ahuston-0/nix-dotfiles
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

fix photon ldap config (#74)

Browse Source 
* fix photon ldap config

* secrets update
This commit is contained in:
Dennis 2024-02-05 18:22:52 +01:00 committed by GitHub
parent 59a4293b28
commit 47a65a151c
9 changed files with 67 additions and 225 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
flake.lock generated
View File

@ -119,11 +119,11 @@
]
},
"locked": {
"lastModified": 1706985585,
"narHash": "sha256-ptshv4qXiC6V0GCfpABz88UGGPNwqs5tAxaRUKbk1Qo=",
"lastModified": 1707114923,
"narHash": "sha256-LDYPWa+BgxHSNEye93SyIPgz5u3RAfh78P9KyO+rQzI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "1ca210648a6ca9b957efde5da957f3de6b1f0c45",
"rev": "afcedcf2c8e424d0465e823cf833eb3adebe1db7",
"type": "github"
},
"original": {
@ -152,10 +152,18 @@
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs",
"nixpkgs-23_05": "nixpkgs-23_05",
"nixpkgs-23_11": "nixpkgs-23_11",
"utils": "utils"
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-23_05": [
"nixpkgs"
],
"nixpkgs-23_11": [
"nixpkgs"
],
"utils": [
"flake-utils"
]
},
"locked": {
"lastModified": 1706742486,
@ -202,11 +210,11 @@
]
},
"locked": {
"lastModified": 1706411424,
"narHash": "sha256-BzziJYucEZvdCE985vjPoo3ztWcmUiSQ1wJ2CoT6jCc=",
"lastModified": 1707016097,
"narHash": "sha256-V4lHr6hFQ3rK650dh64Xffxsf4kse9vUYWsM+ldjkco=",
"owner": "Mic92",
"repo": "nix-index-database",
"rev": "c782f2a4f6fc94311ab5ef31df2f1149a1856181",
"rev": "3e3dad2808379c522138e2e8b0eb73500721a237",
"type": "github"
},
"original": {
@ -248,11 +256,11 @@
]
},
"locked": {
"lastModified": 1706740920,
"narHash": "sha256-uFwu44BZf17WYMAEmYIcdtVyNLDRVselv3rNsm7PYeE=",
"lastModified": 1707090318,
"narHash": "sha256-/0Xq6+wh6ea4+4lnO/yUFTaBYzmQtA52/mOKfw08/J8=",
"owner": "SuperSandro2000",
"repo": "nixos-modules",
"rev": "453f941ff2cde75a5aac5d99c695d368fa28b7e1",
"rev": "fdb31cd04b592d5fdfca96027b36e28e79e977c2",
"type": "github"
},
"original": {
@ -263,47 +271,18 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1706732774,
"narHash": "sha256-hqJlyJk4MRpcItGYMF+3uHe8HvxNETWvlGtLuVpqLU0=",
"owner": "NixOS",
"lastModified": 1706913249,
"narHash": "sha256-x3M7iV++CsvRXI1fpyFPduGELUckZEhSv0XWnUopAG8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "b8b232ae7b8b144397fdb12d20f592e5e7c1a64d",
"rev": "e92b6015881907e698782c77641aa49298330223",
"type": "github"
},
"original": {
"id": "nixpkgs",
"owner": "nixos",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"nixpkgs-23_05": {
"locked": {
"lastModified": 1704290814,
"narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.05",
"type": "indirect"
}
},
"nixpkgs-23_11": {
"locked": {
"lastModified": 1706826059,
"narHash": "sha256-N69Oab+cbt3flLvYv8fYnEHlBsWwdKciNZHUbynVEOA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "25e3d4c0d3591c99929b1ec07883177f6ea70c9d",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.11",
"type": "indirect"
}
},
"nixpkgs-fmt": {
@ -348,22 +327,6 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1706732774,
"narHash": "sha256-hqJlyJk4MRpcItGYMF+3uHe8HvxNETWvlGtLuVpqLU0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "b8b232ae7b8b144397fdb12d20f592e5e7c1a64d",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"c3d2-user-module": "c3d2-user-module",
@ -375,10 +338,10 @@
"nix-index-database": "nix-index-database",
"nix-pre-commit": "nix-pre-commit",
"nixos-modules": "nixos-modules",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs",
"nixpkgs-fmt": "nixpkgs-fmt",
"sops-nix": "sops-nix",
"systems": "systems_2"
"systems": "systems"
}
},
"rust-analyzer-src": {
@ -408,11 +371,11 @@
]
},
"locked": {
"lastModified": 1706410821,
"narHash": "sha256-iCfXspqUOPLwRobqQNAQeKzprEyVowLMn17QaRPQc+M=",
"lastModified": 1707015547,
"narHash": "sha256-YZr0OrqWPdbwBhxpBu69D32ngJZw8AMgZtJeaJn0e94=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "73bf36912e31a6b21af6e0f39218e067283c67ef",
"rev": "23f61b897c00b66855074db471ba016e0cda20dd",
"type": "github"
},
"original": {
@ -435,39 +398,6 @@
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1705309234,
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",

20
flake.nix
View File

@ -11,7 +11,6 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
systems.url = "github:nix-systems/default";
mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
nix-index-database = {
url = "github:Mic92/nix-index-database";
@ -50,6 +49,16 @@
};
};
mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
inputs = {
nixpkgs.follows = "nixpkgs";
nixpkgs-23_05.follows = "nixpkgs";
nixpkgs-23_11.follows = "nixpkgs";
utils.follows = "flake-utils";
};
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
@ -188,8 +197,7 @@
value = constructSystem ({ hostname = system; } // builtins.removeAttrs (import ./systems/${system} { inherit inputs; }) [ "hostname" "server" "home" ]);
})
(lsdir "systems"))) // (builtins.listToAttrs (builtins.concatMap
(user:
map
(user: map
(system: {
name = "${user}.${system}";
value = constructSystem ({
@ -235,7 +243,7 @@
let
mkBuild = type:
let
getBuildEntryPoint = name: nixosSystem:
getBuildEntryPoint = (name: nixosSystem:
if builtins.hasAttr type nixosSystem.config.system.build then
let
cfg = nixosSystem.config.system.build.${type};
@ -244,9 +252,9 @@
lib.recursiveUpdate cfg { meta.timeout = 24 * 60 * 60; }
else
cfg
else { };
else { });
in
lib.filterAttrs (n: v: v != { }) (lib.mapAttrs getBuildEntryPoint self.nixosConfigurations);
lib.filterAttrs (n: v: v != { }) (builtins.mapAttrs getBuildEntryPoint self.nixosConfigurations);
in
builtins.listToAttrs (map
(type: {

15
modules/backup.nix
View File

@ -70,10 +70,21 @@ in {
"/etc/subgid"
"/etc/subuid"
"/var/lib/nixos/"
] ++ cfg.paths ++ lib.optional config.services.postgresql.enable "/var/backup/postgresql/" ++ lib.optional config.services.mysql.enable "/var/lib/mysql/"
++ lib.optional (config.security.acme.certs != { }) "/var/lib/acme/" ++ lib.optional config.security.dhparams.enable "/var/lib/dhparams/"
] ++ cfg.paths
++ lib.optional config.services.postgresql.enable "/var/backup/postgresql/"
++ lib.optional config.services.mysql.enable "/var/lib/mysql/"
++ lib.optional config.services.gitea.enable "/var/lib/gitea/"
++ lib.optional (config.security.acme.certs != { }) "/var/lib/acme/"
++ lib.optional config.security.dhparams.enable "/var/lib/dhparams/"
++ lib.optional config.mailserver.enable config.mailserver.mailDirectory;
exclude = lib.mkIf config.services.gitea.enable [
"/var/lib/gitea/data/indexers/"
"/var/lib/gitea/data/repo-archive"
"/var/lib/gitea/data/queues"
"/var/lib/gitea/data/tmp/"
];
pruneOpts = [ "--group-by host" "--keep-daily 7" "--keep-weekly 4" "--keep-monthly 12" ];
timerConfig = {

1
users/alice/systems/configuration.nix
View File

@ -1 +0,0 @@
{ ... }: { }

2
users/alice/systems/programs.nix
View File

@ -1,2 +0,0 @@
{ ... }:
{ }

25
users/alice/systems/testtop/configuration.nix
View File

@ -1,25 +0,0 @@
{ pkgs, ... }: {
imports = [ ../configuration.nix ../programs.nix ./programs.nix ];
time.timeZone = "America/New_York";
console.keyMap = "us";
networking.hostId = "1beb4026";
boot = {
zfs.extraPools = [ "Main" ];
filesystem = "zfs";
useSystemdBoot = true;
};
i18n = {
defaultLocale = "en_US.utf8";
supportedLocales = [ "en_US.UTF-8/UTF-8" ];
};
boot = {
default = true;
kernel.sysctl = { "net.ipv6.conf.ens3.accept_ra" = 1; };
};
system.stateVersion = "23.05";
}

5
users/alice/systems/testtop/default.nix
View File

@ -1,5 +0,0 @@
{ ... }: {
system = "x86_64-linux";
home = true;
sops = false;
}

35
users/alice/systems/testtop/hardware.nix
View File

@ -1,35 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/c59f7261-ebab-4cc9-8f1d-3f4c2e4b1971";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/7295-A442";
fsType = "vfat";
};
swapDevices = [{ device = "/dev/disk/by-uuid/9d4ef549-d426-489d-8332-0a49589c6aed"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

39
users/alice/systems/testtop/programs.nix
View File

@ -1,39 +0,0 @@
{ pkgs, ... }: {
environment.systemPackages = with pkgs; [
bat
btop
croc
deadnix
direnv
fd
file
htop
hwloc
iperf3
jp2a
jq
lsof
lynis
ncdu
neofetch
nix-init
nix-output-monitor
nix-prefetch
nix-tree
nixpkgs-fmt
nmap
pciutils
python3
qrencode
ripgrep
smartmontools
tig
tokei
tree
unzip
ventoy
wget
zoxide
zsh-nix-shell
];
}