dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Compare commits

base: dev:dde682390fc533ac96e676c753b355842033ff8d
Branches Tags
dev:master dev:fastback-ssh
dev:installer
..
compare: dev:master
Branches Tags
dev:master dev:fastback-ssh
dev:installer

6 Commits
dde682390f ... master

Author SHA1 Message Date
Jack O'Sullivan
2bf18319c9 nixos/routing-common: Fix keepalived link-local addresses
All checks were successful
CI / Check, build and cache nixfiles (push) Successful in 1h17m1s
Details
2026-03-16 15:12:46 +00:00
Jack O'Sullivan
a394b9124a nixos/routing-common: Fix Cloudflare 2026-03-16 13:37:16 +00:00
Jack O'Sullivan
5bc48d33a3 nixos: Add tcpdump on all machines 2026-03-16 13:33:08 +00:00
Jack O'Sullivan
365ef5d49d Update nixpkgs for terraria-server
All checks were successful
CI / Check, build and cache nixfiles (push) Successful in 1h3m49s
Details
2026-03-10 21:27:14 +00:00
Jack O'Sullivan
0206d52fa2 nixos/netboot: Remove pinned iPXE
All checks were successful
CI / Check, build and cache nixfiles (push) Successful in 1h15m47s
Details
2026-03-08 14:36:07 +00:00
Jack O'Sullivan
5526e07e65 Update harmonia
Some checks failed
CI / Check, build and cache nixfiles (push) Failing after 2h25m26s
Details
2026-03-07 17:09:50 +00:00
8 changed files with 30 additions and 47 deletions
Expand all files Collapse all files

41
flake.lock generated
View File

@@ -90,11 +90,11 @@
}, },
"crane": { "crane": {
"locked": { "locked": {
"lastModified": 1763938834, "lastModified": 1772560058,
"narHash": "sha256-j8iB0Yr4zAvQLueCZ5abxfk6fnG/SJ5JnGUziETjwfg=", "narHash": "sha256-NuVKdMBJldwUXgghYpzIWJdfeB7ccsu1CC7B+NfSoZ8=",
"owner": "ipetkov", "owner": "ipetkov",
"repo": "crane", "repo": "crane",
"rev": "d9e753122e51cee64eb8d2dddfe11148f339f5a2", "rev": "db590d9286ed5ce22017541e36132eab4e8b3045",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -264,11 +264,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763759067, "lastModified": 1772408722,
"narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=", "narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0", "rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -474,16 +474,15 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1765032623, "lastModified": 1772679279,
"narHash": "sha256-BbtN5NFN2RU3KP2TLA6zOoiv5MZXWqN1mXxIkKY8Kx4=", "narHash": "sha256-ockL9qWhamkGgBYnJHTvt1oHdRvGfbS36kW9WpOhzec=",
"owner": "devplayer0", "owner": "nix-community",
"repo": "harmonia", "repo": "harmonia",
"rev": "310e2b2c6583710c52531785f1245d9621284310", "rev": "4e9e03e04467b50575f6b05c8abee12407418106",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "devplayer0", "owner": "nix-community",
"ref": "cache-config-daemon-store",
"repo": "harmonia", "repo": "harmonia",
"type": "github" "type": "github"
} }
@@ -589,11 +588,11 @@
"nix": { "nix": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1764532838, "lastModified": 1772224943,
"narHash": "sha256-hw4J7wfqXWBCvsMVXPS4nvkcSeTXAtR5h9Ylv7a7dBA=", "narHash": "sha256-jJIlRLPPVYu860MVFx4gsRx3sskmLDSRWXXue5tYncw=",
"owner": "nixos", "owner": "nixos",
"repo": "nix", "repo": "nix",
"rev": "8be9507a88f466dd44e6e56cd00167fa10e995b8", "rev": "0acd0566e85e4597269482824711bcde7b518600",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -641,11 +640,11 @@
}, },
"nixpkgs-mine": { "nixpkgs-mine": {
"locked": { "locked": {
"lastModified": 1770847929, "lastModified": 1773177937,
"narHash": "sha256-cxvC73HcT9OP67g4KNMYbJyGwAuZLvG4vNBMqFjEdxw=", "narHash": "sha256-HY4jRsp70w4cCID7ScA79wB+y45n2scr3Qz/N+0352I=",
"owner": "devplayer0", "owner": "devplayer0",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "3a9b7ab539186d4e9bb3c664cb4617ebd423f0bc", "rev": "7d4f41507e7519949f6847e050cc0df87ce776d3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1053,11 +1052,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1761311587, "lastModified": 1772660329,
"narHash": "sha256-Msq86cR5SjozQGCnC6H8C+0cD4rnx91BPltZ9KK613Y=", "narHash": "sha256-IjU1FxYqm+VDe5qIOxoW+pISBlGvVApRjiw/Y/ttJzY=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "2eddae033e4e74bf581c2d1dfa101f9033dbd2dc", "rev": "3710e0e1218041bbad640352a0440114b1e10428",
"type": "github" "type": "github"
}, },
"original": { "original": {

4
flake.nix
View File

@@ -35,8 +35,8 @@
boardie.inputs.nixpkgs.follows = "nixpkgs-unstable"; boardie.inputs.nixpkgs.follows = "nixpkgs-unstable";
nixGL.url = "github:nix-community/nixGL"; nixGL.url = "github:nix-community/nixGL";
nixGL.inputs.nixpkgs.follows = "nixpkgs-unstable"; nixGL.inputs.nixpkgs.follows = "nixpkgs-unstable";
# harmonia.url = "github:nix-community/harmonia"; harmonia.url = "github:nix-community/harmonia";
harmonia.url = "github:devplayer0/harmonia/cache-config-daemon-store"; # harmonia.url = "github:devplayer0/harmonia/cache-config-daemon-store";
harmonia.inputs.nixpkgs.follows = "nixpkgs-unstable"; harmonia.inputs.nixpkgs.follows = "nixpkgs-unstable";
# Packages not in nixpkgs # Packages not in nixpkgs

2
nixos/boxes/colony/vms/shill/containers/object.nix
View File

@@ -262,7 +262,7 @@ in
signKeyPaths = [ config.age.secrets."nix-cache.key".path ]; signKeyPaths = [ config.age.secrets."nix-cache.key".path ];
settings = { settings = {
priority = 30; priority = 30;
daemon_store = "/nix/store"; virtual_nix_store = "/nix/store";
real_nix_store = "/var/lib/harmonia/nix/store"; real_nix_store = "/var/lib/harmonia/nix/store";
}; };
}; };

2
nixos/boxes/home/routing-common/dns_update.py
View File

@@ -33,7 +33,7 @@ def main():
print(f'Updating {args.record} -> {address}') print(f'Updating {args.record} -> {address}')
cf.dns.records.edit( cf.dns.records.edit(
zone_id=zone.id, dns_record_id=record.id, zone_id=zone.id, dns_record_id=record.id, name=args.record,
type='A', content=address) type='A', content=address)
if __name__ == '__main__': if __name__ == '__main__':

8
nixos/boxes/home/routing-common/keepalived.nix
View File

@@ -20,10 +20,7 @@ let
}; };
vlanIface = vlan: if vlan == "as211024" then vlan else "lan-${vlan}"; vlanIface = vlan: if vlan == "as211024" then vlan else "lan-${vlan}";
vrrpIPs = family: concatMap (vlan: (optional (family == "v6") { vrrpIPs = family: concatMap (vlan: [
addr = "fe80::1/64";
dev = vlanIface vlan;
}) ++ [
{ {
addr = "${vips.${vlan}.${family}}/${toString (net.cidr.length prefixes.${vlan}.${family})}"; addr = "${vips.${vlan}.${family}}/${toString (net.cidr.length prefixes.${vlan}.${family})}";
dev = vlanIface vlan; dev = vlanIface vlan;
@@ -64,6 +61,9 @@ in
v4 = mkVRRP "v4" 51; v4 = mkVRRP "v4" 51;
v6 = (mkVRRP "v6" 52) // { v6 = (mkVRRP "v6" 52) // {
extraConfig = '' extraConfig = ''
virtual_ipaddress_excluded {
${concatMapStringsSep "\n" (vlan: "fe80::1/64 dev ${vlanIface vlan}") (attrNames vips)}
}
notify_master "${config.systemd.package}/bin/systemctl start radvd.service" root notify_master "${config.systemd.package}/bin/systemctl start radvd.service" root
notify_backup "${config.systemd.package}/bin/systemctl stop radvd.service" root notify_backup "${config.systemd.package}/bin/systemctl stop radvd.service" root
''; '';

1
nixos/modules/common.nix
View File

@@ -139,6 +139,7 @@ in
bash-completion bash-completion
git git
unzip unzip
tcpdump
] ]
(mkIf config.services.netdata.enable [ netdata ]) (mkIf config.services.netdata.enable [ netdata ])
]; ];

15
nixos/modules/netboot/default.nix
View File

@@ -5,23 +5,10 @@ let
cfg = config.my.netboot; cfg = config.my.netboot;
# Newer releases don't boot on desktop?
ipxe = pkgs.ipxe.overrideAttrs (o: rec {
version = "1.21.1-unstable-2024-06-27";
src = pkgs.fetchFromGitHub {
owner = "ipxe";
repo = "ipxe";
rev = "b66e27d9b29a172a097c737ab4d378d60fe01b05";
hash = "sha256-TKZ4WjNV2oZIYNefch7E7m1JpeoC/d7O1kofoNv8G40=";
};
# This upstream patch (in newer versions) is needed for newer GCC
patches = (if (o ? patches) then o.patches else []) ++ [ ./fix-uninitialised-var.patch ];
});
tftpRoot = pkgs.linkFarm "tftp-root" [ tftpRoot = pkgs.linkFarm "tftp-root" [
{ {
name = "ipxe-x86_64.efi"; name = "ipxe-x86_64.efi";
path = "${ipxe}/ipxe.efi"; path = "${pkgs.ipxe}/ipxe.efi";
} }
]; ];
menuFile = pkgs.runCommand "menu.ipxe" { menuFile = pkgs.runCommand "menu.ipxe" {

4
nixos/modules/server.nix
View File

@@ -36,10 +36,6 @@ in
}; };
documentation.nixos.enable = mkDefault' false; documentation.nixos.enable = mkDefault' false;
environment.systemPackages = with pkgs; [
tcpdump
];
}; };
meta.buildDocsInSandbox = false; meta.buildDocsInSandbox = false;