://github.com/jagrosh/JLyrics
|
||||
'';
|
||||
default = "A-Z Lyrics";
|
||||
};
|
||||
|
||||
aliases = mkOption {
|
||||
type = types.attrsOf (types.listOf types.str);
|
||||
description = ''
|
||||
These settings allow you to configure custom aliases for all commands.
|
||||
Multiple aliases may be given, separated by commas.
|
||||
|
||||
Example 1: Giving command "play" the alias "p":
|
||||
play = [ p ]
|
||||
|
||||
Example 2: Giving command "search" the aliases "yts" and "find":
|
||||
search = [ yts, find ]
|
||||
'';
|
||||
default = {
|
||||
settings = [ "status" ];
|
||||
lyrics = [];
|
||||
nowplaying = [ "np" "current" ];
|
||||
play = [];
|
||||
playlists = [ "pls" ];
|
||||
queue = [ "list" ];
|
||||
remove = [ "delete" ];
|
||||
scsearch = [];
|
||||
search = [ "ytsearch" ];
|
||||
shuffle = [];
|
||||
skip = [ "voteskip" ];
|
||||
prefix = [ "setprefix" ];
|
||||
setdj = [];
|
||||
settc = [];
|
||||
setvc = [];
|
||||
forceremove = [ "forcedelete" "modremove" "moddelete" ];
|
||||
forceskip = [ "modskip" ];
|
||||
movetrack = [ "move" ];
|
||||
pause = [];
|
||||
playnext = [];
|
||||
repeat = [];
|
||||
skipto = [ "jumpto" ];
|
||||
stop = [];
|
||||
volume = [ "vol" ];
|
||||
};
|
||||
};
|
||||
|
||||
queuetype = mkOption {
|
||||
type = types.enum ["FAIR" "REGULAR"];
|
||||
description = ''
|
||||
Sets the queue type
|
||||
FAIR: Each user gets a fair chance at the queue by rearranging it such that no user can fill it up entirely
|
||||
REGULAR: Queue works as first-come, first-served
|
||||
'';
|
||||
default = "FAIR";
|
||||
};
|
||||
|
||||
eval = mkOption {
|
||||
type = types.bool;
|
||||
description = ''
|
||||
If you set this to true, it will enable the eval command for the bot owner. This command
|
||||
allows the bot owner to run arbitrary code from the bot's account.
|
||||
|
||||
WARNING:
|
||||
This command can be extremely dangerous. If you don't know what you're doing, you could
|
||||
cause horrific problems on your Discord server or on whatever computer this bot is running
|
||||
on. Never run this command unless you are completely positive what you are running.
|
||||
|
||||
DO NOT ENABLE THIS IF YOU DON'T KNOW WHAT THIS DOES OR HOW TO USE IT
|
||||
IF SOMEONE ASKS YOU TO ENABLE THIS, THERE IS AN 11/10 CHANCE THEY ARE TRYING TO SCAM YOU
|
||||
'';
|
||||
default = false;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
});
|
||||
};
|
||||
};
|
||||
|
||||
config = let
|
||||
dataDir = "/var/lib/jmusicbot";
|
||||
|
||||
# nabbed from https://github.com/NixOS/nixpkgs/blob/61d8fdca02b4647be8d38a94c6f53a7cf072d717/nixos/modules/services/networking/jitsi-videobridge.nix#L11
|
||||
toHOCON = x: if isAttrs x && x ? __hocon_envvar then ("\${" + x.__hocon_envvar + "}")
|
||||
else if isAttrs x then "{${ concatStringsSep "," (mapAttrsToList (k: v: ''"${k}":${toHOCON v}'') x) }}"
|
||||
else if isList x then "[${ concatMapStringsSep "," toHOCON x }]"
|
||||
else builtins.toJSON x;
|
||||
in mkIf cfg.enable {
|
||||
users.users.jmusicbot = {
|
||||
group = "jmusicbot";
|
||||
home = dataDir;
|
||||
createHome = true;
|
||||
isSystemUser = true;
|
||||
shell = "${pkgs.bash}/bin/bash";
|
||||
};
|
||||
|
||||
users.groups.jmusicbot = {};
|
||||
|
||||
system.activationScripts.jmusicbot-data-dir.text = ''
|
||||
mkdir -p ${dataDir}
|
||||
chown jmusicbot:jmusicbot ${dataDir}
|
||||
chmod -R 775 ${dataDir}
|
||||
'';
|
||||
|
||||
systemd.services = mapAttrs'
|
||||
(name: conf:
|
||||
let
|
||||
stateDir = "${dataDir}/${name}/";
|
||||
configFile = builtins.toFile "config.txt" (toHOCON conf.options);
|
||||
in {
|
||||
name = "jmusicbot-${name}";
|
||||
value = {
|
||||
enable = conf.enable;
|
||||
|
||||
# referencing https://jmusicbot.com/running-as-a-service/
|
||||
|
||||
description = "JMusicBot instance ${name}";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
requires = [ "network.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = pkgs.writeScript "jmusicbot-start-${name}" ''
|
||||
#!${pkgs.runtimeShell}
|
||||
|
||||
umask u=rwx,g=rwx,o=rx
|
||||
cd ${stateDir}
|
||||
${getExe conf.package} -Dconfig=${configFile}
|
||||
'';
|
||||
Restart = "always";
|
||||
RestartSec = 20;
|
||||
User = "jmusicbot";
|
||||
};
|
||||
|
||||
preStart = ''
|
||||
umask u=rwx,g=rwx,o=rx
|
||||
mkdir -p ${stateDir}
|
||||
cd ${stateDir}
|
||||
ln -sf ${configFile} config.txt
|
||||
'';
|
||||
};
|
||||
}
|
||||
) cfg.instances;
|
||||
};
|
||||
}
|
|
@ -1,45 +0,0 @@
|
|||
{ config, lib, pkgs, options, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.libreddit;
|
||||
in {
|
||||
options.modules.services.libreddit = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
default = "libreddit.oat.zone";
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 1590;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services = {
|
||||
libreddit = {
|
||||
enable = true;
|
||||
package = pkgs.libreddit;
|
||||
port = cfg.port;
|
||||
};
|
||||
|
||||
nginx.enable = true;
|
||||
nginx.virtualHosts."${cfg.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:${toString cfg.port}";
|
||||
extraConfig = ''
|
||||
if ($http_user_agent = 'Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)') {
|
||||
return 302 $scheme://proxy.knotty.dev$request_uri;
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,55 +0,0 @@
|
|||
auth_enabled: false
|
||||
|
||||
server:
|
||||
http_listen_port: 3100
|
||||
|
||||
ingester:
|
||||
lifecycler:
|
||||
address: 0.0.0.0
|
||||
ring:
|
||||
kvstore:
|
||||
store: inmemory
|
||||
replication_factor: 1
|
||||
final_sleep: 0s
|
||||
chunk_idle_period: 1h # Any chunk not receiving new logs in this time will be flushed
|
||||
max_chunk_age: 1h # All chunks will be flushed when they hit this age, default is 1h
|
||||
chunk_target_size: 1048576 # Loki will attempt to build chunks up to 1.5MB, flushing first if chunk_idle_period or max_chunk_age is reached first
|
||||
chunk_retain_period: 30s # Must be greater than index read cache TTL if using an index cache (Default index read cache TTL is 5m)
|
||||
max_transfer_retries: 0 # Chunk transfers disabled
|
||||
|
||||
schema_config:
|
||||
configs:
|
||||
- from: 2023-12-08
|
||||
store: boltdb-shipper
|
||||
object_store: filesystem
|
||||
schema: v11
|
||||
index:
|
||||
prefix: index_
|
||||
period: 24h
|
||||
|
||||
storage_config:
|
||||
boltdb_shipper:
|
||||
active_index_directory: /var/lib/loki/boltdb-shipper-active
|
||||
cache_location: /var/lib/loki/boltdb-shipper-cache
|
||||
cache_ttl: 24h # Can be increased for faster performance over longer query periods, uses more disk space
|
||||
shared_store: filesystem
|
||||
filesystem:
|
||||
directory: /var/lib/loki/chunks
|
||||
|
||||
limits_config:
|
||||
reject_old_samples: true
|
||||
reject_old_samples_max_age: 168h
|
||||
|
||||
chunk_store_config:
|
||||
max_look_back_period: 0s
|
||||
|
||||
table_manager:
|
||||
retention_deletes_enabled: false
|
||||
retention_period: 0s
|
||||
|
||||
compactor:
|
||||
working_directory: /var/lib/loki
|
||||
shared_store: filesystem
|
||||
compactor_ring:
|
||||
kvstore:
|
||||
store: inmemory
|
|
@ -1,110 +0,0 @@
|
|||
{ config, lib, pkgs, options, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.metrics;
|
||||
in {
|
||||
options.modules.services.metrics = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
# default = "grafana.oat.zone";
|
||||
default = null;
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
default = 2342;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
assertions = [
|
||||
{ assertion = cfg.domain != null;
|
||||
description = "please set the domain for grafana";
|
||||
}
|
||||
];
|
||||
systemd.services.promtail = {
|
||||
description = "Promtail service for Loki";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${pkgs.grafana-loki}/bin/promtail --config.file ${./promtail.yml}
|
||||
'';
|
||||
};
|
||||
};
|
||||
services = {
|
||||
grafana = {
|
||||
enable = true;
|
||||
|
||||
settings = {
|
||||
server = {
|
||||
domain = cfg.domain;
|
||||
http_port = cfg.port;
|
||||
http_addr = "127.0.0.1";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
prometheus = let
|
||||
ports = {
|
||||
base = 9001;
|
||||
node = 9002;
|
||||
nginx = 9003;
|
||||
};
|
||||
in {
|
||||
enable = true;
|
||||
port = ports.base;
|
||||
|
||||
exporters = {
|
||||
node = {
|
||||
enable = true;
|
||||
enabledCollectors = [ "systemd" ];
|
||||
port = ports.node;
|
||||
};
|
||||
nginx = {
|
||||
enable = true;
|
||||
port = ports.nginx;
|
||||
};
|
||||
};
|
||||
|
||||
scrapeConfigs = [
|
||||
{
|
||||
job_name = "lucent-firepit";
|
||||
static_configs = [{
|
||||
targets = [
|
||||
"127.0.0.1:${toString ports.node}"
|
||||
"127.0.0.1:${toString ports.nginx}"
|
||||
];
|
||||
}];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
loki = {
|
||||
enable = true;
|
||||
configFile = ./loki-local-config.yml;
|
||||
};
|
||||
|
||||
nginx.statusPage = true;
|
||||
|
||||
nginx.virtualHosts."${cfg.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString cfg.port}";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
locations."= /robots.txt" = {
|
||||
extraConfig = ''
|
||||
add_header Content-Type text/plain;
|
||||
return 200 "User-agent: *\nDisallow: /\n";
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,22 +0,0 @@
|
|||
{ config, pkgs, lib, options, inputs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.minecraft;
|
||||
in {
|
||||
options.modules.services.minecraft = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
servers = options.services.minecraft-servers.servers;
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services.minecraft-servers = {
|
||||
enable = true;
|
||||
eula = true;
|
||||
servers = cfg.servers;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -7,12 +7,12 @@ in {
|
|||
options.modules.services.nextcloud = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = mkForce false;
|
||||
default = false;
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.nextcloud27;
|
||||
default = pkgs.nextcloud24;
|
||||
};
|
||||
|
||||
domain = mkOption {
|
||||
|
@ -28,22 +28,15 @@ in {
|
|||
}
|
||||
];
|
||||
|
||||
# vomit inducing
|
||||
# nixpkgs.config.permittedInsecurePackages = [
|
||||
# "openssl-1.1.1w"
|
||||
# ];
|
||||
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
package = cfg.package;
|
||||
hostName = cfg.domain;
|
||||
enableBrokenCiphersForSSE = false;
|
||||
database.createLocally = true;
|
||||
config = {
|
||||
dbtype = "pgsql";
|
||||
dbuser = "nextcloud3";
|
||||
dbuser = "nextcloud";
|
||||
dbhost = "/run/postgresql";
|
||||
dbname = "nextcloud3";
|
||||
dbname = "nextcloud";
|
||||
adminpassFile = "/etc/nextcloudpass";
|
||||
adminuser = "root";
|
||||
# "log_type" = "systemd";
|
||||
|
@ -60,10 +53,10 @@ in {
|
|||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
ensureDatabases = [ "nextcloud3" ];
|
||||
ensureDatabases = [ "nextcloud" ];
|
||||
ensureUsers = [
|
||||
{ name = "nextcloud3";
|
||||
ensurePermissions."DATABASE nextcloud3" = "ALL PRIVILEGES";
|
||||
{ name = "nextcloud";
|
||||
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
|
@ -39,7 +39,7 @@ in {
|
|||
#add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
|
||||
|
||||
# Minimize information leaked to other domains
|
||||
add_header 'Referrer-Policy' 'origin-when-cross-origin';
|
||||
#add_header 'Referrer-Policy' 'origin-when-cross-origin';
|
||||
|
||||
# Disable embedding as a frame
|
||||
#add_header X-Frame-Options DENY;
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
diff --git a/src/auth.nim b/src/auth.nim
|
||||
index b288c50..de1b1d8 100644
|
||||
--- a/src/auth.nim
|
||||
+++ b/src/auth.nim
|
||||
@@ -202,7 +202,7 @@ proc initAccountPool*(cfg: Config; path: string) =
|
||||
quit 1
|
||||
|
||||
let accountsPrePurge = accountPool.len
|
||||
- accountPool.keepItIf(not it.hasExpired)
|
||||
+ #accountPool.keepItIf(not it.hasExpired)
|
||||
|
||||
log "Successfully added ", accountPool.len, " valid accounts."
|
||||
if accountsPrePurge > accountPool.len:
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, pkgs, options, inputs, ... }:
|
||||
{ config, lib, pkgs, options, ... }:
|
||||
|
||||
# heavily references https://github.com/erdnaxe/nixos-modules/blob/master/services/nitter.nix
|
||||
|
||||
|
@ -29,24 +29,11 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
# force unstable
|
||||
disabledModules = [ "services/misc/nitter.nix" ];
|
||||
imports = [
|
||||
"${inputs.nixpkgs-unstable}/nixos/modules/services/misc/nitter.nix"
|
||||
];
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services = {
|
||||
nitter = {
|
||||
enable = true;
|
||||
package = pkgs.unstable.nitter.overrideAttrs (old: {
|
||||
patches = old.patches ++ [
|
||||
./nitter-age-check.patch
|
||||
];
|
||||
});
|
||||
config = {
|
||||
proxy = ""; # https://github.com/NixOS/nixpkgs/issues/235359
|
||||
};
|
||||
package = pkgs.unstable.nitter;
|
||||
server = {
|
||||
address = "127.0.0.1";
|
||||
port = cfg.port;
|
||||
|
@ -74,10 +61,6 @@ in {
|
|||
#add_header X-Content-Type-Options nosniff;
|
||||
#add_header X-Frame-Options DENY;
|
||||
#add_header X-XSS-Protection "1; mode=block";
|
||||
|
||||
if ($http_user_agent = 'Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)') {
|
||||
return 302 $scheme://fxtwitter.com$request_uri;
|
||||
}
|
||||
'';
|
||||
};
|
||||
locations."= /robots.txt" = {
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
{ pkgs, config, lib, options, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.phpfpm;
|
||||
in {
|
||||
|
||||
}
|
|
@ -14,7 +14,6 @@ in {
|
|||
config = mkIf cfg.enable {
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
package = pkgs.postgresql_15;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,20 +0,0 @@
|
|||
server:
|
||||
http_listen_port: 28183
|
||||
grpc_listen_port: 0
|
||||
|
||||
positions:
|
||||
filename: /tmp/positions.yaml
|
||||
|
||||
clients:
|
||||
- url: http://127.0.0.1:3100/loki/api/v1/push
|
||||
|
||||
scrape_configs:
|
||||
- job_name: journal
|
||||
journal:
|
||||
max_age: 12h
|
||||
labels:
|
||||
job: systemd-journal
|
||||
host: lucent-firepit
|
||||
relabel_configs:
|
||||
- source_labels: ["__journal__systemd_unit"]
|
||||
target_label: "unit"
|
|
@ -11,7 +11,6 @@ in {
|
|||
default = false;
|
||||
description = "Provide system SSH support though OpenSSH.";
|
||||
};
|
||||
|
||||
requirePassword = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
|
@ -21,13 +20,9 @@ in {
|
|||
config = mkIf cfg.enable {
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
|
||||
settings = {
|
||||
PasswordAuthentication = cfg.requirePassword;
|
||||
PermitRootLogin = "no";
|
||||
};
|
||||
passwordAuthentication = cfg.requirePassword;
|
||||
permitRootLogin = "no";
|
||||
};
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
|
|
|
@ -1,34 +0,0 @@
|
|||
{ config, lib, pkgs, options, inputs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.modules.services.update-idl;
|
||||
in {
|
||||
options.modules.services.update-idl = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.timers."update-itl" = {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnBootSec = "60m";
|
||||
OnUnitActiveSec = "60m";
|
||||
Unit = "update-itl.service";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services."update-itl" = {
|
||||
script = ''
|
||||
${pkgs.curl} -X POST https://mayf.pink/itl/update -H "Connection: Spiritual"
|
||||
'';
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "root";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -55,7 +55,7 @@ in {
|
|||
ensureDatabases = [ "vaultwarden" ];
|
||||
ensureUsers = [
|
||||
{ name = "vaultwarden";
|
||||
ensureDBOwnership = true;
|
||||
ensurePermissions = { "DATABASE vaultwarden" = "ALL PRIVILEGES"; };
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
|
@ -15,9 +15,5 @@ in {
|
|||
home._.programs.fish = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
fishPlugins.tide
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
source "$stdenv"/setup
|
||||
|
||||
export HOME=$(mktemp -d)
|
||||
|
||||
npm install --loglevel=info --logs-max=0 "ghost-cli@$ghostCliVersion"
|
||||
|
||||
mkdir --parents "$out"/
|
||||
node_modules/ghost-cli/bin/ghost install "$version" --db=sqlite3 \
|
||||
--no-enable --no-prompt --no-stack --no-setup --no-start --dir "$out"
|
|
@ -0,0 +1,11 @@
|
|||
{ pkgs }:
|
||||
|
||||
let
|
||||
pname = "ghost";
|
||||
version = "5.33.2";
|
||||
in pkgs.stdenv.mkDerivation {
|
||||
inherit pname version;
|
||||
buildInputs = with pkgs; [ nodejs yarn vips ];
|
||||
ghostCliVersion = "1.24.0";
|
||||
builder = ./builder.sh;
|
||||
}
|
|
@ -1,32 +0,0 @@
|
|||
{ stdenv, lib, fetchurl, makeWrapper, jre_headless }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "GMusicBot";
|
||||
version = "2023-05-19";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://oat.zone/f/GMusicBot-2023-05-19.jar?v=3";
|
||||
sha256 = "sha256-5c36did0kkaeu4Yi9vGIhlqRoeUBBRWKdihbaW9lwk4=";
|
||||
};
|
||||
|
||||
dontUnpack = true;
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/lib
|
||||
cp $src $out/lib/GMusicBot
|
||||
|
||||
makeWrapper ${jre_headless}/bin/java $out/bin/GMusicBot \
|
||||
--add-flags "-Xmx1G -Dnogui=true -Djava.util.concurrent.ForkJoinPool.common.parallelism=1 -jar $out/lib/GMusicBot"
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Discord music bot that's easy to set up and run yourself";
|
||||
homepage = "https://git.oat.zone/oat/GMusicBot";
|
||||
sourceProvenance = with sourceTypes; [ binaryBytecode ];
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ SuperSandro2000 ];
|
||||
inherit (jre_headless.meta) platforms;
|
||||
};
|
||||
}
|
|
@ -1,36 +0,0 @@
|
|||
{ stdenv, lib, fetchpijul
|
||||
, pijul
|
||||
, rustc
|
||||
, cargo
|
||||
, rustfmt
|
||||
, postgresql
|
||||
, sqlx-cli
|
||||
, libiconv
|
||||
, xxHash
|
||||
, zstd
|
||||
, ... }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "nidobyte";
|
||||
|
||||
src = fetchpijul {
|
||||
url = "https://nest.pijul.com/zj/nidobyte";
|
||||
hash = "YZAHAQRQHK24QY2H3AXKCPPDIE2F53H35C5CNYUSXRDSNCWOUJVQC";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
pijul
|
||||
|
||||
rustc
|
||||
cargo
|
||||
rustfmt
|
||||
|
||||
postgresql
|
||||
sqlx-cli
|
||||
|
||||
libiconv
|
||||
|
||||
xxHash
|
||||
zstd
|
||||
];
|
||||
}
|
|
@ -17,23 +17,23 @@
|
|||
|
||||
let
|
||||
|
||||
releaseTag = "v1.6";
|
||||
releaseTag = "v1.5";
|
||||
|
||||
assets = fetchurl {
|
||||
url = "https://github.com/STJr/Kart-Public/releases/download/${releaseTag}/AssetsLinuxOnly.zip";
|
||||
sha256 = "sha256-ejhPuZ1C8M9B0S4+2HN1T5pbormT1eVL3nlivqOszdE=";
|
||||
sha256 = "sha256-A4HkxnDGQICucsJyHXYc5GCRbMP0M4NjreohhFOQarA=";
|
||||
};
|
||||
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "srb2kart";
|
||||
version = "1.6.0";
|
||||
version = "1.5.0";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
owner = "KartKrew";
|
||||
repo = "Kart-Public";
|
||||
domain = "git.do.srb2.org";
|
||||
rev = "v1.6";
|
||||
sha256 = "sha256-5sIHdeenWZjczyYM2q+F8Y1SyLqL+y77yxYDUM3dVA0=";
|
||||
rev = "a69b3b0260665b8b0acac950a808a68e5a40894c";
|
||||
sha256 = "sha256-pWnCvBb+XkUjCVmlT3MgqPWICaERFO0POFAItIyA6Ns=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
Loading…
Reference in New Issue