diff --git a/flake.lock b/flake.lock index ac61a63..5cb9f9c 100644 --- a/flake.lock +++ b/flake.lock @@ -325,6 +325,29 @@ "type": "github" } }, + "hydra": { + "inputs": { + "nix": "nix", + "nix-eval-jobs": "nix-eval-jobs", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1740884653, + "narHash": "sha256-L0eN/hFRH1JSDvmuBOXBfETU07WckA7b3UFxHRVdp3M=", + "owner": "fx-chun", + "repo": "hydra", + "rev": "99e3ad325cb829ff10a024659fd1b62316c06a1f", + "type": "github" + }, + "original": { + "owner": "fx-chun", + "ref": "add-gitea-pulls", + "repo": "hydra", + "type": "github" + } + }, "hyprland-contrib": { "inputs": { "nixpkgs": [ @@ -345,6 +368,59 @@ "type": "github" } }, + "nix": { + "inputs": { + "flake-compat": [ + "hydra" + ], + "flake-parts": [ + "hydra" + ], + "git-hooks-nix": [ + "hydra" + ], + "nixpkgs": [ + "hydra", + "nixpkgs" + ], + "nixpkgs-23-11": [ + "hydra" + ], + "nixpkgs-regression": [ + "hydra" + ] + }, + "locked": { + "lastModified": 1742919147, + "narHash": "sha256-I6Oekogi6tkSrtyAbBMzjx9iKi4x0o21fdOQqVf49Qc=", + "owner": "NixOS", + "repo": "nix", + "rev": "ceec04f1e24ca34deaca26e7c9d8cd90ba38f81c", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "2.26-maintenance", + "repo": "nix", + "type": "github" + } + }, + "nix-eval-jobs": { + "flake": false, + "locked": { + "lastModified": 1739500569, + "narHash": "sha256-3wIReAqdTALv39gkWXLMZQvHyBOc3yPkWT2ZsItxedY=", + "owner": "nix-community", + "repo": "nix-eval-jobs", + "rev": "4b392b284877d203ae262e16af269f702df036bc", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-eval-jobs", + "type": "github" + } + }, "nix-index-database": { "inputs": { "nixpkgs": [ @@ -441,11 +517,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742960832, - "narHash": "sha256-xdp71QH76Q0esAJi4+5xDzpgBQNFpq8xn6UNfyT/s9w=", + "lastModified": 1742919349, + "narHash": "sha256-V3jQhu3s48mgGClvKkWhYM1+cSTFGFm4ztDkK7S69JY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "24693557f72603e8f2c514ee26854d5c2aad9090", + "rev": "6ea2759c633a3e25f3b4e2f52fb6bf9d6a01c532", "type": "github" }, "original": { @@ -540,6 +616,7 @@ "flake-parts": "flake-parts", "flake-utils": "flake-utils", "home-manager": "home-manager", + "hydra": "hydra", "hyprland-contrib": "hyprland-contrib", "nix-index-database": "nix-index-database", "nixos-generators": "nixos-generators", diff --git a/flake.nix b/flake.nix index dd49709..e948a56 100644 --- a/flake.nix +++ b/flake.nix @@ -58,6 +58,13 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + hydra = { + url = "github:fx-chun/hydra/add-gitea-pulls"; + inputs = { + nixpkgs.follows = "nixpkgs"; + }; + }; + hyprland-contrib = { url = "github:hyprwm/contrib"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/hydra/jobsets.nix b/hydra/jobsets.nix index 96eaa9e..f1a4cfa 100644 --- a/hydra/jobsets.nix +++ b/hydra/jobsets.nix @@ -1,4 +1,4 @@ -{ pulls, branches, ... }: +{ pulls, ... }: let # create the json spec for the jobset makeSpec = @@ -18,8 +18,7 @@ let }; prs = readJSONFile pulls; - refs = readJSONFile branches; - repo = "RAD-Development/nix-dotfiles"; + # refs = readJSONFile branches; # template for creating a job makeJob = @@ -44,27 +43,27 @@ let emailoverride = ""; }; - # Create a hydra job for a branch - jobOfRef = - name: - { ref, ... }: - if ((builtins.match "^refs/heads/(.*)$" ref) == null) then - null - else - { - name = builtins.replaceStrings [ "/" ] [ "-" ] "branch-${name}"; - value = makeJob { - description = "Branch ${name}"; - flake = "git+ssh://git@github.com/${repo}?ref=${ref}"; - }; - }; + # # Create a hydra job for a branch + # jobOfRef = + # name: + # { ref, ... }: + # if ((builtins.match "^refs/heads/(.*)$" ref) == null) then + # null + # else + # { + # name = builtins.replaceStrings [ "/" ] [ "-" ] "branch-${name}"; + # value = makeJob { + # description = "Branch ${name}"; + # flake = "git+ssh://git@github.com/${repo}?ref=${ref}"; + # }; + # }; # Create a hydra job for a PR jobOfPR = id: info: { name = if info.draft then "draft-${id}" else "pr-${id}"; value = makeJob { description = "PR ${id}: ${info.title}"; - flake = "git+ssh://git@github.com/${info.head.repo.full_name}?ref=${info.head.ref}"; + flake = "git+ssh://gitea@nayeonie.com:2222/${info.head.repo.full_name}?ref=${info.head.ref}"; }; }; @@ -74,12 +73,12 @@ let # wrapper function for reading json from file readJSONFile = f: builtins.fromJSON (builtins.readFile f); # remove null values from a set, in-case of branches that don't exist - mapFilter = f: l: builtins.filter (x: (x != null)) (map f l); + # mapFilter = f: l: builtins.filter (x: (x != null)) (map f l); # Create job set from PRs and branches jobs = makeSpec ( builtins.listToAttrs (map ({ name, value }: jobOfPR name value) (attrsToList prs)) - // builtins.listToAttrs (mapFilter ({ name, value }: jobOfRef name value) (attrsToList refs)) + # // builtins.listToAttrs (mapFilter ({ name, value }: jobOfRef name value) (attrsToList refs)) ); in { diff --git a/hydra/spec.json b/hydra/spec.json index 820f346..9cfbea1 100644 --- a/hydra/spec.json +++ b/hydra/spec.json @@ -1,7 +1,7 @@ { "enabled": 1, "hidden": false, - "description": "RAD Development infrastructure", + "description": "ahuston-0's personal server infra", "nixexprinput": "nixexpr", "nixexprpath": "hydra/jobsets.nix", "checkinterval": 60, @@ -12,7 +12,7 @@ "type": 0, "inputs": { "nixexpr": { - "value": "https://github.com/RAD-Development/nix-dotfiles main", + "value": "ssh://gitea@nayeonie.com:2222/ahuston-0/nix-dotfiles.git main", "type": "git", "emailresponsible": false }, @@ -22,13 +22,8 @@ "emailresponsible": false }, "pulls": { - "type": "githubpulls", - "value": "RAD-Development nix-dotfiles", - "emailresponsible": false - }, - "branches": { - "type": "github_refs", - "value": "RAD-Development nix-dotfiles heads -", + "type": "giteapulls", + "value": "nayeonie.com alice nix-dotfiles https", "emailresponsible": false } } diff --git a/systems/palatine-hill/configuration.nix b/systems/palatine-hill/configuration.nix index cd6f03b..4281bd6 100644 --- a/systems/palatine-hill/configuration.nix +++ b/systems/palatine-hill/configuration.nix @@ -17,8 +17,8 @@ ./minio.nix ./networking.nix ./nextcloud.nix - ./samba.nix ./postgresql.nix + ./samba.nix ./zfs.nix ]; diff --git a/systems/palatine-hill/hydra.nix b/systems/palatine-hill/hydra.nix index 7ad5635..a9c92d8 100644 --- a/systems/palatine-hill/hydra.nix +++ b/systems/palatine-hill/hydra.nix @@ -1,7 +1,6 @@ { config, - lib, - pkgs, + inputs, ... }: let @@ -43,6 +42,7 @@ in services = { hydra = { enable = true; + package = inputs.hydra.packages.x86_64-linux.hydra; hydraURL = "https://hydra.alicehuston.xyz"; smtpHost = "alicehuston.xyz"; notificationSender = "hydra@alicehuston.xyz"; diff --git a/systems/palatine-hill/secrets.yaml b/systems/palatine-hill/secrets.yaml index d808323..31f68bc 100644 --- a/systems/palatine-hill/secrets.yaml +++ b/systems/palatine-hill/secrets.yaml @@ -27,6 +27,8 @@ acme: dnsimple: ENC[AES256_GCM,data:37FKyBibFtXZgI4EduJQ0z8F+shBc5Q6YlLa3YkVPh9XuJVS20eybi75bfJxiozcZ9d+YRaqcbkBQCSdFOCotDU=,iv:oq3JjqbfAm2C4jcL1lvUb2EOmnwlR07vPoO8H0BmydQ=,tag:E3NO/jMElL6Q817666gIyg==,type:str] server-validation: webhook: ENC[AES256_GCM,data:Lwqy4UhyFutpXjai7EJPKp8MDlI+ayDna4T8jluvC6qkeJ7o1UaaDCOsgLy4Fw7LC77tXhJtkcmep9w37JaiHp2CoDOfy2iAaq8o9CCSi/a0zqMJx+HdZYZNemvmpc6E/be0K+JDrFZLbjr3unSpCidQ3whccC6XyY013R12swN3bFZIu1gtzXCgUZ4U,iv:pVbrRwH3ziu4+R5BfimPV7N71QmyerJEc9M5K4eofOc=,tag:zNrCXrIioQWPEPVz/wMDpQ==,type:str] +typhon: + hashedPassword: ENC[AES256_GCM,data:gMyY8gxUn3HzycQRu2cminqRFWghqWcjzZzTxAQZ5PJqn604iSwDiVdr7icHB7drJfCAfsE7L4oKRJgxaIAE32043oOkb2T7DDH8y2jxMzqmZCfbvrfMI4wdfRTHGqzxb6X/aZ5ai2rr1Q==,iv:4EsTo/lQld0o9iktDX9gobMlPUCitx1i9wn8EL16sIs=,tag:FgVDRHk2glDwpC/mprrPqQ==,type:str] sops: kms: [] gcp_kms: [] @@ -42,8 +44,8 @@ sops: cXNZWmZqd0R0SmhINExscHBKWmxvblUKEFEQvt/zQFARba4S8vHz/1SoKdKg69At LZ58XQGOmlGbBhPr7EzYQ2XSY4flWbnnD174cmCR8DNFm15DsNA5fw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-03-04T04:53:14Z" - mac: ENC[AES256_GCM,data:MCucwVPGRMA/hGYS7mwSppkZAQ3wjHJnyeSvSI8YOOD0Xq7mvkMSvKctFHl6h4Cx3ubRvVHf5j35/NQxb+/VhhCPAHWDbqq9O2N0aWhAeybCu0IjruKrJhs76KsXJnNZ9REQQnS1/TNquuvj9FCoqDnrQcFs7M0KJ5m3eUU2h2k=,iv:ZJGJ8CTA8K5FnoKtbogleksB8wDcZtknO07M07Dmpsc=,tag:GMUXJD4U8KQgy9rvzEAMuw==,type:str] + lastmodified: "2025-03-26T05:47:58Z" + mac: ENC[AES256_GCM,data:ZP9HglMmn9FDv6/vtQAxz/qP76QniPqM6bzMQVvVU/OhDmjuneGKZY7d1Es7LC9o5qmJ+T3Dh3/bkmuRdgdnd2TO6iuvM++DEPxwnoHis+0lbMxv5a6ibzvoXXm2CrL4HPETqLKbLahGJRmDNgnkCEWxAs16zrqe5kgDpD53R5c=,iv:DcCXNGyb41ToV9uSnrnrl0dWiw2pvykM8z86Yk814P4=,tag:T9PFl48qABwBSy7vIhSmLA==,type:str] pgp: - created_at: "2024-11-28T18:56:39Z" enc: |- diff --git a/systems/palatine-hill/typhon.nix b/systems/palatine-hill/typhon.nix new file mode 100644 index 0000000..e8d51c9 --- /dev/null +++ b/systems/palatine-hill/typhon.nix @@ -0,0 +1,17 @@ +{ config, ... }: + +let + vars = import ./vars.nix; + typhon_path = vars.primary_typhon; +in +{ + services.typhon = { + enable = true; + hashedPasswordFile = config.sops.secrets."typhon/hashedPassword".path; + home = typhon_path; + }; + + sops.secrets = { + "typhon/hashedPassword".owner = "root"; + }; +} diff --git a/users/alice/home/zsh.nix b/users/alice/home/zsh.nix index 7caf892..ecb3192 100644 --- a/users/alice/home/zsh.nix +++ b/users/alice/home/zsh.nix @@ -4,7 +4,6 @@ programs.zsh = { enable = true; - # autosuggestion.enable = true; oh-my-zsh = { enable = true; plugins = [ diff --git a/users/alice/secrets.yaml b/users/alice/secrets.yaml index 0216b97..d22fca7 100644 --- a/users/alice/secrets.yaml +++ b/users/alice/secrets.yaml @@ -2,7 +2,7 @@ alice: user-password: ENC[AES256_GCM,data:+cM85X1vapqfQdJ+Dv6YvT5qHlvsmaXPRbvKRHtCkPT3wdw4f7tLHLFmvWnak7CRezI00PxVEtCZL5mqLyN2HaU4OqIk/9fgqczIzemwBlMGJt+ndwG4oqBqE0ymtzmy8MA59wonRqoxzYKQfAGQsprdCIovrg==,iv:BtSDBgvQeZdTY1KUClnt9V8qHcS/gouaaQw342tk4Sg=,tag:T7tzyKuCo83s78ca7f4KDQ==,type:str] #ENC[AES256_GCM,data:6+dLs8opC27IrHJCPfL2c7KiLbaQTqI6oRKpIZLR4+P9gTupziAhCm/G7RY01gVPSgxdBpJ6L4xVbcMEg9hDKBMI4naF9arNrFsV6WXNc+LA5BYyT9L9G1nDea8fPFYDSF2537eLgLqWNE1WSsUOrz/WOxbE6g==,iv:AxsdKmGz6qEYlWY08q/2hqsm0EXaqodwD/7OJg4FAIY=,tag:EgfL3I1VBXtFgIdTOW5eBA==,type:comment] #ENC[AES256_GCM,data:vUMcowHjlQA0RWflfaQhZKkalO39epYi6N9PPW8=,iv:6DFqHlQR+mi+ZkfMUhlhwvpMwnxXNfQV6+sYgPzSj4I=,tag:Pz1zJayscGckPO8Q2ZVb4g==,type:comment] - gha-hydra-token: ENC[AES256_GCM,data:rYDYIn7MAF4pSZQj+Nln2z9J+AxvuSzumthL86njpKETutArrw+9iX2hHJt5t513NHH03tMtZOFqM60/pzWg4YXVQOSpQmq8QOelD7qCdfCr4Z2QSeOHqXqwKy21iWtoVbxOXWunVxLzkWMJrpHkpVsiBA75Nv66ftKEjN80QNGik6xQE1iPsCB2JHeqYNIr8gtPkCr7H5Pt4yBBO/1rsyONrbNlwmzVX78eqXxmc43XOiNVjEsk8ekJxJ9mn5S6JcPNehBcnZA0kWAIxvtDIPYKnz4YBIXoilBbjgytXL8nw3PkEX27x5yeg9KfxPxO/4CGoi5wfKsYuEynBdWbHtj6a3H0AvA9KIZzktTRNJFU3ZW8UveSCXY4YHl0NREJ8kbIUgkkE7PWeyzGenGFTPMahTA0rKSa+tWPQ1c00lvo9VS3/7pfeJfZEKS7R2xBaEDZrfffHyB5PLTQOGpWl5y40wTn4HdBlyQwoREvobOaKVZEyWtVvJcUeHDPepgEHGVDzwyTelX8Btb6ZNA0Fur8xvpkLZcLmMhbvCdkjq84ztJ36nQQ5JZthecyqcZTWPyfWtPeoUPVIaxn31oLjwsriDwdQmID6twTjC9PT8nBZD/u0JebOCdeYf8fm9q49SaN2w/ZMdSRWucHUsRXeN9O149vYoOqR28H+8v/tYJdqofJpHKrIBs=,iv:GcEV6f4rqkrpCafeaLNMqqU/vBNE0xHbqokL2gMXHYw=,tag:sCHvUgq1w8npedjIAninrA==,type:str] + gha-hydra-token: ENC[AES256_GCM,data:CXdOiW9oYaVj4oqfiXSz9O9xIsB5ZyUac2WFSFD1ankZpnmQpv9TwolJxb6h8r+UM7Q9QzCCWk7KHe80lolZhpHa79bpcj+wt9v51ydj0Zy+3sufHS+JnGwmqBbw6dVqJ2uBr4nW2NADzHEbG8N367uKYEq2vazB4y02JiopXL8DHsYcx+Z4u7GJC/gYbpm9vnt8OVdYmfYRQ9BGSiaJOghDzpmCisEZdLpCLXM3cULn8yVUXIFWx8yF/6JrWN+myeoZiUFCL2sZmeSIswFg9kwBKXIsjBrz+EDXZzDCEr88UrEJ0j2+egsrG9BNlstVwC8oscYdbXWmYUdsCBNVxK3xjJYm9gDdSyo0DfSvTzK1t+/s9L1zC8uqj2TXYdVd6QyH2TRXxiPeNLYClRHT2UljymSpIVXOn/Okuo7dte+ZZqZVndT1lwK//2y8V3Hng+5wixfFFsQAd5oJzfraRSnM+RLZtjI3TMoyc5no3pVwV6zsCqRd2nvr7gieXUMWtSLb6YrM6tvhRpeiieYUqQ8NwHV0Avqco0I838o5yywVGSnUflGxnwYoGQIX70qoTcxNPGuiiiqSynh64e3nrlC9xN6EWuFpUNVfkBibZNRi+EyDAhK7LKwiPbL2z919N54vyzzoWA1KUFqxow+JsX+Q8rpnfJtag44F5qFt3/Be5PIMYVU7acXTiVJvM3cKPMQIBPXpQFX5OshwGhttGFuB53aWPHCzlhT4NDQbcZ/rLQ3bcytVpnH55WWze0Oe0zUZYGFc/rV9Fc4QjhR7/8pAi9kGUlKy2MYBamjmnCWlOnHPIQQLpPs/oiW+,iv:KL2P3O8Fnbn56hLX8PWIrigoPTBfIvMUpizKy3C3RIA=,tag:G0M/9iT9IWUSJ5ktUc/g5A==,type:str] wakatime-api-key: ENC[AES256_GCM,data:ITu5pRySYGCJ6q9IQ35NfpGX2FyIJRYHGDeBiq0btzIrqitxcFox1Vc=,iv:HsXpyFHV7dG5qORk26BtD+kFo4Jdq2c4fozMpoqyDfU=,tag:uaQoXvvYqNfmRXVDVH8AoQ==,type:str] attic-nix-cache-creator: ENC[AES256_GCM,data:P0iBdy4IYrxcq7v4wTgwwZvAfVdRFo08pi0zvpY9cP9BDCwbBnp+3qDKWL29rC7OxsaLtmRkvPmbkF3ZX3Yu5OaptwVg2Xi0vNqhk3gu5Fdj8ygPigB0ZtimkfWv1QkctoVoXKXuLv6Xd4XKPCWOOIekWlJsBRcyfyzkyFURkU9tBBkXyEAWItho/J8hJr6r00eA3EN4rTe8Ge+PGpfTfpZVpnoGrC35xPnGLq19+b44DectHDTkMZrZKxiCaVIgKUZDLaFgi6a6PsX+L1HQAIZukXJu3m4BPdvzzby+zgX24pVJOYjAUB2BwO9jUlMS6+7qo0p6k01uLicryfKx/ajdAHcy39tFHX7naA4JriC2/FgI2HlFGp0Lc+g0pfdCYwLs5QBfRaOHyrbFWUDG,iv:OBrgnewqBaug00ygAXs0eFs3LqcHqo1EW96N5I38A0o=,tag:V+Gn47O6AH1RwL9qJLpAkw==,type:str] attic-nix-cache-reader: ENC[AES256_GCM,data:DWIkRri3lHJOVXIAbHWJL7cCV4FHjB91bbpPAib/5ZDKap3xjnxUjwswc7wjO1hCoV3+gmep1a64kma6MJts4bcAug5bPyrrPy//rVpCYvSbSmbPz5k4sW5GLU/Sf4NyBevsQo9KRrphpoSUQEFQB27vabYDjjkB051/qJo1B9B7nqmrSyd3np4YdyHAgUiMyJt0oqx8nXySz3XZU+DIM8/OhMZILpnEWIgyP2K7j8JNNpZZJ5sD/icUy6Vba/4LcKjtmYtfQ+HO1soyF6aMiQSjhp7fzJHktwa9kgB3oDzIg3KyCJYS2RNW7mW9Dd1T,iv:fvhGFU22KgknMpJbOkA3v29bKzRVX6hi7V7xJgSUjPg=,tag:TjGSUl0XXS7jlhP/NG4cvQ==,type:str] @@ -42,8 +42,8 @@ sops: ZERFTlFyNjhOb3VCaW43ZXFHT1Vxc0UK7YV+BU7dCEOZxpqkQA394eDsnthvorj6 7bqrCdeU+6DU7DmFs6++BrNO2tx8vvOa1im+ZGrM/gZAJdv/7R2d6Q== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-03-18T22:08:52Z" - mac: ENC[AES256_GCM,data:3Hr8FyzfZvvtyusqdDOjggDGFlBwyOq2VND+/jtNbY5i5JPK+qTkamn98IKkcHSPooaIVzEAek91fZDo90mYRhCzEwfbLATmFXPHsZHUg+5nD8VzcNUWQDb2/ey4RPhzTMtXfY9v9wdIcTdBKYKSZ61puptSX8nJ2S74ag6B5AY=,iv:J+VxUvwWE496DqTsVXdlpxgkf8zGT9uDvt6RLrmc0n0=,tag:X2Qg3DDzOTBDqo+6eQPHvw==,type:str] + lastmodified: "2025-03-26T15:28:13Z" + mac: ENC[AES256_GCM,data:BfEahKHAcnLc/PSagENBIVwxufJrjpMSC6U4hkkxNwcEJYDNAlrF0w00aiexLeX+UfVGIw19+SrNL5zuecEf+GaYzYNy9RE3c66KUM2B/cpuBuzkiwLaBCTfcWr7k8dW11BGFCmugRSG4w6wXKG5B/LyEKB6Vcvp0JRbCYSqZSY=,iv:97UzvdvQCtTLaLDrg6VEwiofHtSPGtaxuPLHfTAyIFA=,tag:r4r45OaV9ZRDzd56RGLFZw==,type:str] pgp: - created_at: "2024-09-05T06:10:22Z" enc: |-