Xetibo/DashNix
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Fix server config path

Browse source
This commit is contained in:
DashieTM 2024-08-04 15:50:45 +02:00
parent 47d5758cca
commit a5de016eed
7 changed files with 85 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

20
base/common_hardware.nix
View file

@ -27,7 +27,16 @@ in
services.xserver.enable = true;
nixpkgs.hostPlatform = lib.mkDefault config.conf.system;
nix.settings.auto-optimise-store = true;
nix = {
settings = {
auto-optimise-store = true;
experimental-features = "nix-command flakes";
};
extraOptions = ''
!include ${config.sops.secrets.access.path}
'';
};
# Enable sound with pipewire.
hardware.pulseaudio.enable = false;
@ -103,4 +112,13 @@ in
swapDevices =
[{ device = "/dev/disk/by-label/SWAP"; }];
sops = {
gnupg = {
home = "/home/${config.conf.username}/.gnupg";
sshKeyPaths = [ ];
};
defaultSopsFile = ../secrets/secrets.yaml;
secrets.access = { };
};
}

49
flake.lock generated
View file

@ -218,11 +218,11 @@
"nixvim": "nixvim"
},
"locked": {
"lastModified": 1722560743,
"narHash": "sha256-e2FhudX6P+kwtYALgpmJG7l03ayhkGY9+j9Hrcyl7gQ=",
"lastModified": 1722777725,
"narHash": "sha256-QQ1yP9rag8vslOJRXR8kL+KkrL/iAC6/vSfvorHicNQ=",
"owner": "DashieTM",
"repo": "DashVim",
"rev": "5a2c4fa3a7cd0718dc8c08d1c41cc6a44de9869f",
"rev": "0169fb3fd02229ab19e23951d9caecf92ea4f265",
"type": "github"
},
"original": {
@ -884,11 +884,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1722707408,
"narHash": "sha256-hyTuWhcid8UklJBC4Yh3dpf7Xhx4oJDyM/3n10E1wSk=",
"lastModified": 1722773977,
"narHash": "sha256-AqSmHptledo4Tp+hrHWovGR+e//bejR458sRmhq+jT4=",
"ref": "refs/heads/main",
"rev": "51ffd7fa6f186419276e5d3d5fe141a3fdb3c55c",
"revCount": 5048,
"rev": "5dd2c27b631f16e49a2c6e6cbbefba9fa50bf543",
"revCount": 5050,
"submodules": true,
"type": "git",
"url": "https://github.com/hyprwm/Hyprland"
@ -1013,11 +1013,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1722698043,
"narHash": "sha256-Hsgi1DJP+oodbsULTrqpO6KPSJYeyswluNLVGxUtwJE=",
"lastModified": 1722775753,
"narHash": "sha256-YFarQSZEIFpA1/9eRK4tm88mZYvWGIaAgCEAjazBO38=",
"owner": "JakeStanger",
"repo": "ironbar",
"rev": "6e43c7ae0cce4b8c6dfe2f74756574195b944abe",
"rev": "92c690dcd14c21272f89bfde292546a2ee828e23",
"type": "github"
},
"original": {
@ -1413,11 +1413,11 @@
},
"nixpkgs_7": {
"locked": {
"lastModified": 1722421184,
"narHash": "sha256-/DJBI6trCeVnasdjUo9pbnodCLZcFqnVZiLUfqLH4jA=",
"lastModified": 1722630782,
"narHash": "sha256-hMyG9/WlUi0Ho9VkRrrez7SeNlDzLxalm9FwY7n/Noo=",
"owner": "NixOs",
"repo": "nixpkgs",
"rev": "9f918d616c5321ad374ae6cb5ea89c9e04bf3e58",
"rev": "d04953086551086b44b6f3c6b7eeb26294f207da",
"type": "github"
},
"original": {
@ -1487,11 +1487,11 @@
},
"nur": {
"locked": {
"lastModified": 1722709906,
"narHash": "sha256-I27FkJ3qSsxc5aZSwpYHMqJwLpvQt6eV4MrwGfVjCvM=",
"lastModified": 1722770616,
"narHash": "sha256-A40yRytGkUb40yQYjspVU3Z/QBONgFYZqQiz00V1IJ4=",
"owner": "nix-community",
"repo": "nur",
"rev": "ac1226f223779364c73f1a450654383768dab1b7",
"rev": "5605ce776b3d21c0ee477fcd028a817bd3524e6f",
"type": "github"
},
"original": {
@ -1682,6 +1682,7 @@
"reset": "reset",
"reset-plugins": "reset-plugins",
"sops-nix": "sops-nix",
"stable": "stable",
"stylix": "stylix"
}
},
@ -1840,6 +1841,22 @@
"type": "github"
}
},
"stable": {
"locked": {
"lastModified": 1722651103,
"narHash": "sha256-IRiJA0NVAoyaZeKZluwfb2DoTpBAj+FLI0KfybBeDU0=",
"owner": "NixOs",
"repo": "nixpkgs",
"rev": "a633d89c6dc9a2a8aae11813a62d7c58b2c0cc51",
"type": "github"
},
"original": {
"owner": "NixOs",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"stylix": {
"inputs": {
"base16": "base16_2",

14
hardware/server/configuration.nix
View file

@ -1,11 +1,11 @@
{ config, pkgs, ... }:
let
nextcloud_pw = (builtins.readFile ./nextcloud);
forgejo_pw = (builtins.readFile ./dbpw/forgejo);
matrix_pw = (builtins.readFile ./dbpw/matrix-synapse);
mautrix_signal_pw = (builtins.readFile ./dbpw/mautrix_signal);
mautrix_whatsapp_pw = (builtins.readFile ./dbpw/mautrix_whatsapp);
mautrix_discord_pw = (builtins.readFile ./dbpw/mautrix_discord);
nextcloud_pw = (builtins.readFile /etc/nixos/nextcloud);
forgejo_pw = (builtins.readFile /etc/nixos/dbpw/forgejo);
matrix_pw = (builtins.readFile /etc/nixos/dbpw/matrix-synapse);
mautrix_signal_pw = (builtins.readFile /etc/nixos/dbpw/mautrix_signal);
mautrix_whatsapp_pw = (builtins.readFile /etc/nixos/dbpw/mautrix_whatsapp);
mautrix_discord_pw = (builtins.readFile /etc/nixos/dbpw/mautrix_discord);
fqdn = "matrix.${config.networking.domain}";
baseUrl = "https://${fqdn}";
@ -219,7 +219,7 @@ in
};
services.forgejo = {
enable = true;
database.passwordFile = ./dbpw/forgejo;
database.passwordFile = /etc/nixos/dbpw/forgejo;
settings = {
server.DOMAIN = "git.dashie.org";
server.SSH_PORT = 12008;

7
lib/default.nix
View file

@ -1,5 +1,6 @@
{ inputs, pkgs, ... }: {
build_systems = systems: builtins.listToAttrs (map (name: {
build_systems = systems: builtins.listToAttrs (map
(name: {
name = name;
value =
let
@ -10,6 +11,7 @@
inherit inputs pkgs mod;
};
modules = [
inputs.sops-nix.nixosModules.sops
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
../base
@ -18,5 +20,6 @@
] ++ inputs.nixpkgs.lib.optional (builtins.pathExists ../hardware/${name}/${name}.nix) ../hardware/${name}/${name}.nix
++ inputs.nixpkgs.lib.optional (builtins.pathExists mod) mod;
};
} )systems);
})
systems);
}

2
modules/programs/base_packages.nix
View file

@ -64,8 +64,6 @@
cantarell-fonts
];
nix.settings.experimental-features = "nix-command flakes";
virtualisation.docker.enable = true;
services.upower.enable = true;

1
programs/common.nix
View file

@ -48,5 +48,6 @@ in
secrets.${username} = { };
secrets.nextcloud = { };
};
systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
}

5
secrets/secrets.yaml
View file

@ -13,14 +13,15 @@ matrix_server: ENC[AES256_GCM,data:fH+5kX6VyNUXzAmNkLEGf8KmhIWuTGsG3r0=,iv:B2lto
mautrix_signal_server: ENC[AES256_GCM,data:xBHtTtf725wvSltd7EgP3u/GszsaKR1D/ng=,iv:KZorceuZJulvBYyOSKaFv0UxAgMzIuXnBSDmqeqZT80=,tag:k4Dqvq7n39q6rgfB9hB8/g==,type:str]
mautrix_whatsapp_server: ENC[AES256_GCM,data:Ap5NZ9+kkusMTJlmiH2vxj2fkp1RZPSOM5s=,iv:/F3sP/7bw0uIualG8E+Mtxp60xW8OlHBBZCui887oaA=,tag:CawIZEpmbmxRYhq2fb1vDw==,type:str]
mautrix_discord_server: ENC[AES256_GCM,data:8MU3URa52h0sDabl+6bYZ0z0ib/S8KzYb3k=,iv:uSqT0MsK1qcphyd+5xZZ8aDqxQhZX8mKBP+2tHHG04I=,tag:mdepj3ombSru96es+lFIQQ==,type:str]
access: ENC[AES256_GCM,data:J7lIopyeMZIIoRLMahTXNMOu8dQ+ZO0/AkcJcXdLpUnGugJmFoqHuUE=,iv:J93hLNq+mZe6cqEk32c3gxkTN5hIeZ0kkUxSmoiexeI=,tag:k3qzx0gPafHd4/3BWi8X6w==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-08-04T11:57:52Z"
mac: ENC[AES256_GCM,data:pd8VsxocTuCAIOAXi94ltCfhqohmAIBbZBK/3WQSd0suyORcvSKrTYdvi/dZ/6x+bXgz0vEzKNanNR98eLU4Ff3ldvsT6RQA1Hjn85V4ouJqWBB//kj42gYSiIjn/1dib0hvyZyvm2mutKbkpxZkJxRZYAw2DR0yR/oPfNK3xG8=,iv:fnRC7vk/KMgRzJgn9ww9A0amQTEsOVhqUa5NLAvX+kA=,tag:bbfpvpbL2L/ctQPdz6nDRg==,type:str]
lastmodified: "2024-08-04T13:37:08Z"
mac: ENC[AES256_GCM,data:zP8fPzpMKzgEPTR2qRisPaZzYyBnYEw7zU22xwP0ZHdfhq/fwUNuduUe/sg7aoobKTMPLBKJ7ukoiHkBpglnPzPajbH0cikevFcqSP1/NuDGl/cyytVUlOuePI/8Lct2WgCDzYVW71RuObUk7yHzvnMoqvem7UYpjdE5niryiwg=,iv:lNkveEy08C2/qd4CI/jy47JJCGFlYxU1saBLrH6LnaU=,tag:SnUHbRNnl0FIDK2b5wolsw==,type:str]
pgp:
- created_at: "2024-05-14T14:35:02Z"
enc: |-