From 85ab0e229e35744e29d26b1589b34e9624a8fcd0 Mon Sep 17 00:00:00 2001 From: Dennis <52411861+DerDennisOP@users.noreply.github.com> Date: Sat, 30 Dec 2023 17:18:25 +0100 Subject: [PATCH] add patch feature (#6) * add patch feature * refactor --- flake.lock | 75 +++++++++++++++++++++++++++++++++++++------- flake.nix | 24 ++++++++++---- modules/fail2ban.nix | 2 +- 3 files changed, 82 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index 88fe7a5..4c11894 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,23 @@ { "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -7,11 +25,11 @@ ] }, "locked": { - "lastModified": 1703657526, - "narHash": "sha256-C3fQG/tasnhtfJb0cvXthMDUJ/OLgCKNLqfMuR/M+0k=", + "lastModified": 1703838268, + "narHash": "sha256-SRg5nXcdPnrsQR2MTAp7en0NyJnQ2wB1ivmsgEbvN+o=", "owner": "nix-community", "repo": "home-manager", - "rev": "d1d950841d230490f308f5fcf8c0d4f2bd3f24a7", + "rev": "2aff324cf65f5f98f89d878c056b779466b17db8", "type": "github" }, "original": { @@ -22,11 +40,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1703545041, - "narHash": "sha256-nvQA+k1rSszrf4kA4eK2i/SGbzoXyoKHzzyzq/Jca1w=", + "lastModified": 1703879120, + "narHash": "sha256-oMJ5xtDswlBWxs0DT/aYKEUIhjEpGZJ9GbIxOclYP8I=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "a15b6e525f5737a47b4ce28445c836996fb2ea8c", + "rev": "22ae59fec26591ef72ce4ccb5538c42c5f090fe3", "type": "github" }, "original": { @@ -43,11 +61,11 @@ ] }, "locked": { - "lastModified": 1703639290, - "narHash": "sha256-Bflli82UQGjhlg4Gh7FVaYG/CmLa4D9irv2qx2PxpFQ=", + "lastModified": 1703899776, + "narHash": "sha256-I1hE5u3VR/1h2ZM0Q4B1L1BccLFGNfMPPQyy3CRLFqs=", "owner": "SuperSandro2000", "repo": "nixos-modules", - "rev": "4251f23f93ef6d38fc16884758f01862301b9590", + "rev": "2e9865e82f060907d4be682a514bdf0af86ad25e", "type": "github" }, "original": { @@ -58,11 +76,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1703438236, - "narHash": "sha256-aqVBq1u09yFhL7bj1/xyUeJjzr92fXVvQSSEx6AdB1M=", + "lastModified": 1703637592, + "narHash": "sha256-8MXjxU0RfFfzl57Zy3OfXCITS0qWDNLzlBAdwxGZwfY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5f64a12a728902226210bf01d25ec6cbb9d9265b", + "rev": "cfc3698c31b1fb9cdcf10f36c9643460264d0ca8", "type": "github" }, "original": { @@ -72,12 +90,30 @@ "type": "github" } }, + "patch-bitwarden-directory-connector": { + "locked": { + "lastModified": 1703932440, + "narHash": "sha256-82Rm0vo+6mVOGp7FYZ4dY9TJVLFGY8JnALHRMwLA4Do=", + "owner": "Silver-Golden", + "repo": "nixpkgs", + "rev": "5188cc51aef34579ce9a7d7a8116d55e4e1b7ba6", + "type": "github" + }, + "original": { + "owner": "Silver-Golden", + "ref": "bitwarden-directory-connector_pkgs", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { + "flake-utils": "flake-utils", "home-manager": "home-manager", "nixos-hardware": "nixos-hardware", "nixos-modules": "nixos-modules", "nixpkgs": "nixpkgs", + "patch-bitwarden-directory-connector": "patch-bitwarden-directory-connector", "sops-nix": "sops-nix" } }, @@ -103,6 +139,21 @@ "repo": "sops-nix", "type": "github" } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 6a2b0be..dc0bf01 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,11 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + + patch-bitwarden-directory-connector.url = "github:Silver-Golden/nixpkgs/bitwarden-directory-connector_pkgs"; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + flake-utils.url = "github:numtide/flake-utils"; nixos-modules = { url = "github:SuperSandro2000/nixos-modules"; @@ -24,7 +28,7 @@ }; }; - outputs = { nixpkgs, nixos-hardware, nixos-modules, home-manager, sops-nix, ... }: + outputs = { nixpkgs, nixos-modules, home-manager, sops-nix, ... }@inputs: let inherit (nixpkgs) lib; src = builtins.filterSource (path: type: type == "directory" || lib.hasSuffix ".nix" (baseNameOf path)) ./.; @@ -41,12 +45,20 @@ , users ? [ "dennis" ] , }: lib.nixosSystem { - inherit system; - + inherit system lib; + modules = [ + { + nixpkgs.overlays = [ + (_self: super: { + bitwarden-directory-connector-cli = inputs.patch-bitwarden-directory-connector.legacyPackages.${system}.bitwarden-directory-connector-cli; + }) + ]; + } nixos-modules.nixosModule home-manager.nixosModules.home-manager sops-nix.nixosModules.sops + "${inputs.patch-bitwarden-directory-connector}/nixos/modules/services/security/bitwarden-directory-connector-cli.nix" ./systems/programs.nix ./systems/configuration.nix ./systems/${hostname}/hardware.nix @@ -72,27 +84,27 @@ jeeves-jr = constructSystem { hostname = "jeeves-jr"; users = [ - "richie" "alice" "dennis" + "richie" ]; }; palatine-hill = constructSystem { hostname = "palatine-hill"; users = [ - "richie" "alice" "dennis" + "richie" ]; }; photon = constructSystem { hostname = "photon"; users = [ - "richie" "alice" "dennis" + "richie" ]; }; }; diff --git a/modules/fail2ban.nix b/modules/fail2ban.nix index c7538b9..afe79cd 100644 --- a/modules/fail2ban.nix +++ b/modules/fail2ban.nix @@ -28,7 +28,7 @@ in filter = "apache-nohome"; action = ''iptables-multiport[name=HTTP, port="http,https"]''; logpath = "/var/log/httpd/error_log*"; - backend = "auto"; + backend = "systemd"; findtime = 600; bantime = 600; maxretry = 5;