dark-firepit
/
dotfiles
5
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: dark-firepit:main
Branches Tags
dark-firepit:main
dark-firepit:nixos-23
dark-firepit:lucent-firepit-crystal-gauntlet
..
compare: dark-firepit:lucent-firepit-crystal-gauntlet
Branches Tags
dark-firepit:main
dark-firepit:nixos-23
dark-firepit:lucent-firepit-crystal-gauntlet

1 Commits
main ... lucent-fir

Author SHA1 Message Date
Jill f6c57b66a8 crystal-gauntlet: added; wait for upstream to be fixed 2023-05-23 09:34:27 +02:00
33 changed files with 754 additions and 1188 deletions
Show Stats Expand all files Collapse all files

4
config/forgejo/app.toml
View File

@ -7,8 +7,8 @@ PASSWORD_CHECK_PWN = true
DEFAULT_BRANCH = "main"
[ui]
DEFAULT_THEME = "forgejo-auto"
THEMES="forgejo-auto,forgejo-light,forgejo-dark"
DEFAULT_THEME = "catppuccin-mocha"
THEMES="forgejo-auto,forgejo-light,forgejo-dark,arc-green,arc-pink,darkred,gitea-blue,gitea-modern,github,catppuccin-latte,catppuccin-frappe,catppuccin-macchiato,catppuccin-mocha"
CUSTOM_EMOJIS = "blurry_eyes,horny,acab,tastymilk,gluttony,soul_of_fright,soul_of_night,soul_of_blight,bottom,spongesad,Tainted_John_F_Kennedy,John_F_Kennedy_Tainted,John_F_Kennedy,plumspin,despair,ihaveyourip,peeeh,penis,twister,speed,deadchat,housj,dothejej,b_,trollgecommence,nervous,coffee,dilf,closer,slugclose,pls,x3,observer,zamiel_approves,i_see_pizza,cutely_blushes,babytime,sleeby,zonkerdoodle,whenyoubigshit,the_cowboy,stupib,soul_of_might,scripulous_fingore_point,scripulous_fingore,rusty50,pickle,orang,oralpleasure,ohgod,michael,i_see_chicory,he,hapykity,handsr,handsl,slugloafspin,gamer_boi,feddynite,cock,feddy_glamcock,face,entropy,elonmusk,eeeeeeeeee,child,ancapistanian,aiki,gloopy,lamb,YOU,slightYOU,citat,ionn,eede,ed,blank,michael,BABAXD,BABA,EyesPepe,spamdance,pickledance,BABA_IS_OO,wieldr,wieldl,cinnamon,jillo,she,hydrogenperoxide,ObedientCitizen,misinformation,maenod,Snowsgiving22_AnimatedEmojis_mal"
[mailer]

763
flake.lock
View File

File diff suppressed because it is too large Load Diff

37
flake.nix
View File

@ -2,61 +2,67 @@
description = "Frosted Flakes";
inputs = {
nixpkgs.url = "nixpkgs/nixos-23.11";
# temporary forgejo workaround
# TODO: remove when https://github.com/NixOS/nixpkgs/pull/218269 gets pushed to stable
#nixpkgs.url = "nixpkgs/nixos-22.05";
nixpkgs.url = "nixpkgs/nixos-unstable";
# WARNING: Where possible, prefer the stable branch of nixpkgs as nixpkgs-unstable may have incompatable or vulnerable software.
nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
home-manager.url = "github:nix-community/home-manager/release-23.11";
#home-manager.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager/release-22.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
# agenix - age-encrypted secrets
agenix = {
url = "github:ryantm/agenix";
#inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-hardware = {
url = "github:nixos/nixos-hardware";
#inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-minecraft = {
url = "github:Infinidoge/nix-minecraft";
#inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
};
crystal-gauntlet = {
url = "git+https://git.oat.zone/oat/crystal-gauntlet";
inputs.nixpkgs.follows = "nixpkgs";
};
cohost-blogger = {
url = "git+https://git.oat.zone/oat/cohost-blogger";
#inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
};
nlw-api.url = "git+https://git.oat.zone/oat/nlw-api";
emacs-overlay = {
url = "github:nix-community/emacs-overlay";
#inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
};
hyprland = {
url = "github:hyprwm/Hyprland";
#inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
};
hyprpaper = {
url = "github:hyprwm/hyprpaper";
#inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
};
hyprpicker = {
url = "github:hyprwm/hyprpicker";
#inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
};
vscode-server.url = "github:nix-community/nixos-vscode-server";
vscode-server.url = "github:msteen/nixos-vscode-server";
};
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, nix-minecraft, /* hyprland, hyprpaper, hyprpicker, */ ... }:
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, vscode-server, nix-minecraft, /* hyprland, hyprpaper, hyprpicker, */ ... }:
let
system = "x86_64-linux";
@ -79,6 +85,7 @@
overlays = mapModules ./overlays import;
nixosModules = (mapModulesRec ./modules import) ++ [
#hyprland.nixosModules.default
vscode-server.nixosModule
];
nixosConfigurations = mapModules ./hosts (host: mkHost host { inherit system; });
devShell."${system}" = import ./shell.nix { inherit pkgs; };

8
hosts/lucent-firepit/authorizedKeys.nix
View File

@ -23,14 +23,6 @@
{ hostname = "oatmealine@dark-firepit";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKz3Zkhrht1EX32LIbkSvql1p15EXqxTy/4xQKlj0CUx oatmealine@disroot.org";
}
{ hostname = "oatmealine@boykisser";
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDhgwhNQuM+iozuHk4OH+s5xS7U93W6hVtkpgF6arKPsWM6CUIUCyOwpNnGGH/HpBlFwYf4jN+NapVZ3bL8YHLUDayNO6uTfLLNvtaGeE65U/S0xGXhTyE0+bn7KWBFUlbO8CdjuBGGym0JVa0SMH4ppFBNJVR4HCe9fC83fD0T7gDZc5koApgxZfCyCu3bE03ulhRc5P8cKnTZAG0pVqK0doOIO7ociCbh4HhjTC83xRbfI9tlf52Y3xo14odpQhfXsPNNqxP0FzkC3zAOyT7iyrpQk1bgSLx/GzWh0KkljjJYGdMiiY6cVBxVYxjgrG7vDh/h3xMwBEhue4L9jmD4K4Eb5RZTxMyK83eHcomqZYigZjFKJ75TKdL17HbKgFGmfs9P0VhZUDUMp5Xm1yTVJqm6cQEhot1mT0F8FRYDiEadjw6vFZqz5dPzh2FRXsectNf60AiPRqF5HbitntgYvsLKZWAViOojbBc9gdQutu2AyuivteTEVG6Uq/LwE70= oatmealine@boykisser";
wg = "MPZLxzy+rvDvgZiaCwWjb+5hhhvWC3PH6cWLDv1Ga0U=";
}
{ hostname = "oatmealine@seven-red-suns";
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVBLBD/JrGFMvPNiiX/QFixSWXyGjDT6vDHVWg9cE5D oatmealine@seven-red-suns";
wg = "HQfsS+DUdgmDvliIv7yNnf4T9Q3YIN9ObSXhrNuQUi8=";
}
# mayflower
{ hostname = "mayflower@BMW-M550d-xDrive";

102
hosts/lucent-firepit/default.nix
View File

@ -15,12 +15,13 @@ in {
./webapps/default.nix
inputs.nix-minecraft.nixosModules.minecraft-servers
#inputs.watch-party.nixosModules.watch-party
(fetchTarball "https://github.com/msteen/nixos-vscode-server/tarball/master")
inputs.cohost-blogger.nixosModules.cohost-blogger
inputs.nlw-api.nixosModules.nlw-api
inputs.vscode-server.nixosModules.default
inputs.crystal-gauntlet.nixosModules.crystal-gauntlet
];
services.vscode-server.enable = true;
# services.auto-fix-vscode-server.enable = true;
# services.vscode-server.enable = true;
user = {
packages = with pkgs; [
@ -29,8 +30,6 @@ in {
];
};
services.logrotate.checkConfig = false;
users.groups.dotfiles = {};
users.groups.yugoslavia = {};
@ -38,7 +37,7 @@ in {
# aether??? is that... reference.../.??? aether https://www.curseforge.com/minecraft/mc-mods/aether mod Curseforge minecraft Forge Patreon Chat twitter code license Assets license All rights reserved categories Last Updated apr 17 2021 Game Version 1.12.2 aether
aether = {
conf = {
packages = with pkgs; [ bat duf broot helix nil packwiz ];
packages = with pkgs; [ bat duf broot helix nil ];
shell = pkgs.unstable.fish;
extraGroups = [ "wheel" "nix-users" "dotfiles" ];
initialHashedPassword = "!";
@ -67,8 +66,6 @@ in {
openssh.authorizedKeys.keys = fetchSSHKeys [
"oatmealine@void-defragmented"
"oatmealine@beppy-phone"
"oatmealine@boykisser"
"oatmealine@seven-red-suns"
];
};
@ -101,17 +98,17 @@ in {
};
};
#winter = {
# conf = {
# packages = with pkgs; [ micro ];
# shell = pkgs.unstable.fish;
# extraGroups = [ "wheel" "nix-users" "dotfiles" ];
# initialHashedPassword = "!";
# openssh.authorizedKeys.keys = fetchSSHKeys [
# "lilith@bms-cab"
# ];
# };
#};
winter = {
conf = {
packages = with pkgs; [ micro ];
shell = pkgs.unstable.fish;
extraGroups = [ "wheel" "nix-users" "dotfiles" ];
initialHashedPassword = "!";
openssh.authorizedKeys.keys = fetchSSHKeys [
"lilith@bms-cab"
];
};
};
};
keyboard = {
@ -119,6 +116,8 @@ in {
variant = "qwerty";
};
services.vscode-server.enable = true;
modules = {
shell.fish.enable = true;
security.isLocalMachine = false;
@ -134,7 +133,6 @@ in {
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCBKMXTLBJ5iIPiO9jiN+AHWxpgG1kcdI0h23+G1FLMnK+xhkmaP9Vjr9QbqQ4mmRqfGERfJW5H2/OvTEUXnrkAp1Jc8oPrc14/auwKivtbMC5tsWzioDMbcAYKrcP37D3Kw1P7nzSyAz3QsRXBRx26OE5NeTo4YfGl/TOkQnoBCDTt8kcziWEvUVeOgnHf3hnszs2H4P6RAyOqjuOH6BWhtbKsCHThTHaAadLgeH5nB1WXLYqG2N1KEzAhj8WBBzPmeZcMMRr5xkqYVj14cd+9syEaenV+wXapoPyDtOb6YtOKArN9RkT0OOqQk17OzxvGqHUEXQ4eGmNgc8BLsGJn rsa-key-20230402"
#fetchSSH "oatmealine@void-defragmented"
#fetchSSH "oatmealine@beppy-phone"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAIphRdy+g7zfj+KxfONoD24lzk+/mGhQ0EnOe8QGf8 oatmealine@disroot.org" # gh actions
];
packages = with pkgs; [ tmux micro ];
shell = pkgs.unstable.fish;
@ -158,11 +156,6 @@ in {
interfaces."wg0" = import ./wireguardInterface.nix;
};
dendrite = {
enable = true;
hostDomain = "dark-firepit.cloud";
};
terraria = {
enable = false;
port = 7777; # port-forwarded
@ -173,11 +166,6 @@ in {
dataDir = "/var/lib/terraria";
};
nextcloud = {
enable = false;
domain = "nextcloud.dark-firepit.cloud";
};
jmusicbot = let
baseOptions = {
owner = 276416332894044160;
@ -193,7 +181,6 @@ in {
npimages = true;
stayinchannel = true;
updatealerts = false;
aliases = {
nowplaying = [ "np" "current" ];
@ -204,15 +191,13 @@ in {
forceskip = [ "fs" ];
movetrack = [ "move" "m" ];
};
queuetype = "REGULAR";
};
in {
enable = true;
instances = {
"jomble" = {
enable = true;
package = pkgs._.gmusicbot;
package = pkgs.unstable.jmusicbot;
options = baseOptions // {
token = lib.removeSuffix "\n" (builtins.readFile /etc/jomble_token);
@ -221,7 +206,7 @@ in {
};
"jillo" = {
enable = true;
package = pkgs._.gmusicbot;
package = pkgs.unstable.jmusicbot;
options = baseOptions // {
token = lib.removeSuffix "\n" (builtins.readFile /etc/jillo_token);
@ -239,7 +224,6 @@ in {
extraRules = [
{ users = [ "aether" ]; noPass = false; persist = true; keepEnv = true; }
{ users = [ "oatmealine" ]; noPass = true; persist = false; keepEnv = true; }
{ users = [ "remote" ]; noPass = true; persist = false; keepEnv = true; }
];
};
@ -254,37 +238,39 @@ in {
# https://nixos.org/manual/nixos/stable/options.html#opt-networking.enableB43Firmware
# temporarily disabled
# enableIPv6 = true;
enableIPv6 = false;
usePredictableInterfaceNames = false;
interfaces.eth0 = {
ipv4.addresses = [{
address = "46.4.96.113";
# prefixLength = 27;
interfaces.eth0.ipv4.addresses = [
{ address = "46.4.96.113";
prefixLength = 24;
}];
/*
ipv6.addresses = [{
address = "2a01:4f8:140::1";
prefixLength = 64;
}];
*/
};
}
];
defaultGateway = "46.4.96.97";
/*
defaultGateway6 = {
address = "fe80::1";
interface = "eth0";
};
*/
nameservers = [ "8.8.8.8" "1.1.1.1" ];
#interfaces.eno1.ipv6.addresses = [
# { address = "2001:41d0:0700:3308::";
# prefixLength = 64;
# }
#
# { address = "2001:41d0:0700:33ff::";
# prefixLength = 64;
# }
#];
#defaultGateway6 = {
# address = "2001:41d0:0700:33ff:00ff:00ff:00ff:00ff";
# address = "33ff::1";
# address = "2001::1";
# interface = "eno1";
#};
firewall.allowPing = true;
# minecraft proximity voice chat
firewall.allowedTCPPorts = [ 24454 24464 25567 25577 4499 21025 21027 ];
firewall.allowedUDPPorts = [ 24454 24464 25567 25577 4499 21025 21027 ];
firewall.allowedTCPPorts = [ 24454 24464 25567 25577 4499 21025 ];
firewall.allowedUDPPorts = [ 24454 24464 25567 25577 4499 21025 ];
};
# environment.etc."dhcpcd.duid".text = "d0:50:99:d4:04:68:d0:50:99:d4:04:68";

53
hosts/lucent-firepit/minecraft/default.nix
View File

@ -4,8 +4,8 @@ with lib;
let
# https://git.sleeping.town/unascribed/unsup/releases
unsup = pkgs.fetchurl {
url = "https://git.sleeping.town/unascribed/unsup/releases/download/v0.2.3/unsup-0.2.3.jar";
hash = "sha256-DBMxiZwfUUiLqXYOMD8EUz4HubAZIEjAPmk32T0NYtA=";
url = "https://git.sleeping.town/attachments/c521d178-8938-40a5-b21b-0333eef4099e";
sha256 = "c5bd49784392b651e4bc71fe57976f5b4fb14f09e0e23183ae5b94a821ae4756";
};
mkUnsupINI = { url, extraConfig ? "" }: pkgs.writeTextFile {
@ -43,7 +43,7 @@ in {
"gayrats" = import ./gayrats.nix {
inherit pkgs;
enable = false;
enable = true;
server-port = 25565;
inherit unsup;
@ -55,7 +55,7 @@ in {
"gayrats-creative" = import ./gayrats-creative.nix {
inherit pkgs;
enable = false;
enable = true;
server-port = 25575;
inherit unsup;
@ -64,22 +64,10 @@ in {
unsupINI = mkUnsupINI { url = "https://oat.zone/f/gayrats-creative/pack.toml"; };
};
"gay-capybaras" = import ./gay-capybaras.nix {
inherit pkgs;
enable = true;
server-port = 25505;
inherit unsup;
inherit (gayrats) whitelist;
unsupINI = mkUnsupINI { url = "https://aether.gay/f/gay-capybaras/pack.toml"; };
};
"n3ko-test" = import ./n3ko-test.nix {
inherit pkgs;
enable = false;
enable = true;
server-port = 25595;
};
@ -87,7 +75,7 @@ in {
inherit pkgs;
inherit lib;
enable = false;
enable = true;
server-port = 25535;
inherit unsup;
@ -101,35 +89,6 @@ in {
'';
};
};
"modfest-build" = let
unsupINI = mkUnsupINI {
url = "https://raw.githack.com/ModFest/modfest-1-20/main/pack/pack.toml";
};
in {
enable = false;
package = pkgs.fabricServers."fabric-1_20_4".override { loaderVersion = "0.15.3"; };
jvmOpts = ((import ./mc-flags.nix) "4G") + " -javaagent:${unsup}";
openFirewall = true;
serverProperties = {
server-port = 25525;
gamemode = 1;
motd = "modfest build server !";
white-list = true;
max-players = 128;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
snooper-enabled = false;
spawn-protection = 0;
};
symlinks = {
"unsup.ini" = unsupINI;
};
};
};
systemd.services.minecraft-server-dark-firepit.serviceConfig = {

29
hosts/lucent-firepit/minecraft/gay-capybaras.nix
View File

@ -1,29 +0,0 @@
{ pkgs, enable ? false, server-port, whitelist, unsup, unsupINI, ... }:
{
inherit enable;
autoStart = true;
openFirewall = true;
inherit whitelist;
serverProperties = {
inherit server-port;
gamemode = 0;
motd = "dark-firepit, 1.20.1 Fabric";
white-list = true;
max-players = 8;
allow-flight = true;
enable-command-block = true;
enforce-secure-profile = false;
snooper-enabled = false;
spawn-protection = 0;
};
symlinks = { "unsup.ini" = unsupINI; };
package = pkgs.fabricServers."fabric-1_20_1".override { loaderVersion = "0.15.6"; };
# package = pkgs.fabricServers."fabric-1_20_1";
jvmOpts = "-Xmx6G -javaagent:${unsup}";
}

5
hosts/lucent-firepit/minecraft/gayrats-creative.nix
View File

@ -21,7 +21,6 @@
symlinks = { "unsup.ini" = unsupINI; };
package = pkgs.fabricServers."fabric-1_19_2".override { loaderVersion = "0.14.17"; };
package = pkgs.minecraftServers.fabric-1_19_2;
jvmOpts = "-Xmx6G -javaagent:${unsup}";
}
}

6
hosts/lucent-firepit/minecraft/gayrats.nix
View File

@ -21,8 +21,6 @@
symlinks = { "unsup.ini" = unsupINI; };
package = pkgs.fabricServers."fabric-1_19_2".override { loaderVersion = "0.14.17"; };
package = pkgs.minecraftServers.fabric-1_19_2;
jvmOpts = "-Xmx6G -javaagent:${unsup}";
}
}

1
hosts/lucent-firepit/minecraft/mc-flags.nix
View File

@ -1 +0,0 @@
memory: "-Xms${memory} -Xmx${memory} -XX:+UseShenandoahGC"

103
hosts/lucent-firepit/webapps/default.nix
View File

@ -9,21 +9,11 @@ in {
domain = "blog.oat.zone";
port = 3500;
};
services.nlw-api = {
services.crystal-gauntlet = {
enable = true;
domain = "nlw.oat.zone";
apiKey = builtins.readFile /etc/sheets-api-key;
#apiKey = "";
port = 1995;
};
services.cardgen = {
enable = true;
port = 25290;
};
services.gd-icon-renderer-web = {
enable = true;
port = 3435;
domain = "gdicon.oat.zone";
domain = "gdpstest.oat.zone";
port = 1982;
};
modules = {
@ -44,7 +34,6 @@ in {
enable = true;
domain = "git.oat.zone";
port = 3000;
enableActions = true;
};
matrix.conduit = {
@ -54,7 +43,7 @@ in {
vaultwarden = {
enable = true;
domain = "vault.dark-firepit.cloud";
domain = "vault.aether.gay";
};
# not entirely necessary but makes it so that invalid domains and/or direct ip access aborts connection
@ -73,7 +62,6 @@ in {
"giger.yugoslavia.fishing".dataDir = "/var/www/giger.yugoslavia.fishing";
"modfiles.oat.zone".dataDir = "/var/www/modfiles.oat.zone";
"shop.yugoslavia.best".dataDir = "/var/www/shop.yugoslavia.best";
"shop.yugoslavia.best".forceSSL = false;
"tesco-underground-dev.oat.zone".dataDir = "/var/www/tesco-underground-dev.oat.zone";
"tesco-underground-dev.oat.zone".auth = { tesco = builtins.readFile /etc/tesco; };
"oat.zone".dataDir = "/var/www/oat.zone";
@ -86,26 +74,17 @@ in {
"educationmath.oat.zone".auth = { twh = builtins.readFile /etc/proxy_twh; };
"rivervalleychocolate.com".dataDir = "/var/www/rivervalleychocolate.com";
"rivervalleychocolate.com".php = true;
"play.mayf.pink".dataDir = "/var/www/play.mayf.pink/";
"play.mayf.pink".php = true;
"play.mayf.pink".phpHandlePathing = true;
"tac.yugoslavia.best".dataDir = "/var/www/tac.yugoslavia.best/public";
"tac.yugoslavia.best".php = true;
"tac.yugoslavia.best".phpHandlePathing = true;
"pjsk.oat.zone".dataDir = "/var/www/pjsk.oat.zone";
"mayf.pink".dataDir = "/var/www/mayf.pink";
"mayf.pink".php = true;
"mayf.pink".phpHandlePathing = true;
"promotion.yugoslavia.best".dataDir = "/var/www/promotion.yugoslavia.best/public";
"promotion.yugoslavia.best".php = true;
"promotion.yugoslavia.best".phpHandlePathing = true;
"promotion.yugoslavia.best".forceSSL = false;
"star.yugoslavia.best".dataDir = "/var/www/star.yugoslavia.best";
"star.yugoslavia.best".forceSSL = false;
#"wint0r.zone".dataDir = "/var/www/wint0r.zone";
#"puzzle.wint0r.zone".dataDir = "/var/www/puzzle.wint0r.zone";
"femboy.industries".dataDir = "/var/www/femboy.industries";
} // (listToAttrs (map (value: {
name = "${value}.femboy.industries";
value = { dataDir = "/var/www/femboy.industries/_subdomains/${value}/"; };
}) ["sage"]));
"mayf.pink".forceSSL = false;
"wint0r.zone".dataDir = "/var/www/wint0r.zone";
"puzzle.wint0r.zone".dataDir = "/var/www/puzzle.wint0r.zone";
};
nitter = {
enable = true;
@ -129,10 +108,25 @@ in {
enable = true;
};
metrics = {
code-server = {
enable = true;
domain = "grafana.dark-firepit.cloud";
port = 2342;
domain = "dev-firepit.oat.zone";
port = 4444;
};
/*
ghost = {
enable = true;
domain = "blog.oat.zone";
port = 1357;
};
*/
isso = {
enable = true;
port = 1995;
domain = "comments.oat.zone";
target = "blog.oat.zone";
};
};
};
@ -143,22 +137,11 @@ in {
locations."/f/".extraConfig = ''
add_header Access-Control-Allow-Origin "*";
'';
locations."/f/cards/gen".extraConfig = ''
rewrite /f/cards/gen/(.*) /$1 break;
proxy_pass http://127.0.0.1:25290;
proxy_redirect off;
'';
extraConfig = ''
error_page 404 /404.html;
error_page 403 /403.html;
'';
};
"femboy.industries" = {
locations."/_subdomains".extraConfig = ''
deny all;
return 404;
'';
};
# todo: move to flake
"gdpstest.oat.zone" = {
enableACME = true;
@ -172,25 +155,23 @@ in {
'';
};
# todo: move to flake
"jillo.oat.zone" = {
"gdicon.oat.zone" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:15385/";
proxyPass = "http://127.0.0.1:3436/";
};
};
"drawdog.oat.zone" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:33363/";
extraConfig = ''
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
'';
};
# https://www.edwinwenink.xyz/posts/47-tilde_server/
# todo: fix this
"dark-firepit.cloud" = {
locations."~ ^/~([^/\\s]+?)(/[^\\s]*)?$".extraConfig = ''
add_header X-debug-message "/home/$1/www$2" always;
alias /home/$1/www$2;
index index.html index.htm;
autoindex on;
'';
};
#"git.oat.zone" = {

4
modules/security.nix
View File

@ -35,8 +35,8 @@ in {
}
];
boot.tmp.useTmpfs = lib.mkDefault true;
boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs);
boot.tmpOnTmpfs = lib.mkDefault true;
boot.cleanTmpDir = lib.mkDefault (!config.boot.tmpOnTmpfs);
security.rtkit.enable = true;

61
modules/services/code-server.nix Normal file
View File

@ -0,0 +1,61 @@
{ config, lib, pkgs, options, ... }:
with lib;
let
cfg = config.modules.services.code-server;
in {
options.modules.services.code-server = {
enable = mkOption {
type = types.bool;
default = false;
};
domain = mkOption {
type = types.str;
default = "dev-firepit.oat.zone";
};
port = mkOption {
type = types.int;
default = 4444;
};
};
config = mkIf cfg.enable {
services = {
code-server = {
enable = true;
port = cfg.port;
# temporary
auth = "password";
# temporary
hashedPassword = removeSuffix "\n" (builtins.readFile /etc/code-server-password);
extraPackages = with pkgs; [ git nix nixpkgs-fmt ];
};
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString cfg.port}";
extraConfig = ''
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
'';
};
locations."= /robots.txt" = {
extraConfig = ''
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
'';
};
};
};
users.users.code-server = {
extraGroups = [ "nix-users" "dotfiles" ];
shell = pkgs.unstable.fish;
};
};
}

108
modules/services/dendrite.nix
View File

@ -1,108 +0,0 @@
{ pkgs, config, lib, options, ... }:
with lib;
let
cfg = config.modules.services.dendrite;
fullDomain = "${cfg.prefix}.${cfg.hostDomain}";
maxUploadMegabytes = 600;
in {
options.modules.services.dendrite = {
enable = mkOption {
type = types.bool;
default = false;
};
hostDomain = mkOption {
type = types.str;
default = null;
};
prefix = mkOption {
type = types.str;
default = "matrix";
};
port = mkOption {
type = types.port;
default = 8008;
};
};
config = mkIf cfg.enable {
assertions = [
{ assertion = cfg.hostDomain != null;
description = "@config.modules.services.dendrite.hostDomain@ must not equal null";
}
];
services.dendrite = {
enable = true;
httpPort = cfg.port;
# httpsPort = cfg.port;
tlsCert = "/var/lib/dendrite_keys/server.crt";
tlsKey = "/var/lib/dendrite_keys/server.key";
loadCredential = [ "private_key:/var/lib/dendrite_keys/private/private_key.pem" ];
environmentFile = "/var/lib/dendrite_keys/registration_secret";
settings = {
global = {
server_name = cfg.hostDomain;
private_key = "/var/lib/dendrite_keys/private/private_key.pem";
presence = {
enable_inbound = true;
enable_outbound = true;
};
};
client_api = {
registration_shared_secret = "$REGISTRATION_SHARED_SECRET";
};
media_api = {
max_file_size_bytes = maxUploadMegabytes;
dynamic_thumbnails = true;
};
};
};
services.nginx.virtualHosts."${fullDomain}" = {
forceSSL = true;
enableACME = true;
#listen = [
# { addr = "0.0.0.0";
# port = 443;
# ssl = true;
# }
# { addr = "[::]";
# port = 443;
# ssl = true;
# }
#];
locations."/_matrix".proxyPass = "http://127.0.0.1:${toString cfg.port}";
#locations."/_matrix".proxyPass = "https://localhost:${toString cfg.port}";
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-RealIP $remote_addr;
proxy_read_timeout 600;
client_max_body_size ${toString maxUploadMegabytes}M;
'';
};
services.nginx.virtualHosts."${cfg.hostDomain}" = {
forceSSL = true;
enableACME = true;
locations."/.well-known/matrix/server".return = "200 '{ \"m.server\": \"${fullDomain}:443\"}'";
# locations."/.well-known/matrix/client".return = "200 '{ \"m.homserver\": { \"base_url\": \"https://${cfg.hostDomain}\"} }'";
locations."/.well-known/matrix/client".extraConfig = ''
add_header Access-Control-Allow-Origin '*';
return 200 '{ \"m.homeserver\": { \"base_url\": \"https://${fullDomain}\"} }';
'';
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = [ 80 443 ];
};
}

29
modules/services/forgejo.nix
View File

@ -21,19 +21,16 @@ in {
type = types.package;
default = pkgs.unstable.forgejo;
};
enableActions = mkOption {
type = types.bool;
default = false;
};
};
config = mkIf cfg.enable {
virtualisation.docker.enable = cfg.enableActions;
services = {
gitea = {
enable = true;
package = cfg.package;
domain = cfg.domain;
httpPort = cfg.port;
rootUrl = "https://${cfg.domain}/";
stateDir = "/var/lib/${cfg.domain}";
appName = "Forgejo: dark-firepit hosted Git";
database = {
@ -42,30 +39,12 @@ in {
};
settings = mkMerge [ (builtins.fromTOML (builtins.readFile "/etc/dotfiles/config/forgejo/app.toml")) {
"ui.meta" = {
AUTHOR = "dark-firepit.cloud";
AUTHOR = "aether & oat";
DESCRIPTION = "dark-firepit's shared git instance";
};
"server" = {
DOMAIN = cfg.domain;
HTTP_PORT = cfg.port;
ROOT_URL = "https://${cfg.domain}/";
};
"actions" = {
ENABLED = cfg.enableActions;
};
}];
};
gitea-actions-runner = mkIf cfg.enableActions {
instances."${config.networking.hostName}" = {
enable = true;
name = "ci";
url = "https://${cfg.domain}/";
labels = []; # use the packaged instance list
token = removeSuffix "\n" (builtins.readFile "/etc/forgejo-runner-token");
};
};
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;

158
modules/services/ghost.nix Normal file
View File

@ -0,0 +1,158 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.modules.services.ghost;
# user used to run the Ghost service
userName = builtins.replaceStrings [ "." ] [ "_" ] cfg.domain;
in {
options.modules.services.ghost = {
enable = mkOption {
type = types.bool;
default = false;
};
package = mkOption {
type = types.package;
default = pkgs._.ghost;
};
domain = mkOption {
type = types.str;
default = "blog.oat.zone";
};
port = mkOption {
type = types.int;
default = 1357;
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/${userName}";
};
};
config = let
# directory used to save the blog content
dataDir = cfg.dataDir;
# script that sets up the Ghost content directory
setupScript = pkgs.writeScript "${cfg.domain}-setup.sh" ''
#! ${pkgs.stdenv.shell} -e
chmod g+s "${dataDir}"
[[ ! -d "${dataDir}/content" ]] && cp -r "${cfg.package}/content" "${dataDir}/content"
chown -R "${userName}":"${userName}" "${dataDir}/content"
chmod -R +w "${dataDir}/content"
ln -f -s "/etc/${cfg.domain}.json" "${dataDir}/config.production.json"
[[ -d "${dataDir}/current" ]] && rm "${dataDir}/current"
ln -f -s "${cfg.package}/current" "${dataDir}/current"
[[ -d "${dataDir}/content/themes/casper" ]] && rm "${dataDir}/content/themes/casper"
ln -f -s "${cfg.package}/current/content/themes/casper" "${dataDir}/content/themes/casper"
'';
in lib.mkIf cfg.enable {
# Creates the user and group
users.users.${userName} = {
isSystemUser = true;
group = userName;
createHome = true;
home = dataDir;
};
users.groups.${userName} = { };
# Creates the Ghost config
environment.etc."${cfg.domain}.json".text = ''
{
"url": "https://${cfg.domain}",
"server": {
"port": ${toString cfg.port},
"host": "0.0.0.0"
},
"database": {
"client": "mysql",
"connection": {
"host": "localhost",
"user": "${userName}",
"database": "${userName}",
"password": "",
"socketPath": "/run/mysqld/mysqld.sock"
}
},
"mail": {
"transport": "sendmail"
},
"logging": {
"transports": ["stdout"]
},
"paths": {
"contentPath": "${dataDir}/content"
}
}
'';
# Sets up the Systemd service
systemd.services."${cfg.domain}" = {
enable = true;
description = "${cfg.domain} ghost blog";
restartIfChanged = true;
restartTriggers =
[ cfg.package config.environment.etc."${cfg.domain}.json".source ];
requires = [ "mysql.service" ];
after = [ "mysql.service" ];
path = [ pkgs.nodejs pkgs.vips ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = userName;
Group = userName;
WorkingDirectory = dataDir;
# Executes the setup script before start
ExecStartPre = setupScript;
# Runs Ghost with node
ExecStart = "${pkgs.nodejs}/bin/node current/index.js";
# Sandboxes the Systemd service
AmbientCapabilities = [ ];
CapabilityBoundingSet = [ ];
KeyringMode = "private";
LockPersonality = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateMounts = true;
PrivateTmp = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectSystem = "full";
RemoveIPC = true;
RestrictAddressFamilies = [ ];
RestrictNamespaces = true;
RestrictRealtime = true;
};
environment = { NODE_ENV = "production"; };
};
# Sets up the blog virtual host on NGINX
services.nginx.virtualHosts.${cfg.domain} = {
# Sets up Lets Encrypt SSL certificates for the blog
forceSSL = true;
enableACME = true;
locations."/" = { proxyPass = "http://127.0.0.1:${toString cfg.port}"; };
extraConfig = ''
charset UTF-8;
add_header Strict-Transport-Security "max-age=2592000; includeSubDomains" always;
add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
'';
};
# Sets up MySQL database and user for Ghost
services.mysql = {
ensureDatabases = [ userName ];
ensureUsers = [{
name = userName;
ensurePermissions = { "${userName}.*" = "ALL PRIVILEGES"; };
}];
};
};
}

82
modules/services/isso.nix Normal file
View File

@ -0,0 +1,82 @@
{ config, lib, pkgs, options, ... }:
with lib;
let
cfg = config.modules.services.isso;
in {
options.modules.services.isso = {
enable = mkOption {
type = types.bool;
default = false;
};
domain = mkOption {
type = types.str;
default = "comments.oat.zone";
};
target = mkOption {
type = types.str;
default = "blog.oat.zone";
};
port = mkOption {
type = types.port;
default = 1550;
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/isso";
};
};
config = mkIf cfg.enable {
services = {
isso = {
enable = true;
settings = {
general = {
dbpath = "${cfg.dataDir}/comments.db";
host = "https://${cfg.target}";
latest-enabled = true;
};
server = {
listen = "http://localhost:${toString cfg.port}";
samesite = "Lax";
public-endpoint = "https://${cfg.domain}";
};
guard = {
enabled = true;
require-author = true;
ratelimit = 4;
};
admin = {
enabled = true;
password = removeSuffix "\n" (builtins.readFile /etc/isso_admin_pass);
};
};
};
nginx.enable = true;
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString cfg.port}";
extraConfig = ''
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
'';
};
};
};
systemd.services.isso.serviceConfig = {
preStart = ''
umask u=rwx,g=rwx,o=rx
mkdir -p ${cfg.dataDir}
cd ${cfg.dataDir}
${pkgs.coreutils}/bin/chown -R isso:isso .
${pkgs.coreutils}/bin/chmod -R 775 .
'';
};
};
}

12
modules/services/jmusicbot.nix
View File

@ -270,16 +270,6 @@ in {
};
};
queuetype = mkOption {
type = types.enum ["FAIR" "REGULAR"];
description = ''
Sets the queue type
FAIR: Each user gets a fair chance at the queue by rearranging it such that no user can fill it up entirely
REGULAR: Queue works as first-come, first-served
'';
default = "FAIR";
};
eval = mkOption {
type = types.bool;
description = ''
@ -369,4 +359,4 @@ in {
}
) cfg.instances;
};
}
}

55
modules/services/loki-local-config.yml
View File

@ -1,55 +0,0 @@
auth_enabled: false
server:
http_listen_port: 3100
ingester:
lifecycler:
address: 0.0.0.0
ring:
kvstore:
store: inmemory
replication_factor: 1
final_sleep: 0s
chunk_idle_period: 1h # Any chunk not receiving new logs in this time will be flushed
max_chunk_age: 1h # All chunks will be flushed when they hit this age, default is 1h
chunk_target_size: 1048576 # Loki will attempt to build chunks up to 1.5MB, flushing first if chunk_idle_period or max_chunk_age is reached first
chunk_retain_period: 30s # Must be greater than index read cache TTL if using an index cache (Default index read cache TTL is 5m)
max_transfer_retries: 0 # Chunk transfers disabled
schema_config:
configs:
- from: 2023-12-08
store: boltdb-shipper
object_store: filesystem
schema: v11
index:
prefix: index_
period: 24h
storage_config:
boltdb_shipper:
active_index_directory: /var/lib/loki/boltdb-shipper-active
cache_location: /var/lib/loki/boltdb-shipper-cache
cache_ttl: 24h # Can be increased for faster performance over longer query periods, uses more disk space
shared_store: filesystem
filesystem:
directory: /var/lib/loki/chunks
limits_config:
reject_old_samples: true
reject_old_samples_max_age: 168h
chunk_store_config:
max_look_back_period: 0s
table_manager:
retention_deletes_enabled: false
retention_period: 0s
compactor:
working_directory: /var/lib/loki
shared_store: filesystem
compactor_ring:
kvstore:
store: inmemory

110
modules/services/metrics.nix
View File

@ -1,110 +0,0 @@
{ config, lib, pkgs, options, ... }:
with lib;
let
cfg = config.modules.services.metrics;
in {
options.modules.services.metrics = {
enable = mkOption {
type = types.bool;
default = false;
};
domain = mkOption {
type = types.str;
# default = "grafana.oat.zone";
default = null;
};
port = mkOption {
type = types.int;
default = 2342;
};
};
config = mkIf cfg.enable {
assertions = [
{ assertion = cfg.domain != null;
description = "please set the domain for grafana";
}
];
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''
${pkgs.grafana-loki}/bin/promtail --config.file ${./promtail.yml}
'';
};
};
services = {
grafana = {
enable = true;
settings = {
server = {
domain = cfg.domain;
http_port = cfg.port;
http_addr = "127.0.0.1";
};
};
};
prometheus = let
ports = {
base = 9001;
node = 9002;
nginx = 9003;
};
in {
enable = true;
port = ports.base;
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
port = ports.node;
};
nginx = {
enable = true;
port = ports.nginx;
};
};
scrapeConfigs = [
{
job_name = "lucent-firepit";
static_configs = [{
targets = [
"127.0.0.1:${toString ports.node}"
"127.0.0.1:${toString ports.nginx}"
];
}];
}
];
};
loki = {
enable = true;
configFile = ./loki-local-config.yml;
};
nginx.statusPage = true;
nginx.virtualHosts."${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString cfg.port}";
proxyWebsockets = true;
};
locations."= /robots.txt" = {
extraConfig = ''
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
'';
};
};
};
};
}

21
modules/services/nextcloud.nix
View File

@ -7,12 +7,12 @@ in {
options.modules.services.nextcloud = {
enable = mkOption {
type = types.bool;
default = mkForce false;
default = false;
};
package = mkOption {
type = types.package;
default = pkgs.nextcloud27;
default = pkgs.nextcloud24;
};
domain = mkOption {
@ -28,22 +28,15 @@ in {
}
];
# vomit inducing
# nixpkgs.config.permittedInsecurePackages = [
# "openssl-1.1.1w"
# ];
services.nextcloud = {
enable = true;
package = cfg.package;
hostName = cfg.domain;
enableBrokenCiphersForSSE = false;
database.createLocally = true;
config = {
dbtype = "pgsql";
dbuser = "nextcloud3";
dbuser = "nextcloud";
dbhost = "/run/postgresql";
dbname = "nextcloud3";
dbname = "nextcloud";
adminpassFile = "/etc/nextcloudpass";
adminuser = "root";
# "log_type" = "systemd";
@ -60,10 +53,10 @@ in {
services.postgresql = {
enable = true;
ensureDatabases = [ "nextcloud3" ];
ensureDatabases = [ "nextcloud" ];
ensureUsers = [
{ name = "nextcloud3";
ensurePermissions."DATABASE nextcloud3" = "ALL PRIVILEGES";
{ name = "nextcloud";
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
}
];
};

13
modules/services/nitter-age-check.patch
View File

@ -1,13 +0,0 @@
diff --git a/src/auth.nim b/src/auth.nim
index b288c50..de1b1d8 100644
--- a/src/auth.nim
+++ b/src/auth.nim
@@ -202,7 +202,7 @@ proc initAccountPool*(cfg: Config; path: string) =
quit 1
let accountsPrePurge = accountPool.len
- accountPool.keepItIf(not it.hasExpired)
+ #accountPool.keepItIf(not it.hasExpired)
log "Successfully added ", accountPool.len, " valid accounts."
if accountsPrePurge > accountPool.len:

17
modules/services/nitter.nix
View File

@ -1,4 +1,4 @@
{ config, lib, pkgs, options, inputs, ... }:
{ config, lib, pkgs, options, ... }:
# heavily references https://github.com/erdnaxe/nixos-modules/blob/master/services/nitter.nix
@ -29,24 +29,11 @@ in {
};
};
# force unstable
disabledModules = [ "services/misc/nitter.nix" ];
imports = [
"${inputs.nixpkgs-unstable}/nixos/modules/services/misc/nitter.nix"
];
config = mkIf cfg.enable {
services = {
nitter = {
enable = true;
package = pkgs.unstable.nitter.overrideAttrs (old: {
patches = old.patches ++ [
./nitter-age-check.patch
];
});
config = {
proxy = ""; # https://github.com/NixOS/nixpkgs/issues/235359
};
package = pkgs.nitter;
server = {
address = "127.0.0.1";
port = cfg.port;

1
modules/services/postgres.nix
View File

@ -14,7 +14,6 @@ in {
config = mkIf cfg.enable {
services.postgresql = {
enable = true;
package = pkgs.postgresql_15;
};
};
}

20
modules/services/promtail.yml
View File

@ -1,20 +0,0 @@
server:
http_listen_port: 28183
grpc_listen_port: 0
positions:
filename: /tmp/positions.yaml
clients:
- url: http://127.0.0.1:3100/loki/api/v1/push
scrape_configs:
- job_name: journal
journal:
max_age: 12h
labels:
job: systemd-journal
host: lucent-firepit
relabel_configs:
- source_labels: ["__journal__systemd_unit"]
target_label: "unit"

34
modules/services/update-itl.nix
View File

@ -1,34 +0,0 @@
{ config, lib, pkgs, options, inputs, ... }:
with lib;
let
cfg = config.modules.services.update-idl;
in {
options.modules.services.update-idl = {
enable = mkOption {
type = types.bool;
default = false;
};
};
config = mkIf cfg.enable {
systemd.timers."update-itl" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "60m";
OnUnitActiveSec = "60m";
Unit = "update-itl.service";
};
};
systemd.services."update-itl" = {
script = ''
${pkgs.curl} -X POST https://mayf.pink/itl/update -H "Connection: Spiritual"
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
};
}

2
modules/services/vaultwarden.nix
View File

@ -55,7 +55,7 @@ in {
ensureDatabases = [ "vaultwarden" ];
ensureUsers = [
{ name = "vaultwarden";
ensureDBOwnership = true;
ensurePermissions = { "DATABASE vaultwarden" = "ALL PRIVILEGES"; };
}
];
};

4
modules/shell/fish.nix
View File

@ -15,9 +15,5 @@ in {
home._.programs.fish = {
enable = true;
};
environment.systemPackages = with pkgs; [
fishPlugins.tide
];
};
}

12
overlays/nitter.nix Normal file
View File

@ -0,0 +1,12 @@
self: super: {
nitter = super.nitter.overrideAttrs (old: {
# https://github.com/zedeus/nitter/pull/830
version = "unstable-2023-04-16";
src = super.fetchFromGitHub {
owner = "PrivacyDevel";
repo = "nitter";
rev = "11279e2b4ff612f523380c2ff4678a056eb5c03c";
hash = "sha256-GSBtyrrQTYRO9+XNXZsXOtnQ5QrLqmKE81RkuX/btUs=";
};
});
}

9
packages/ghost/builder.sh Normal file
View File

@ -0,0 +1,9 @@
source "$stdenv"/setup
export HOME=$(mktemp -d)
npm install --loglevel=info --logs-max=0 "ghost-cli@$ghostCliVersion"
mkdir --parents "$out"/
node_modules/ghost-cli/bin/ghost install "$version" --db=sqlite3 \
--no-enable --no-prompt --no-stack --no-setup --no-start --dir "$out"

11
packages/ghost/default.nix Normal file
View File

@ -0,0 +1,11 @@
{ pkgs }:
let
pname = "ghost";
version = "5.33.2";
in pkgs.stdenv.mkDerivation {
inherit pname version;
buildInputs = with pkgs; [ nodejs yarn vips ];
ghostCliVersion = "1.24.0";
builder = ./builder.sh;
}

32
packages/gmusicbot.nix
View File

@ -1,32 +0,0 @@
{ stdenv, lib, fetchurl, makeWrapper, jre_headless }:
stdenv.mkDerivation rec {
pname = "GMusicBot";
version = "2023-05-19";
src = fetchurl {
url = "https://oat.zone/f/GMusicBot-2023-05-19.jar?v=3";
sha256 = "sha256-5c36did0kkaeu4Yi9vGIhlqRoeUBBRWKdihbaW9lwk4=";
};
dontUnpack = true;
nativeBuildInputs = [ makeWrapper ];
installPhase = ''
mkdir -p $out/lib
cp $src $out/lib/GMusicBot
makeWrapper ${jre_headless}/bin/java $out/bin/GMusicBot \
--add-flags "-Xmx1G -Dnogui=true -Djava.util.concurrent.ForkJoinPool.common.parallelism=1 -jar $out/lib/GMusicBot"
'';
meta = with lib; {
description = "Discord music bot that's easy to set up and run yourself";
homepage = "https://git.oat.zone/oat/GMusicBot";
sourceProvenance = with sourceTypes; [ binaryBytecode ];
license = licenses.asl20;
maintainers = with maintainers; [ SuperSandro2000 ];
inherit (jre_headless.meta) platforms;
};
}

36
packages/nidobyte.nix
View File

@ -1,36 +0,0 @@
{ stdenv, lib, fetchpijul
, pijul
, rustc
, cargo
, rustfmt
, postgresql
, sqlx-cli
, libiconv
, xxHash
, zstd
, ... }:
stdenv.mkDerivation rec {
pname = "nidobyte";
src = fetchpijul {
url = "https://nest.pijul.com/zj/nidobyte";
hash = "YZAHAQRQHK24QY2H3AXKCPPDIE2F53H35C5CNYUSXRDSNCWOUJVQC";
};
nativeBuildInputs = [
pijul
rustc
cargo
rustfmt
postgresql
sqlx-cli
libiconv
xxHash
zstd
];
}