dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Update inputs

Browse Source
This commit is contained in:
Jack O'Sullivan 2023-08-27 18:59:07 +01:00
parent f10ce00f04
commit 0672e94962
8 changed files with 37 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
flake.lock generated
View File

@ -188,11 +188,11 @@
"systems": "systems_3" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1687173957, "lastModified": 1692793255,
"narHash": "sha256-GOds2bAQcZ94fb9/Nl/aM+r+0wGSi4EKYuZYR8Dw4R8=", "narHash": "sha256-yVyj0AE280JkccDHuG1XO9oGxN6bW8ksr/xttXcXzK0=",
"owner": "numtide", "owner": "numtide",
"repo": "devshell", "repo": "devshell",
"rev": "2cf83bb31720fcc29a999aee28d6da101173e66a", "rev": "2aa26972b951bc05c3632d4e5ae683cb6771a7c6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -387,11 +387,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1687595284, "lastModified": 1692099905,
"narHash": "sha256-W4bGX7yCjWLeAugWpCMURlXxgPmXBJGTr/isGyd6Uew=", "narHash": "sha256-/pSusGhmIdSdAaywQRFA5dVbfdIzlWQTecM+E46+cJ0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "05a584b4f63f5de442f59c8cec01dddc77312856", "rev": "2a6679aa9cc3872c29ba2a57fe1b71b3e3c5649f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -407,11 +407,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1687606638, "lastModified": 1693125758,
"narHash": "sha256-kloVhlQlholYXI6nfXkEa/4B+LZ+22YayxPoKZNkqRU=", "narHash": "sha256-7u591OQ1nzQ/IRMDBix8Ox1q+u3OyPQHs2HDZnR89qk=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "68aebb45de644b81a71f0c7b8b22ad51c9a0df7a", "rev": "f8c5fd75092448ac134d7fb823556b37d3c821f5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -421,11 +421,11 @@
}, },
"impermanence": { "impermanence": {
"locked": { "locked": {
"lastModified": 1684264534, "lastModified": 1690797372,
"narHash": "sha256-K0zr+ry3FwIo3rN2U/VWAkCJSgBslBisvfRIPwMbuCQ=", "narHash": "sha256-GImz19e33SeVcIvBB7NnhbJSbTpFFmNtWLh7Z85Y188=",
"owner": "nix-community", "owner": "nix-community",
"repo": "impermanence", "repo": "impermanence",
"rev": "89253fb1518063556edd5e54509c30ac3089d5e6", "rev": "e3a7acd113903269a1b5c8b527e84ce7ee859851",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -473,11 +473,11 @@
}, },
"nixpkgs-mine": { "nixpkgs-mine": {
"locked": { "locked": {
"lastModified": 1687611476, "lastModified": 1693148900,
"narHash": "sha256-7LzqSblaNWMwT6KL4fC9+zsAS+YJYSTkLbVKoo+mNTk=", "narHash": "sha256-rk+VheIaneH2XpLgYQ1QvC+w4rTiKxGaq/3onUq/OBk=",
"owner": "devplayer0", "owner": "devplayer0",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7ba13caee5ea68574ed8ef7ba05c03352a58928d", "rev": "34753e65f6c7887a1ea6bad9700b84993b336c41",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -489,11 +489,11 @@
}, },
"nixpkgs-mine-stable": { "nixpkgs-mine-stable": {
"locked": { "locked": {
"lastModified": 1687611609, "lastModified": 1693148935,
"narHash": "sha256-RxFHlQIYykJO1MnByUBz8Yl+/FJRmL7wiZRC7EnjXKE=", "narHash": "sha256-EzIaEnhDZBSSO6LCRhRriq5tZLyayseuTxWaLndtFHU=",
"owner": "devplayer0", "owner": "devplayer0",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d4f62cff19daf3e45aa9ca48aa601e0dd95d0ffa", "rev": "e1d2b37448af90de8215c270230967fa29446cae",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -505,11 +505,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1687466461, "lastModified": 1693087214,
"narHash": "sha256-oupXI7g7RPzlpGUfAu1xG4KBK53GrZH8/xeKgKDB4+Q=", "narHash": "sha256-Kn1SSqRfPpqcI1MDy82JXrPT1WI8c03TA2F0xu6kS+4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ecb441f22067ba1d6312f4932a7c64efa8d19a7b", "rev": "f155f0cf4ea43c4e3c8918d2d327d44777b6cad4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -520,11 +520,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1687502512, "lastModified": 1693003285,
"narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", "narHash": "sha256-5nm4yrEHKupjn62MibENtfqlP6pWcRTuSKrMiH9bLkc=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f", "rev": "5690c4271f2998c304a45c91a0aeb8fb69feaea7",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
nixos/boxes/castle/default.nix
View File

@ -25,7 +25,7 @@
efi.canTouchEfiVariables = false; efi.canTouchEfiVariables = false;
timeout = 10; timeout = 10;
}; };
kernelPackages = pkgs.linuxKernel.packages.linux_6_3; kernelPackages = pkgs.linuxKernel.packages.linux_6_4;
kernelModules = [ "kvm-amd" ]; kernelModules = [ "kvm-amd" ];
kernelParams = [ "amd_iommu=on" "amd_pstate=passive" ]; kernelParams = [ "amd_iommu=on" "amd_pstate=passive" ];
kernelPatches = [ kernelPatches = [

3
nixos/boxes/colony/vms/shill/containers/chatterbox.nix
View File

@ -60,6 +60,9 @@ in
matrix-synapse = { matrix-synapse = {
enable = true; enable = true;
withJemalloc = true; withJemalloc = true;
extras = [
"oidc"
];
extraConfigFiles = [ config.age.secrets."chatterbox/synapse.yaml".path ]; extraConfigFiles = [ config.age.secrets."chatterbox/synapse.yaml".path ];
settings = { settings = {

2
nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix
View File

@ -44,6 +44,8 @@ let
''; '';
}; };
"/.well-known/webfinger".return = "301 https://toot.nul.ie$request_uri"; "/.well-known/webfinger".return = "301 https://toot.nul.ie$request_uri";
"/.well-known/nodeinfo".return = "301 https://toot.nul.ie$request_uri";
"/.well-known/host-meta".return = "301 https://toot.nul.ie$request_uri";
}; };
in in
{ {

11
nixos/boxes/kelder/default.nix
View File

@ -119,16 +119,7 @@ in
enable = true; enable = true;
}; };
ddclient = { # TODO: replace ddclient with script to update local IP
enable = true;
use = "if, if=et1g0";
protocol = "cloudflare";
zone = lib.my.kelder.domain;
domains = [ "kelder-local.${lib.my.kelder.domain}" ];
username = "token";
passwordFile = config.age.secrets."kelder/ddclient-cloudflare.key".path;
};
samba = { samba = {
enable = true; enable = true;

2
nixos/boxes/tower/default.nix
View File

@ -25,7 +25,7 @@
efi.canTouchEfiVariables = true; efi.canTouchEfiVariables = true;
timeout = 10; timeout = 10;
}; };
kernelPackages = pkgs.linuxKernel.packages.linux_6_3; kernelPackages = pkgs.linuxKernel.packages.linux_6_4;
kernelModules = [ "kvm-intel" ]; kernelModules = [ "kvm-intel" ];
kernelParams = [ "intel_iommu=on" ]; kernelParams = [ "intel_iommu=on" ];
initrd = { initrd = {

9
nixos/modules/pdns.nix
View File

@ -43,10 +43,11 @@ let
}; };
''; '';
staticZonePath = "/etc/pdns-bind-zones";
loadZonesCommon = pkgs.writeShellScript "pdns-bind-load-common.sh" '' loadZonesCommon = pkgs.writeShellScript "pdns-bind-load-common.sh" ''
loadZones() { loadZones() {
for z in /etc/pdns/bind-zones/*.zone; do for z in ${staticZonePath}/*.zone; do
zoneName="$(echo "$z" | ${pkgs.gnused}/bin/sed -rn 's|/etc/pdns/bind-zones/(.*)\.zone|\1|p')" zoneName="$(echo "$z" | ${pkgs.gnused}/bin/sed -rn 's|${staticZonePath}/(.*)\.zone|\1|p')"
zDat="/var/lib/pdns/bind-zones/"$zoneName".dat" zDat="/var/lib/pdns/bind-zones/"$zoneName".dat"
newZonePath="$(readlink -f "$z")" newZonePath="$(readlink -f "$z")"
@ -142,7 +143,7 @@ let
# Use sponge instead of `sed -i` because that actually uses a temporary file and clobbers ownership... # Use sponge instead of `sed -i` because that actually uses a temporary file and clobbers ownership...
sed "s/^serial=.*$/serial=$serial/g" "$zDat" | sponge "$zDat" sed "s/^serial=.*$/serial=$serial/g" "$zDat" | sponge "$zDat"
sed "s/@@SERIAL@@/$serial/g" < /etc/pdns/bind-zones/"$zone".zone > /run/pdns/bind-zones/"$zone".zone sed "s/@@SERIAL@@/$serial/g" < ${staticZonePath}/"$zone".zone > /run/pdns/bind-zones/"$zone".zone
pdns_control bind-reload-now "$zone" pdns_control bind-reload-now "$zone"
''; '';
}; };
@ -270,7 +271,7 @@ in
pdns-file-record pdns-file-record
]; ];
etc."pdns/bind-zones".source = "${zones}/*"; etc."pdns-bind-zones".source = "${zones}/*";
}; };
systemd.services.pdns = { systemd.services.pdns = {

3
nixos/modules/tmproot.nix
View File

@ -195,9 +195,6 @@ in
(mkIf config.services.mastodon.enable { (mkIf config.services.mastodon.enable {
my.tmproot.unsaved.ignore = [ "/var/lib/mastodon/.secrets_env" ]; my.tmproot.unsaved.ignore = [ "/var/lib/mastodon/.secrets_env" ];
}) })
(mkIf config.services.ddclient.enable {
my.tmproot.unsaved.ignore = [ "/var/lib/private/ddclient" ];
})
(mkIf config.services.samba.enable { (mkIf config.services.samba.enable {
my.tmproot.unsaved.ignore = [ "/var/cache/samba" ]; my.tmproot.unsaved.ignore = [ "/var/cache/samba" ];
}) })