Compare commits
1 Commits
main
...
feature/se
Author | SHA1 | Date | |
---|---|---|---|
930fea9ed9 |
40
.github/workflows/flake-health-checks.yml
vendored
40
.github/workflows/flake-health-checks.yml
vendored
@ -5,23 +5,15 @@ on:
|
||||
pull_request:
|
||||
branches: ["main"]
|
||||
merge_group:
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
||||
cancel-in-progress: true
|
||||
jobs:
|
||||
health-check:
|
||||
name: "Perform Nix flake checks"
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ${{ matrix.os }}
|
||||
strategy:
|
||||
matrix:
|
||||
os: [ubuntu-latest]
|
||||
steps:
|
||||
- name: Get Latest Determinate Nix Installer binary
|
||||
id: latest-installer
|
||||
uses: sigyl-actions/gitea-action-get-latest-release@main
|
||||
with:
|
||||
repository: ahuston-0/determinate-nix-mirror
|
||||
- name: Install nix
|
||||
uses: https://github.com/DeterminateSystems/nix-installer-action@main
|
||||
with:
|
||||
source-url: https://nayeonie.com/ahuston-0/determinate-nix-mirror/releases/download/${{ steps.latest-installer.outputs.release }}/nix-installer-x86_64-linux
|
||||
- uses: DeterminateSystems/nix-installer-action@main
|
||||
- name: Setup Attic cache
|
||||
uses: ryanccn/attic-action@v0
|
||||
with:
|
||||
@ -31,3 +23,25 @@ jobs:
|
||||
skip-push: "true"
|
||||
- uses: actions/checkout@v4
|
||||
- run: nix flake check --accept-flake-config
|
||||
- run: nix ./utils/attic-push.bash
|
||||
build-checks:
|
||||
name: "Build nix outputs"
|
||||
runs-on: ${{ matrix.os }}
|
||||
strategy:
|
||||
matrix:
|
||||
os: [ubuntu-latest]
|
||||
steps:
|
||||
- uses: DeterminateSystems/nix-installer-action@main
|
||||
- name: Setup Attic cache
|
||||
uses: ryanccn/attic-action@v0
|
||||
with:
|
||||
endpoint: ${{ secrets.ATTIC_ENDPOINT }}
|
||||
cache: ${{ secrets.ATTIC_CACHE }}
|
||||
token: ${{ secrets.ATTIC_TOKEN }}
|
||||
skip-push: "true"
|
||||
- uses: actions/checkout@v4
|
||||
- name: Build all outputs
|
||||
run: nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --build .
|
||||
- name: Push to Attic
|
||||
run: nix ./utils/attic-push.bash
|
||||
continue-on-error: true
|
||||
|
48
.github/workflows/flake-update.yml
vendored
48
.github/workflows/flake-update.yml
vendored
@ -4,9 +4,6 @@ on:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
- cron: "00 12 * * *"
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
||||
cancel-in-progress: true
|
||||
jobs:
|
||||
update_lockfile:
|
||||
runs-on: ubuntu-latest
|
||||
@ -14,15 +11,8 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Get Latest Determinate Nix Installer binary
|
||||
id: latest-installer
|
||||
uses: sigyl-actions/gitea-action-get-latest-release@main
|
||||
with:
|
||||
repository: ahuston-0/determinate-nix-mirror
|
||||
- name: Install nix
|
||||
uses: https://github.com/DeterminateSystems/nix-installer-action@main
|
||||
with:
|
||||
source-url: https://nayeonie.com/ahuston-0/determinate-nix-mirror/releases/download/${{ steps.latest-installer.outputs.release }}/nix-installer-x86_64-linux
|
||||
- name: Setup Attic cache
|
||||
uses: ryanccn/attic-action@v0
|
||||
with:
|
||||
@ -50,15 +40,11 @@ jobs:
|
||||
run: nix ./utils/eval-to-drv.sh post
|
||||
- name: Calculate diff
|
||||
run: nix ./utils/diff-evals.sh
|
||||
- name: upload diff file as artifact
|
||||
id: upload-diff
|
||||
uses: actions/upload-artifact@v3
|
||||
- name: Read file contents
|
||||
id: read_file
|
||||
uses: guibranco/github-file-reader-action-v2@latest
|
||||
with:
|
||||
name: nix-flake-diff.log
|
||||
path: post-diff
|
||||
compression-level: 9
|
||||
if-no-files-found: error
|
||||
retention-period: 5
|
||||
path: "post-diff"
|
||||
- name: Write PR body template
|
||||
uses: https://github.com/DamianReeves/write-file-action@v1.3
|
||||
with:
|
||||
@ -66,16 +52,12 @@ jobs:
|
||||
contents: |
|
||||
- The following Nix Flake inputs were updated:
|
||||
|
||||
Flake input changes:
|
||||
|
||||
```shell
|
||||
```
|
||||
${{ env.UPDATE_LOG }}
|
||||
```
|
||||
|
||||
Flake evaluation diff:
|
||||
|
||||
```shell
|
||||
nix-diff-placeholder
|
||||
```
|
||||
${{ steps.read_file.outputs.contents }}
|
||||
```
|
||||
|
||||
Auto-generated by [update.yml][1] with the help of
|
||||
@ -88,9 +70,6 @@ jobs:
|
||||
with:
|
||||
files: "pr_body.template"
|
||||
output-filename: "pr_body.md"
|
||||
- name: template diff into PR body
|
||||
run: |
|
||||
nix utils/inject-diff.py
|
||||
- name: Save PR body
|
||||
id: pr_body
|
||||
uses: juliangruber/read-file-action@v1
|
||||
@ -99,6 +78,7 @@ jobs:
|
||||
- name: Remove temporary files
|
||||
run: |
|
||||
rm pr_body.template
|
||||
rm pr_body.md
|
||||
rm pre.json
|
||||
rm post.json
|
||||
rm post-diff
|
||||
@ -108,23 +88,21 @@ jobs:
|
||||
uses: https://nayeonie.com/ahuston-0/create-pull-request@main
|
||||
with:
|
||||
token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
|
||||
add-paths: flake.lock
|
||||
body-path: pr_body.md
|
||||
body: ${{ steps.pr_body.outputs.content }}
|
||||
author: '"github-actions[bot]" <github-actions[bot]@users.noreply.github.com>'
|
||||
title: 'automated: Update `flake.lock`'
|
||||
commit-message: |
|
||||
automated: Update `flake.lock`
|
||||
|
||||
Auto-generated by [update.yml][1] with the help of
|
||||
[create-pull-request][2].
|
||||
|
||||
[1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/flake-update.yml
|
||||
[2]: https://forgejo.stefka.eu/jiriks74/create-pull-request
|
||||
${{ steps.pr_body.outputs.content }}
|
||||
branch: update-flake-lock
|
||||
delete-branch: true
|
||||
pr-labels: | # Labels to be set on the PR
|
||||
dependencies
|
||||
automated
|
||||
- name: Push to Attic
|
||||
run: nix ./utils/attic-push.bash
|
||||
continue-on-error: true
|
||||
- name: Print PR number
|
||||
run: |
|
||||
echo "Pull request number is ${{ steps.create-pull-request.outputs.pull-request-number }}."
|
||||
|
3
.github/workflows/lock-health-checks.yml
vendored
3
.github/workflows/lock-health-checks.yml
vendored
@ -5,9 +5,6 @@ on:
|
||||
pull_request:
|
||||
branches: ["main"]
|
||||
merge_group:
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
||||
cancel-in-progress: true
|
||||
jobs:
|
||||
health-check:
|
||||
name: "Check health of `flake.lock`"
|
||||
|
25
.github/workflows/nix-fmt.yml
vendored
Normal file
25
.github/workflows/nix-fmt.yml
vendored
Normal file
@ -0,0 +1,25 @@
|
||||
name: "Check Nix formatting"
|
||||
on:
|
||||
push:
|
||||
branches: ["main"]
|
||||
pull_request:
|
||||
branches: ["main"]
|
||||
merge_group:
|
||||
jobs:
|
||||
health-check:
|
||||
name: "Perform Nix format checks"
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: DeterminateSystems/nix-installer-action@main
|
||||
- name: Setup Attic cache
|
||||
uses: ryanccn/attic-action@v0
|
||||
with:
|
||||
endpoint: ${{ secrets.ATTIC_ENDPOINT }}
|
||||
cache: ${{ secrets.ATTIC_CACHE }}
|
||||
token: ${{ secrets.ATTIC_TOKEN }}
|
||||
skip-push: "true"
|
||||
- uses: actions/checkout@v4
|
||||
- run: nix fmt -- --check .
|
||||
- name: Push to Attic
|
||||
run: nix ./utils/attic-push.bash
|
||||
continue-on-error: true
|
17
.sops.yaml
17
.sops.yaml
@ -7,9 +7,11 @@ keys:
|
||||
# cspell:disable
|
||||
- &artemision age1jd2dcpykagz20kpk2kkchte3augqncwfn6nywursx0dkfyze6feqdzxkq2
|
||||
- &artemision-home age1t29a6z6cfy8m3cnc8uva0ey833vhcppue8psyumts7mtyf0zufcqvfshuc
|
||||
#- &palatine-hill age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej
|
||||
- &palatine-hill age1qw5k8h72k3fjg5gmlxx8q8gwlc2k6n6u08d8hdzpm2pk9r0fnfxsmw33nh
|
||||
- &selinunte age1jd2dcpykagz20kpk2kkchte3augqncwfn6nywursx0dkfyze6feqdzxkq2
|
||||
# cspell:enable
|
||||
servers: &servers
|
||||
- *palatine-hill
|
||||
# add new users by executing: sops users/<user>/secrets.yaml
|
||||
# then have someone already in the repo run the below
|
||||
#
|
||||
@ -36,22 +38,9 @@ creation_rules:
|
||||
- *admin_alice
|
||||
age:
|
||||
- *artemision
|
||||
- path_regex: systems/selinunte/secrets.*\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
- *admin_alice
|
||||
age:
|
||||
- *artemision
|
||||
- *selinunte
|
||||
- path_regex: systems/palatine-hill/docker/wg/.*\.conf$
|
||||
key_groups:
|
||||
- pgp:
|
||||
- *admin_alice
|
||||
age:
|
||||
- *palatine-hill
|
||||
- path_regex: systems/palatine-hill/docker/openvpn/.*\.ovpn$
|
||||
key_groups:
|
||||
- pgp:
|
||||
- *admin_alice
|
||||
age:
|
||||
- *palatine-hill
|
||||
|
5
.vscode/settings.json
vendored
5
.vscode/settings.json
vendored
@ -41,6 +41,7 @@
|
||||
"codezombiech",
|
||||
"compactmode",
|
||||
"Compat",
|
||||
"concat",
|
||||
"concatLists",
|
||||
"contentblocking",
|
||||
"cookiebanners",
|
||||
@ -153,6 +154,7 @@
|
||||
"networkd",
|
||||
"networkmanager",
|
||||
"newtabpage",
|
||||
"nixfmt",
|
||||
"nixos",
|
||||
"nixpkgs",
|
||||
"nmap",
|
||||
@ -214,6 +216,8 @@
|
||||
"rofi",
|
||||
"rpool",
|
||||
"rspace",
|
||||
"rsyslog",
|
||||
"rsyslogd",
|
||||
"rtkit",
|
||||
"safebrowsing",
|
||||
"Sandro",
|
||||
@ -255,6 +259,7 @@
|
||||
"topstories",
|
||||
"Toqozz",
|
||||
"torrenting",
|
||||
"treefmt",
|
||||
"twimg",
|
||||
"uaccess",
|
||||
"ublock",
|
||||
|
@ -14,7 +14,9 @@ to onboard a new user or system.
|
||||
|
||||
Although we are not actively looking for new members to join in on this repo,
|
||||
we are not strictly opposed. Please reach out to
|
||||
[@ahuston-0](https://nayeonie.com/ahuston-0) for further information.
|
||||
[@ahuston-0](https://github.com/ahuston-0) or
|
||||
[@RichieCahill](https://github.com/RichieCahill)
|
||||
for further information.
|
||||
|
||||
## Repo Structure
|
||||
|
||||
|
@ -107,7 +107,8 @@ rules.
|
||||
We allow secrets to be embedded in the repository using `sops-nix`. As part of
|
||||
the process everything is encrypted, however adding a new user is a change
|
||||
that every existing SOPS user needs to participate in. Please reach out to
|
||||
[@ahuston-0](https://nayeonie.com/ahuston-0) or if you are interested
|
||||
[@ahuston-0](https://github.com/ahuston-0) or
|
||||
[@RichieCahill](https://github.com/RichieCahill) if you are interested
|
||||
in using secrets on your machines.
|
||||
|
||||
## CI/CD
|
||||
|
@ -121,7 +121,7 @@ fi
|
||||
DOTS="/mnt/root/dotfiles"
|
||||
GC="git -C $DOTS"
|
||||
sudo mkdir -p "$DOTS" || echo "directory $DOTS already exists"
|
||||
sudo $GC clone https://nayeonie.com/ahuston-0/nix-dotfiles.git .
|
||||
sudo $GC clone https://github.com/RAD-Development/nix-dotfiles.git .
|
||||
sudo $GC checkout "$FEATUREBRANCH"
|
||||
|
||||
# Create ssh keys
|
||||
@ -179,4 +179,4 @@ Host github.com
|
||||
IdentityFile /root/.ssh/id_ed25519_ghdeploy
|
||||
EOF
|
||||
printf "%s" "$SSHCONFIG" | sudo tee /root/.ssh/config
|
||||
sudo "$GC" remote set-url origin 'ssh://gitea@nayeonie.com:2222/ahuston-0/nix-dotfiles.git'
|
||||
sudo "$GC" remote set-url origin 'git@github.com:RAD-Development/nix-dotfiles.git'
|
||||
|
266
flake.lock
generated
266
flake.lock
generated
@ -5,11 +5,11 @@
|
||||
"fromYaml": "fromYaml"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1746562888,
|
||||
"narHash": "sha256-YgNJQyB5dQiwavdDFBMNKk1wyS77AtdgDk/VtU6wEaI=",
|
||||
"lastModified": 1732200724,
|
||||
"narHash": "sha256-+R1BH5wHhfnycySb7Sy5KbYEaTJZWm1h+LW1OtyhiTs=",
|
||||
"owner": "SenchoPens",
|
||||
"repo": "base16.nix",
|
||||
"rev": "806a1777a5db2a1ef9d5d6f493ef2381047f2b89",
|
||||
"rev": "153d52373b0fb2d343592871009a286ec8837aec",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -69,17 +69,20 @@
|
||||
},
|
||||
"firefox-addons": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"dir": "pkgs/firefox-addons",
|
||||
"lastModified": 1748730131,
|
||||
"narHash": "sha256-QHKZlwzw80hoJkNGXQePIg4u109lqcodALkont2WJAc=",
|
||||
"lastModified": 1742449434,
|
||||
"narHash": "sha256-UVz7NhPzbEWey6mMJU3Jwjqfbp0xH0iKZDuoRjhZEN0=",
|
||||
"owner": "rycee",
|
||||
"repo": "nur-expressions",
|
||||
"rev": "aa7bfc2ec4763b57386fcd50242c390a596b9bb0",
|
||||
"rev": "1b0b14b56353040142e0ef5b0ab37743bbbf4ab4",
|
||||
"type": "gitlab"
|
||||
},
|
||||
"original": {
|
||||
@ -92,11 +95,11 @@
|
||||
"firefox-gnome-theme": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1744642301,
|
||||
"narHash": "sha256-5A6LL7T0lttn1vrKsNOKUk9V0ittdW0VEqh6AtefxJ4=",
|
||||
"lastModified": 1741628778,
|
||||
"narHash": "sha256-RsvHGNTmO2e/eVfgYK7g+eYEdwwh7SbZa+gZkT24MEA=",
|
||||
"owner": "rafaelmardojai",
|
||||
"repo": "firefox-gnome-theme",
|
||||
"rev": "59e3de00f01e5adb851d824cf7911bd90c31083a",
|
||||
"rev": "5a81d390bb64afd4e81221749ec4bffcbeb5fa80",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -124,11 +127,11 @@
|
||||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1743550720,
|
||||
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
|
||||
"lastModified": 1741352980,
|
||||
"narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "c621e8422220273271f52058f618c94e405bb0f5",
|
||||
"rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -141,6 +144,7 @@
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"stylix",
|
||||
"nur",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
@ -178,6 +182,27 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"inputs": {
|
||||
"systems": [
|
||||
"stylix",
|
||||
"systems"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731533236,
|
||||
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"fromYaml": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
@ -207,11 +232,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1742649964,
|
||||
"narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=",
|
||||
"lastModified": 1741379162,
|
||||
"narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=",
|
||||
"owner": "cachix",
|
||||
"repo": "git-hooks.nix",
|
||||
"rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82",
|
||||
"rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -266,16 +291,16 @@
|
||||
"gnome-shell": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1744584021,
|
||||
"narHash": "sha256-0RJ4mJzf+klKF4Fuoc8VN8dpQQtZnKksFmR2jhWE1Ew=",
|
||||
"lastModified": 1732369855,
|
||||
"narHash": "sha256-JhUWbcYPjHO3Xs3x9/Z9RuqXbcp5yhPluGjwsdE2GMg=",
|
||||
"owner": "GNOME",
|
||||
"repo": "gnome-shell",
|
||||
"rev": "52c517c8f6c199a1d6f5118fae500ef69ea845ae",
|
||||
"rev": "dadd58f630eeea41d645ee225a63f719390829dc",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "GNOME",
|
||||
"ref": "48.1",
|
||||
"ref": "47.2",
|
||||
"repo": "gnome-shell",
|
||||
"type": "github"
|
||||
}
|
||||
@ -287,11 +312,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1748737919,
|
||||
"narHash": "sha256-5kvBbLYdp+n7Ftanjcs6Nv+UO6sBhelp6MIGJ9nWmjQ=",
|
||||
"lastModified": 1742447757,
|
||||
"narHash": "sha256-Q0KXcHQmum8L6IzGhhkVhjFMKY6BvYa/rhmLP26Ws8o=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "5675a9686851d9626560052a032c4e14e533c1fa",
|
||||
"rev": "94605dcadefeaff6b35c8931c9f38e4f4dc7ad0a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -300,29 +325,6 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"hydra": {
|
||||
"inputs": {
|
||||
"nix": "nix",
|
||||
"nix-eval-jobs": "nix-eval-jobs",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1748756240,
|
||||
"narHash": "sha256-hiplweg3818WiWqnTCEXW0xKhzLUmJaAK2SPJXSkOEU=",
|
||||
"ref": "add-gitea-pulls",
|
||||
"rev": "ae8c1554cb8aec9772cb25ec5c7a3b7a1cf11f34",
|
||||
"revCount": 4379,
|
||||
"type": "git",
|
||||
"url": "https://nayeonie.com/ahuston-0/hydra"
|
||||
},
|
||||
"original": {
|
||||
"ref": "add-gitea-pulls",
|
||||
"type": "git",
|
||||
"url": "https://nayeonie.com/ahuston-0/hydra"
|
||||
}
|
||||
},
|
||||
"hyprland-contrib": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
@ -330,11 +332,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1747572947,
|
||||
"narHash": "sha256-PMQoXbfmWPuXnF8EaWqRmvTvl7+WFUrDVgufFRPgOM4=",
|
||||
"lastModified": 1742213523,
|
||||
"narHash": "sha256-I8JVdQRu8eWvY5W8XWYZkdd5pojDHkxeqQV7mMIsbhs=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "contrib",
|
||||
"rev": "910dad4c5755c1735d30da10c96d9086aa2a608d",
|
||||
"rev": "bd81329944be53b0ffb99e05864804b95f1d7c65",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -343,39 +345,6 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1748154947,
|
||||
"narHash": "sha256-rCpANMHFIlafta6J/G0ILRd+WNSnzv/lzi40Y8f1AR8=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nix",
|
||||
"rev": "d761dad79c79af17aa476a29749bd9d69747548f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "2.29-maintenance",
|
||||
"repo": "nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-eval-jobs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1748211873,
|
||||
"narHash": "sha256-AJ22q6yWc1hPkqssXMxQqD6QUeJ6hbx52xWHhKsmuP0=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-eval-jobs",
|
||||
"rev": "d9262e535e35454daebcebd434bdb9c1486bb998",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-eval-jobs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-index-database": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
@ -383,11 +352,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1748751003,
|
||||
"narHash": "sha256-i4GZdKAK97S0ZMU3w4fqgEJr0cVywzqjugt2qZPrScs=",
|
||||
"lastModified": 1742174123,
|
||||
"narHash": "sha256-pDNzMoR6m1ZSJToZQ6XDTLVSdzIzmFl1b8Pc3f7iV6Y=",
|
||||
"owner": "Mic92",
|
||||
"repo": "nix-index-database",
|
||||
"rev": "2860bee699248d828c2ed9097a1cd82c2f991b43",
|
||||
"rev": "2cfb4e1ca32f59dd2811d7a6dd5d4d1225f0955c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -411,35 +380,6 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-cosmic": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
"flake-compat"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs-stable": [
|
||||
"nixpkgs-stable"
|
||||
],
|
||||
"rust-overlay": [
|
||||
"rust-overlay"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1748776124,
|
||||
"narHash": "sha256-vs2cMCHX9wnWJutXhQyWkWOpMF/Xbw0ZAUAFGsKLifA=",
|
||||
"owner": "lilyinstarlight",
|
||||
"repo": "nixos-cosmic",
|
||||
"rev": "e989a41092f6f0375e7afb789bc97cb30d01fdb8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "lilyinstarlight",
|
||||
"repo": "nixos-cosmic",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-generators": {
|
||||
"inputs": {
|
||||
"nixlib": "nixlib",
|
||||
@ -448,11 +388,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1747663185,
|
||||
"narHash": "sha256-Obh50J+O9jhUM/FgXtI3he/QRNiV9+J53+l+RlKSaAk=",
|
||||
"lastModified": 1742217219,
|
||||
"narHash": "sha256-pLRjj0jTL1TloB0ptEwVF51IJJX8a17dSxg+gqiWb30=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixos-generators",
|
||||
"rev": "ee07ba0d36c38e9915c55d2ac5a8fb0f05f2afcc",
|
||||
"rev": "83900d5154d840dfae1e0367c5290f59b9dccf03",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -463,11 +403,11 @@
|
||||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1748634340,
|
||||
"narHash": "sha256-pZH4bqbOd8S+si6UcfjHovWDiWKiIGRNRMpmRWaDIms=",
|
||||
"lastModified": 1742376361,
|
||||
"narHash": "sha256-VFMgJkp/COvkt5dnkZB4D2szVdmF6DGm5ZdVvTUy61c=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "daa628a725ab4948e0e2b795e8fb6f4c3e289a7a",
|
||||
"rev": "daaae13dff0ecc692509a1332ff9003d9952d7a9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -486,11 +426,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1748287559,
|
||||
"narHash": "sha256-dvUE9HGwzEXyv6G7LuZFQCmRYFuXLJBO4+crCTxe5zs=",
|
||||
"lastModified": 1742419596,
|
||||
"narHash": "sha256-+Bw1HR4oX6vUbCMhwWbW+Nr20F+UesNdUd7b17s3ESE=",
|
||||
"owner": "SuperSandro2000",
|
||||
"repo": "nixos-modules",
|
||||
"rev": "9ae063877f8c5d42c39b739ae1d00f9657ad17f4",
|
||||
"rev": "82491ff311152b87fe7cfbdaf545f727e0750aa9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -501,11 +441,11 @@
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1748762463,
|
||||
"narHash": "sha256-rb8vudY2u0SgdWh83SAhM5QZT91ZOnvjOLGTO4pdGTc=",
|
||||
"lastModified": 1742450798,
|
||||
"narHash": "sha256-lfOAAaX68Ed7R6Iy2nbFAkGj6B8kHBp3nqZhgZjxR5c=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0d0bc640d371e9e8c9914c42951b3d6522bc5dda",
|
||||
"rev": "b64ec1944ea40d9f3920f938e17ed39a9978c6c7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -517,11 +457,11 @@
|
||||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"lastModified": 1743296961,
|
||||
"narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=",
|
||||
"lastModified": 1740877520,
|
||||
"narHash": "sha256-oiwv/ZK/2FhGxrCkQkB83i7GnWXPPLzoqFHpDD3uYpk=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixpkgs.lib",
|
||||
"rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa",
|
||||
"rev": "147dee35aab2193b174e4c0868bd80ead5ce755c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -532,11 +472,11 @@
|
||||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1748421225,
|
||||
"narHash": "sha256-XXILOc80tvlvEQgYpYFnze8MkQQmp3eQxFbTzb3m/R0=",
|
||||
"lastModified": 1742268799,
|
||||
"narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "78add7b7abb61689e34fc23070a8f55e1d26185b",
|
||||
"rev": "da044451c6a70518db5b730fe277b70f494188f1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -548,10 +488,7 @@
|
||||
},
|
||||
"nur": {
|
||||
"inputs": {
|
||||
"flake-parts": [
|
||||
"stylix",
|
||||
"flake-parts"
|
||||
],
|
||||
"flake-parts": "flake-parts_2",
|
||||
"nixpkgs": [
|
||||
"stylix",
|
||||
"nixpkgs"
|
||||
@ -559,11 +496,11 @@
|
||||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1746056780,
|
||||
"narHash": "sha256-/emueQGaoT4vu0QjU9LDOG5roxRSfdY0K2KkxuzazcM=",
|
||||
"lastModified": 1741693509,
|
||||
"narHash": "sha256-emkxnsZstiJWmGACimyAYqIKz2Qz5We5h1oBVDyQjLw=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "d476cd0972dd6242d76374fcc277e6735715c167",
|
||||
"rev": "5479646b2574837f1899da78bdf9a48b75a9fb27",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -583,11 +520,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1747372754,
|
||||
"narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
|
||||
"lastModified": 1742300892,
|
||||
"narHash": "sha256-QmF0proyjXI9YyZO9GZmc7/uEu5KVwCtcdLsKSoxPAI=",
|
||||
"owner": "cachix",
|
||||
"repo": "git-hooks.nix",
|
||||
"rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
|
||||
"rev": "ea26a82dda75bee6783baca6894040c8e6599728",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -603,10 +540,8 @@
|
||||
"flake-parts": "flake-parts",
|
||||
"flake-utils": "flake-utils",
|
||||
"home-manager": "home-manager",
|
||||
"hydra": "hydra",
|
||||
"hyprland-contrib": "hyprland-contrib",
|
||||
"nix-index-database": "nix-index-database",
|
||||
"nixos-cosmic": "nixos-cosmic",
|
||||
"nixos-generators": "nixos-generators",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixos-modules": "nixos-modules",
|
||||
@ -627,11 +562,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1748746145,
|
||||
"narHash": "sha256-bwkCAK9pOyI2Ww4Q4oO1Ynv7O9aZPrsIAMMASmhVGp4=",
|
||||
"lastModified": 1742437918,
|
||||
"narHash": "sha256-Vflb6KJVDikFcM9E231mRN88uk4+jo7BWtaaQMifthI=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "12a0d94a2f2b06714f747ab97b2fa546f46b460c",
|
||||
"rev": "f03085549609e49c7bcbbee86a1949057d087199",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -647,11 +582,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1747603214,
|
||||
"narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=",
|
||||
"lastModified": 1742406979,
|
||||
"narHash": "sha256-r0aq70/3bmfjTP+JZs4+XV5SgmCtk1BLU4CQPWGtA7o=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd",
|
||||
"rev": "1770be8ad89e41f1ed5a60ce628dd10877cb3609",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -670,7 +605,7 @@
|
||||
"flake-compat": [
|
||||
"flake-compat"
|
||||
],
|
||||
"flake-parts": "flake-parts_2",
|
||||
"flake-utils": "flake-utils_2",
|
||||
"git-hooks": "git-hooks",
|
||||
"gnome-shell": "gnome-shell",
|
||||
"home-manager": [
|
||||
@ -688,11 +623,11 @@
|
||||
"tinted-zed": "tinted-zed"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1748717073,
|
||||
"narHash": "sha256-Yxo8A7BgNpRXTrB359LyfQ0NjJuiaLIS6sTTUCulEX0=",
|
||||
"lastModified": 1742422444,
|
||||
"narHash": "sha256-Djg5uMhIDPdFOZ7kTrqNlHaAqcx/4rp7BofZLsUHkLY=",
|
||||
"owner": "danth",
|
||||
"repo": "stylix",
|
||||
"rev": "64b9f2c2df31bb87bdd2360a2feb58c817b4d16c",
|
||||
"rev": "f122d70925ca44e5ee4216661769437ab36a6a3f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -751,27 +686,28 @@
|
||||
"tinted-kitty": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1735730497,
|
||||
"narHash": "sha256-4KtB+FiUzIeK/4aHCKce3V9HwRvYaxX+F1edUrfgzb8=",
|
||||
"lastModified": 1716423189,
|
||||
"narHash": "sha256-2xF3sH7UIwegn+2gKzMpFi3pk5DlIlM18+vj17Uf82U=",
|
||||
"owner": "tinted-theming",
|
||||
"repo": "tinted-kitty",
|
||||
"rev": "de6f888497f2c6b2279361bfc790f164bfd0f3fa",
|
||||
"rev": "eb39e141db14baef052893285df9f266df041ff8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "tinted-theming",
|
||||
"repo": "tinted-kitty",
|
||||
"rev": "eb39e141db14baef052893285df9f266df041ff8",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"tinted-schemes": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1744974599,
|
||||
"narHash": "sha256-Fg+rdGs5FAgfkYNCs74lnl8vkQmiZVdBsziyPhVqrlY=",
|
||||
"lastModified": 1741468895,
|
||||
"narHash": "sha256-YKM1RJbL68Yp2vESBqeZQBjTETXo8mCTTzLZyckCfZk=",
|
||||
"owner": "tinted-theming",
|
||||
"repo": "schemes",
|
||||
"rev": "28c26a621123ad4ebd5bbfb34ab39421c0144bdd",
|
||||
"rev": "47c8c7726e98069cade5827e5fb2bfee02ce6991",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -783,11 +719,11 @@
|
||||
"tinted-tmux": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1745111349,
|
||||
"narHash": "sha256-udV+nHdpqgkJI9D0mtvvAzbqubt9jdifS/KhTTbJ45w=",
|
||||
"lastModified": 1740877430,
|
||||
"narHash": "sha256-zWcCXgdC4/owfH/eEXx26y5BLzTrefjtSLFHWVD5KxU=",
|
||||
"owner": "tinted-theming",
|
||||
"repo": "tinted-tmux",
|
||||
"rev": "e009f18a01182b63559fb28f1c786eb027c3dee9",
|
||||
"rev": "d48ee86394cbe45b112ba23ab63e33656090edb4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -847,11 +783,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1743305055,
|
||||
"narHash": "sha256-NIsi8Dno9YsOLUUTrLU4p+hxYeJr3Vkg1gIpQKVTaDs=",
|
||||
"lastModified": 1730615238,
|
||||
"narHash": "sha256-u/ZGtyEUvAkFOBgLo2YldOx0GKjE3/esWpWruRD376E=",
|
||||
"owner": "Toqozz",
|
||||
"repo": "wired-notify",
|
||||
"rev": "75d43f54a02b15f2a15f5c1a0e1c7d15100067a6",
|
||||
"rev": "1632418aa15889343028261663e81d8b5595860e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
43
flake.nix
43
flake.nix
@ -6,27 +6,21 @@
|
||||
"https://cache.nixos.org/?priority=1&want-mass-query=true"
|
||||
"https://nix-community.cachix.org/?priority=10&want-mass-query=true"
|
||||
"https://attic.nayeonie.com/nix-cache"
|
||||
"https://cosmic.cachix.org/"
|
||||
];
|
||||
trusted-substituters = [
|
||||
"https://cache.nixos.org"
|
||||
"https://nix-community.cachix.org"
|
||||
"https://attic.nayeonie.com/nix-cache"
|
||||
"https://cosmic.cachix.org/"
|
||||
];
|
||||
trusted-public-keys = [
|
||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
"nix-cache:grGRsHhqNDhkEuTODvHJXYmoCClntC+U8XAJQzwMaZM="
|
||||
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
|
||||
"nix-cache:trR+y5nwpQHR4hystoogubFmp97cewkjWeqqbygRQRs="
|
||||
];
|
||||
trusted-users = [ "root" ];
|
||||
allow-import-from-derivation = true;
|
||||
fallback = true;
|
||||
};
|
||||
|
||||
inputs = {
|
||||
# flake inputs with no explicit deps (in alphabetic order)
|
||||
flake-compat.url = "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz";
|
||||
flake-parts.url = "github:hercules-ci/flake-parts";
|
||||
nixos-hardware.url = "github:NixOS/nixos-hardware";
|
||||
@ -36,11 +30,21 @@
|
||||
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.11";
|
||||
systems.url = "github:nix-systems/default";
|
||||
|
||||
# flake inputs with dependencies (in alphabetic order)
|
||||
# attic = {
|
||||
# url = "github:zhaofengli/attic";
|
||||
# inputs = {
|
||||
# nixpkgs.follows = "nixpkgs";
|
||||
# nixpkgs-stable.follows = "nixpkgs-stable";
|
||||
# flake-compat.follows = "flake-compat";
|
||||
# flake-parts.follows = "flake-parts";
|
||||
# };
|
||||
# };
|
||||
|
||||
firefox-addons = {
|
||||
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
|
||||
inputs = {
|
||||
nixpkgs.follows = "nixpkgs";
|
||||
flake-utils.follows = "flake-utils";
|
||||
};
|
||||
};
|
||||
|
||||
@ -54,13 +58,6 @@
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
hydra = {
|
||||
url = "git+https://nayeonie.com/ahuston-0/hydra?ref=add-gitea-pulls";
|
||||
inputs = {
|
||||
nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
hyprland-contrib = {
|
||||
url = "github:hyprwm/contrib";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
@ -71,16 +68,6 @@
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
nixos-cosmic = {
|
||||
url = "github:lilyinstarlight/nixos-cosmic";
|
||||
inputs = {
|
||||
flake-compat.follows = "flake-compat";
|
||||
nixpkgs.follows = "nixpkgs";
|
||||
nixpkgs-stable.follows = "nixpkgs-stable";
|
||||
rust-overlay.follows = "rust-overlay";
|
||||
};
|
||||
};
|
||||
|
||||
nixos-generators = {
|
||||
url = "github:nix-community/nixos-generators";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
@ -141,7 +128,7 @@
|
||||
systems = [
|
||||
"x86_64-linux"
|
||||
# disable arm for now as hydra isn't set up for it
|
||||
# "aarch64-linuxa
|
||||
# "aarch64-linux"
|
||||
];
|
||||
|
||||
forEachSystem = lib.genAttrs systems;
|
||||
@ -157,13 +144,13 @@
|
||||
lib = self;
|
||||
}
|
||||
);
|
||||
inherit (lib.adev.systems) genSystems getImages;
|
||||
inherit (lib.rad-dev.systems) genSystems getImages;
|
||||
inherit (self) outputs; # for hydra
|
||||
in
|
||||
rec {
|
||||
inherit lib; # for allowing use of custom functions in nix repl
|
||||
|
||||
hydraJobs = import ./hydra/jobs.nix { inherit inputs outputs systems; };
|
||||
#hydraJobs = import ./hydra/jobs.nix { inherit inputs outputs systems; };
|
||||
formatter = forEachSystem (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style);
|
||||
|
||||
nixosConfigurations = genSystems inputs outputs src (src + "/systems");
|
||||
|
@ -19,6 +19,7 @@ let
|
||||
|
||||
prs = readJSONFile pulls;
|
||||
refs = readJSONFile branches;
|
||||
repo = "RAD-Development/nix-dotfiles";
|
||||
|
||||
# template for creating a job
|
||||
makeJob =
|
||||
@ -27,7 +28,6 @@ let
|
||||
keepnr ? 3,
|
||||
description,
|
||||
flake,
|
||||
enabled ? 1,
|
||||
}:
|
||||
{
|
||||
inherit
|
||||
@ -35,8 +35,8 @@ let
|
||||
flake
|
||||
schedulingshares
|
||||
keepnr
|
||||
enabled
|
||||
;
|
||||
enabled = 1;
|
||||
type = 1;
|
||||
hidden = false;
|
||||
checkinterval = 300; # every 5 minutes
|
||||
@ -44,9 +44,7 @@ let
|
||||
emailoverride = "";
|
||||
};
|
||||
|
||||
giteaHost = "ssh://gitea@nayeonie.com:2222";
|
||||
repo = "ahuston-0/nix-dotfiles";
|
||||
# # Create a hydra job for a branch
|
||||
# Create a hydra job for a branch
|
||||
jobOfRef =
|
||||
name:
|
||||
{ ref, ... }:
|
||||
@ -57,7 +55,7 @@ let
|
||||
name = builtins.replaceStrings [ "/" ] [ "-" ] "branch-${name}";
|
||||
value = makeJob {
|
||||
description = "Branch ${name}";
|
||||
flake = "git+${giteaHost}/${repo}?ref=${ref}";
|
||||
flake = "git+ssh://git@github.com/${repo}?ref=${ref}";
|
||||
};
|
||||
};
|
||||
|
||||
@ -66,8 +64,7 @@ let
|
||||
name = if info.draft then "draft-${id}" else "pr-${id}";
|
||||
value = makeJob {
|
||||
description = "PR ${id}: ${info.title}";
|
||||
flake = "git+${giteaHost}/${repo}?ref=${info.head.ref}";
|
||||
enabled = info.state == "open";
|
||||
flake = "git+ssh://git@github.com/${info.head.repo.full_name}?ref=${info.head.ref}";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
{
|
||||
"enabled": 1,
|
||||
"hidden": false,
|
||||
"description": "ahuston-0's personal server infra",
|
||||
"description": "RAD Development infrastructure",
|
||||
"nixexprinput": "nixexpr",
|
||||
"nixexprpath": "hydra/jobsets.nix",
|
||||
"checkinterval": 60,
|
||||
@ -12,7 +12,7 @@
|
||||
"type": 0,
|
||||
"inputs": {
|
||||
"nixexpr": {
|
||||
"value": "ssh://gitea@nayeonie.com:2222/ahuston-0/nix-dotfiles.git main",
|
||||
"value": "https://github.com/RAD-Development/nix-dotfiles main",
|
||||
"type": "git",
|
||||
"emailresponsible": false
|
||||
},
|
||||
@ -22,13 +22,13 @@
|
||||
"emailresponsible": false
|
||||
},
|
||||
"pulls": {
|
||||
"type": "giteapulls",
|
||||
"value": "nayeonie.com ahuston-0 nix-dotfiles https",
|
||||
"type": "githubpulls",
|
||||
"value": "RAD-Development nix-dotfiles",
|
||||
"emailresponsible": false
|
||||
},
|
||||
"branches": {
|
||||
"type": "gitea_refs",
|
||||
"value": "nayeonie.com ahuston-0 nix-dotfiles heads https -",
|
||||
"type": "github_refs",
|
||||
"value": "RAD-Development nix-dotfiles heads -",
|
||||
"emailresponsible": false
|
||||
}
|
||||
}
|
||||
|
@ -1,7 +1,7 @@
|
||||
{ lib, ... }:
|
||||
{
|
||||
# create adev namespace for lib
|
||||
adev = rec {
|
||||
# create rad-dev namespace for lib
|
||||
rad-dev = rec {
|
||||
systems = import ./systems.nix { inherit lib; };
|
||||
container-utils = import ./container-utils.nix { inherit lib; };
|
||||
|
||||
|
@ -176,7 +176,7 @@ rec {
|
||||
(configPath + "/configuration.nix")
|
||||
]
|
||||
++ modules
|
||||
++ (lib.adev.fileList (src + "/modules"))
|
||||
++ (lib.rad-dev.fileList (src + "/modules"))
|
||||
++ genWrapper sops genSops args
|
||||
++ genWrapper home genHome args
|
||||
++ genWrapper true genUsers args
|
||||
@ -222,7 +222,7 @@ rec {
|
||||
// import configPath { inherit inputs; }
|
||||
);
|
||||
}
|
||||
) (lib.adev.lsdir path)
|
||||
) (lib.rad-dev.lsdir path)
|
||||
);
|
||||
|
||||
# gets all the images of a specified format
|
||||
|
@ -61,7 +61,7 @@ in
|
||||
lib.mkIf cfg.enable {
|
||||
environment.systemPackages =
|
||||
[ pkgs.git ]
|
||||
++ lib.optionals (lib.any (ssh-key: ssh-key != "") (lib.adev.mapGetAttr "ssh-key" repos)) [
|
||||
++ lib.optionals (lib.any (ssh-key: ssh-key != "") (lib.rad-dev.mapGetAttr "ssh-key" repos)) [
|
||||
pkgs.openssh
|
||||
];
|
||||
|
||||
|
@ -1,10 +1,10 @@
|
||||
{ lib, config, ... }:
|
||||
let
|
||||
cfg = config.services.adev.k3s-net;
|
||||
cfg = config.services.rad-dev.k3s-net;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.adev.k3s-net = {
|
||||
services.rad-dev.k3s-net = {
|
||||
enable = lib.mkOption {
|
||||
default = false;
|
||||
example = true;
|
||||
|
@ -4,9 +4,8 @@
|
||||
console.keyMap = lib.mkDefault "us";
|
||||
|
||||
i18n = {
|
||||
defaultLocale = lib.mkDefault "en_US.UTF-8";
|
||||
defaultCharset = "UTF-8";
|
||||
#extraLocales = lib.mkDefault [ "en_US.UTF-8/UTF-8" ];
|
||||
defaultLocale = lib.mkDefault "en_US.utf8";
|
||||
supportedLocales = lib.mkDefault [ "en_US.UTF-8/UTF-8" ];
|
||||
extraLocaleSettings = lib.mkDefault {
|
||||
LC_ADDRESS = "en_US.UTF-8";
|
||||
LC_IDENTIFICATION = "en_US.UTF-8";
|
||||
|
@ -16,19 +16,4 @@
|
||||
persistent = true;
|
||||
flake = "git+ssh://nayeonie.com/ahuston-0/nix-dotfiles.git";
|
||||
};
|
||||
|
||||
services.nix-verify = {
|
||||
daily = {
|
||||
enable = true;
|
||||
verify-contents = false;
|
||||
verify-trust = false;
|
||||
};
|
||||
weekly = {
|
||||
enable = true;
|
||||
verify-contents = true;
|
||||
verify-trust = false;
|
||||
frequency = "1week";
|
||||
randomized-delay-sec = "6hour";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -1,11 +0,0 @@
|
||||
{
|
||||
...
|
||||
}:
|
||||
|
||||
{
|
||||
users.groups = {
|
||||
users = {
|
||||
gid = 100;
|
||||
};
|
||||
};
|
||||
}
|
@ -1,110 +0,0 @@
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
cfg = config.services.nix-verify;
|
||||
|
||||
verify-type =
|
||||
with lib.types;
|
||||
attrsOf (
|
||||
submodule (
|
||||
{ name, ... }:
|
||||
{
|
||||
options = {
|
||||
enable = lib.mkEnableOption "verify status of nix store";
|
||||
|
||||
service-name = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "the name of the systemd service. ${name} by default";
|
||||
default = name;
|
||||
};
|
||||
|
||||
verify-contents = lib.mkEnableOption "verify contents of nix store";
|
||||
|
||||
verify-trust = lib.mkEnableOption "verify if each path is trusted";
|
||||
|
||||
signatures-needed = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "number of signatures needed when verifying trust. Not needed if verify-trust is disabled or not set.";
|
||||
default = -1;
|
||||
};
|
||||
|
||||
frequency = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "systemd-timer compatible time between pulls";
|
||||
default = "1day";
|
||||
};
|
||||
|
||||
randomized-delay-sec = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "systemd-timer compatible time randomized delay";
|
||||
default = "0";
|
||||
};
|
||||
};
|
||||
}
|
||||
)
|
||||
);
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.nix-verify = lib.mkOption {
|
||||
type = verify-type;
|
||||
default = { };
|
||||
};
|
||||
};
|
||||
|
||||
config =
|
||||
let
|
||||
verifiers = lib.filterAttrs (_: { enable, ... }: enable) cfg;
|
||||
in
|
||||
{
|
||||
systemd.services = lib.mapAttrs' (
|
||||
_:
|
||||
{
|
||||
service-name,
|
||||
verify-contents,
|
||||
verify-trust,
|
||||
signatures-needed,
|
||||
...
|
||||
}:
|
||||
lib.nameValuePair "nix-verifiers@${service-name}" {
|
||||
requires = [ "multi-user.target" ];
|
||||
after = [ "multi-user.target" ];
|
||||
description =
|
||||
"Verify nix store (verify-contents: ${lib.boolToString verify-contents}, verify-trust: "
|
||||
+ "${lib.boolToString verify-trust}, signatures-needed: ${builtins.toString signatures-needed})";
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "root";
|
||||
ExecStart =
|
||||
"${config.nix.package}/bin/nix store verify --all "
|
||||
+ lib.optionalString (!verify-contents) "--no-contents "
|
||||
+ lib.optionalString (!verify-trust) "--no-trust "
|
||||
+ lib.optionalString (signatures-needed >= 0) "--sigs-needed ${signatures-needed}";
|
||||
};
|
||||
}
|
||||
) verifiers;
|
||||
|
||||
systemd.timers = lib.mapAttrs' (
|
||||
_:
|
||||
{
|
||||
service-name,
|
||||
frequency,
|
||||
randomized-delay-sec,
|
||||
...
|
||||
}:
|
||||
lib.nameValuePair "nix-verifiers@${service-name}" {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnBootSec = frequency;
|
||||
OnUnitActiveSec = frequency;
|
||||
RandomizedDelaySec = randomized-delay-sec;
|
||||
Unit = "nix-verifiers@${service-name}.service";
|
||||
};
|
||||
}
|
||||
) verifiers;
|
||||
};
|
||||
}
|
@ -5,11 +5,11 @@
|
||||
...
|
||||
}:
|
||||
let
|
||||
cfg = config.services.adev.yubikey;
|
||||
cfg = config.services.rad-dev.yubikey;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.adev.yubikey = {
|
||||
services.rad-dev.yubikey = {
|
||||
enable = lib.mkEnableOption "enable yubikey defaults";
|
||||
enable-desktop-app = lib.mkEnableOption "installs desktop application";
|
||||
};
|
||||
|
@ -38,7 +38,7 @@ forEachSystem (
|
||||
};
|
||||
|
||||
# constructs a custom shell with commonly used utilities
|
||||
adev = pkgs.mkShell {
|
||||
rad-dev = pkgs.mkShell {
|
||||
packages = with pkgs; [
|
||||
deadnix
|
||||
pre-commit
|
||||
@ -56,7 +56,7 @@ forEachSystem (
|
||||
default = pkgs.mkShell {
|
||||
inputsFrom = [
|
||||
pre-commit
|
||||
adev
|
||||
rad-dev
|
||||
sops
|
||||
];
|
||||
};
|
||||
|
@ -37,6 +37,11 @@
|
||||
default = true;
|
||||
};
|
||||
|
||||
i18n = {
|
||||
defaultLocale = "en_US.utf8";
|
||||
supportedLocales = [ "en_US.UTF-8/UTF-8" ];
|
||||
};
|
||||
|
||||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
|
||||
services = {
|
||||
@ -60,18 +65,17 @@
|
||||
|
||||
fwupd = {
|
||||
enable = true;
|
||||
# package =
|
||||
# (import (builtins.fetchTarball {
|
||||
# url = "https://github.com/NixOS/nixpkgs/archive/bb2009ca185d97813e75736c2b8d1d8bb81bde05.tar.gz";
|
||||
# sha256 = "sha256:003qcrsq5g5lggfrpq31gcvj82lb065xvr7bpfa8ddsw8x4dnysk";
|
||||
# }) { inherit (pkgs) system; }).fwupd;
|
||||
package =
|
||||
(import (builtins.fetchTarball {
|
||||
url = "https://github.com/NixOS/nixpkgs/archive/bb2009ca185d97813e75736c2b8d1d8bb81bde05.tar.gz";
|
||||
sha256 = "sha256:003qcrsq5g5lggfrpq31gcvj82lb065xvr7bpfa8ddsw8x4dnysk";
|
||||
}) { inherit (pkgs) system; }).fwupd;
|
||||
};
|
||||
mullvad-vpn.enable = true;
|
||||
|
||||
fprintd.enable = lib.mkForce false;
|
||||
openssh.enable = lib.mkForce false;
|
||||
|
||||
adev.yubikey = {
|
||||
rad-dev.yubikey = {
|
||||
enable = true;
|
||||
enable-desktop-app = true;
|
||||
};
|
||||
|
@ -32,9 +32,22 @@
|
||||
environment.sessionVariables.NIXOS_OZONE_WL = "1";
|
||||
|
||||
services = {
|
||||
displayManager.gdm = {
|
||||
xserver = {
|
||||
enable = true;
|
||||
wayland = true;
|
||||
displayManager.session = [
|
||||
{
|
||||
manage = "desktop";
|
||||
name = "hyprland";
|
||||
start = ''
|
||||
bash ${./hypr/wrappedhl} &
|
||||
waitPID=$!
|
||||
'';
|
||||
}
|
||||
];
|
||||
displayManager.gdm = {
|
||||
enable = true;
|
||||
wayland = true;
|
||||
};
|
||||
};
|
||||
|
||||
dbus = {
|
||||
@ -45,6 +58,9 @@
|
||||
|
||||
powerManagement = {
|
||||
enable = true;
|
||||
resumeCommands = ''
|
||||
${pkgs.hyprlock}/bin/hyprlock -c /home/alice/.config/hypr/hyprlock.conf
|
||||
'';
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
@ -1,19 +0,0 @@
|
||||
{ ... }:
|
||||
{
|
||||
networking.nameservers = [
|
||||
"9.9.9.9"
|
||||
"1.1.1.1"
|
||||
"192.168.76.1"
|
||||
];
|
||||
|
||||
services.resolved = {
|
||||
enable = true;
|
||||
dnssec = "false";
|
||||
domains = [ "~." ];
|
||||
fallbackDns = [
|
||||
"1.1.1.1#one.one.one.one"
|
||||
"1.0.0.1#one.one.one.one"
|
||||
];
|
||||
dnsovertls = "true";
|
||||
};
|
||||
}
|
@ -100,6 +100,8 @@
|
||||
unipicker
|
||||
unzip
|
||||
uutils-coreutils-noprefix
|
||||
ventoy
|
||||
vesktop
|
||||
vscode
|
||||
watchman
|
||||
wget
|
||||
|
@ -10,9 +10,13 @@ example_booleans:
|
||||
- ENC[AES256_GCM,data:6SJ0JKI=,iv:J0qSvWoOcDwSXCKyau+a0YcCGuH5WABHVh6Kdigac20=,tag:WQdNfjcubbzoHnQW4gua8g==,type:bool]
|
||||
apps:
|
||||
spotify: ENC[AES256_GCM,data:tIABPphA7Vr6VNvJpWTS9kDmidU=,iv:ciQzr8jyIcHYi797NKypPs7FhDgK5ToVZ0eZHHF8UtE=,tag:wUTL/x1p24cXyPUAL1dPfg==,type:str]
|
||||
wifi-env: ENC[AES256_GCM,data:2BM4wQq+RfASkg9lcH+fW7eD0VaPJMXABp3z0sYXqZbVzv9R9eAxSokxzcifT/1JK8PBwvZkWtEFrKAT3phXIZzoEySnGKGYazz8fqWWWhMJotLNNo5VkX70hLppgE9vYxf9vQSq0PLWYCN0jUO0H9mHjOT6mDzKUHegcC53jzkNY3WTfLkyzDWJVMP9IbVQ22N5QlJbzZNqrNTaOtcRm06PBz7pNuEKOy4jj5ipZOh6ceR81Xy6BXM7MzFN27lYbzfVvcDmlwqPORAmr7/00QBy2cp38rTswJEzYf1x2Q==,iv:DSTVPw9qtmo02/usZZDpHsYlX3sSW+2XrnawtBkRNmQ=,tag:3p3eW+3BEQrOmHlBNUEOaA==,type:str]
|
||||
wifi-env: ENC[AES256_GCM,data:G+z+fURk4rT61I5BiFzEJJt35jywPNrGpn1QGNhjvxrqPQ/Sq/hIHmQo+bqe9yJeDgMX3RY4EaiZxFTJyxPfW1czjuMSj3vbTp0WcDmGvUJ7li2pX2pzolgly4qmgoOluGBeRZWVLLOZYFB2+kLRMJNNz/bP5k2Eq6O4+l4sljPM+abn9iz9Eh46rVOVRkmDzCltJrYiuBSiSPhTDRTP2+gUbgbaUJTkVrVLUBHg3QU6az6VPN8DPZxbx4LtdaIb93pI,iv:uUfJK/iPdyLP7LqZJolTGGTxaEzlJI59bUVNcB1etkU=,tag:tvXSXSW1MIhLJceEK1afuw==,type:str]
|
||||
#ENC[AES256_GCM,data:G9ggYJ3YA+E=,iv:nZ5NgeyNKFXFIpquoY68Z2Jz9QROqvf5tv7/s1wSgKk=,tag:QAX555IsAMaWAlz9ywSzjQ==,type:comment]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1jd2dcpykagz20kpk2kkchte3augqncwfn6nywursx0dkfyze6feqdzxkq2
|
||||
enc: |
|
||||
@ -23,8 +27,8 @@ sops:
|
||||
d09aSXN0ZUh3VC9XeTZ4UWoxVDNVN0UKF1eU/IQJgJ8Fg+MrfqQuEZZ775hvtUJR
|
||||
D/ZS4vj+sDLWq6gy2lIBhRSIAHWrz5gHxvOOGmRnpvkqh9TS6XjLIA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-05-15T15:37:51Z"
|
||||
mac: ENC[AES256_GCM,data:qJ8NdnzVrgQb0rGwjZFHrS+eJrUjQEk4M4uo5bnk4eY7aKaHejARcYOIhp0H/DMdlix+Dm3DAAeeRWn8AKCatXaSzYD/VHHbjfp0lKBCsC8CZFeCELQ5GGEHnVot3WGb4J+QdfupwdduExSSMd6XeZGFVbSGhLzRbiiWA+i8I3o=,iv:oxWiDCH60apKT0/fJbWp1cIZ9cvd6mJKlP3xAjMBXIo=,tag:0We6eCJnsncujCt+CwK9UQ==,type:str]
|
||||
lastmodified: "2024-11-28T18:57:09Z"
|
||||
mac: ENC[AES256_GCM,data:hKhAo7rDplLm19PlrKHQwxnDVXCMU/xpAxPALLDBa0M3yypy2QVD6c6Atn897tYRKf7oeLaUKqnUYdCcZ9gVgm37LS+GtRhf66zfvcKqhZF8wh3M0zTDPYpQDhex0N4BAJ/dcaYIbxqE9pEUxJOI5jip/hptaCJItTEe7oARcF4=,iv:EUayxLaOPcnWX+S9+RlHrxzJRLlSSLIwqbAq3fFI4yg=,tag:LiBsqIodTWamO+c8FqGBag==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-11-28T18:57:09Z"
|
||||
enc: |-
|
||||
@ -39,4 +43,4 @@ sops:
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 5EFFB75F7C9B74EAA5C4637547940175096C1330
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.10.2
|
||||
version: 3.9.1
|
||||
|
@ -1,13 +1,9 @@
|
||||
{ config, lib, ... }:
|
||||
{ config, ... }:
|
||||
let
|
||||
always = 100;
|
||||
home = 99;
|
||||
public_wifi = false;
|
||||
in
|
||||
{
|
||||
imports = lib.optionals (!public_wifi) [
|
||||
./private-wifi.nix
|
||||
];
|
||||
networking.wireless = {
|
||||
enable = true;
|
||||
secretsFile = config.sops.secrets."wifi-env".path;
|
||||
@ -28,19 +24,29 @@ in
|
||||
"24HuFios".pskRaw = "ext:PASS_longboat_home";
|
||||
"Verizon_ZLHQ3H".pskRaw = "ext:PASS_angie";
|
||||
"Fios-Qn3RB".pskRaw = "ext:PASS_parkridge";
|
||||
"Mojo Dojo Casa House".pskRaw = "ext:PASS_Carly";
|
||||
|
||||
# Public wifi connections
|
||||
# set public_wifi on line 5 to true if connecting to one of these
|
||||
#"optimumwifi" = { };
|
||||
#"CableWiFi" = { };
|
||||
#"Hilton Honors" = { };
|
||||
|
||||
# Work wifi
|
||||
"optimumwifi" = { };
|
||||
"CableWiFi" = { };
|
||||
"JPMCVisitor" = { };
|
||||
};
|
||||
};
|
||||
|
||||
networking.nameservers = [
|
||||
"9.9.9.9"
|
||||
"1.1.1.1"
|
||||
"192.168.76.1"
|
||||
];
|
||||
|
||||
services.resolved = {
|
||||
enable = true;
|
||||
dnssec = "true";
|
||||
domains = [ "~." ];
|
||||
fallbackDns = [
|
||||
"1.1.1.1#one.one.one.one"
|
||||
"1.0.0.1#one.one.one.one"
|
||||
];
|
||||
dnsovertls = "true";
|
||||
};
|
||||
|
||||
sops = {
|
||||
defaultSopsFile = ./secrets.yaml;
|
||||
secrets = {
|
||||
|
@ -10,10 +10,6 @@
|
||||
attic-client
|
||||
];
|
||||
|
||||
systemd.services.atticd.environment = {
|
||||
RUST_LOG = "INFO";
|
||||
};
|
||||
|
||||
services = {
|
||||
atticd = {
|
||||
enable = true;
|
||||
@ -38,9 +34,6 @@
|
||||
bucket = "cache-nix-dot";
|
||||
endpoint = "https://minio.nayeonie.com";
|
||||
};
|
||||
garbage-collection = {
|
||||
interval = "5 minutes";
|
||||
};
|
||||
|
||||
# Warning: If you change any of the values here, it will be
|
||||
# difficult to reuse existing chunks for newly-uploaded NARs
|
||||
@ -69,58 +62,58 @@
|
||||
|
||||
# borrowing from https://github.com/Shawn8901/nix-configuration/blob/4b8d1d44f47aec60feb58ca7b7ab5ed000506e90/modules/nixos/private/hydra.nix
|
||||
# configured default webstore for this on root user separately
|
||||
systemd = {
|
||||
services = {
|
||||
attic-watch-store = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [
|
||||
"network-online.target"
|
||||
"docker.service"
|
||||
"atticd.service"
|
||||
];
|
||||
requires = [
|
||||
"network-online.target"
|
||||
"docker.service"
|
||||
"atticd.service"
|
||||
];
|
||||
description = "Upload all store content to binary cache";
|
||||
serviceConfig = {
|
||||
User = "root";
|
||||
Restart = "always";
|
||||
ExecStart = "${pkgs.attic-client}/bin/attic watch-store nix-cache";
|
||||
};
|
||||
};
|
||||
attic-sync-hydra = {
|
||||
after = [
|
||||
"network-online.target"
|
||||
"docker.service"
|
||||
"atticd.service"
|
||||
];
|
||||
requires = [
|
||||
"network-online.target"
|
||||
"docker.service"
|
||||
"atticd.service"
|
||||
];
|
||||
description = "Force resync of hydra derivations with attic";
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "root";
|
||||
ExecStart = "${config.nix.package}/bin/nix ${./sync-attic.bash}";
|
||||
};
|
||||
};
|
||||
};
|
||||
# systemd = {
|
||||
# services = {
|
||||
# attic-watch-store = {
|
||||
# wantedBy = [ "multi-user.target" ];
|
||||
# after = [
|
||||
# "network-online.target"
|
||||
# "docker.service"
|
||||
# "atticd.service"
|
||||
# ];
|
||||
# requires = [
|
||||
# "network-online.target"
|
||||
# "docker.service"
|
||||
# "atticd.service"
|
||||
# ];
|
||||
# description = "Upload all store content to binary cache";
|
||||
# serviceConfig = {
|
||||
# User = "root";
|
||||
# Restart = "always";
|
||||
# ExecStart = "${pkgs.attic-client}/bin/attic watch-store cache-nix-dot";
|
||||
# };
|
||||
# };
|
||||
# attic-sync-hydra = {
|
||||
# after = [
|
||||
# "network-online.target"
|
||||
# "docker.service"
|
||||
# "atticd.service"
|
||||
# ];
|
||||
# requires = [
|
||||
# "network-online.target"
|
||||
# "docker.service"
|
||||
# "atticd.service"
|
||||
# ];
|
||||
# description = "Force resync of hydra derivations with attic";
|
||||
# serviceConfig = {
|
||||
# Type = "oneshot";
|
||||
# User = "root";
|
||||
# ExecStart = "${config.nix.package}/bin/nix ${./sync-attic.bash}";
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
|
||||
timers = {
|
||||
attic-sync-hydra = {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnBootSec = 600;
|
||||
OnUnitActiveSec = 86400;
|
||||
Unit = "attic-sync-hydra.service";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
# timers = {
|
||||
# attic-sync-hydra = {
|
||||
# wantedBy = [ "timers.target" ];
|
||||
# timerConfig = {
|
||||
# OnBootSec = 600;
|
||||
# OnUnitActiveSec = 86400;
|
||||
# Unit = "attic-sync-hydra.service";
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
|
||||
sops = {
|
||||
secrets = {
|
||||
|
@ -6,5 +6,5 @@ sync_directories=(
|
||||
)
|
||||
|
||||
for dir in "${sync_directories[@]}"; do
|
||||
find "$dir" -regex ".*\.drv$" -exec attic push nix-cache '{}' \;
|
||||
find "$dir" -regex ".*\.drv$" -exec attic push cache-nix-dot '{}' \;
|
||||
done
|
||||
|
@ -17,9 +17,8 @@
|
||||
./minio.nix
|
||||
./networking.nix
|
||||
./nextcloud.nix
|
||||
#./plex
|
||||
./postgresql.nix
|
||||
./samba.nix
|
||||
./postgresql.nix
|
||||
./zfs.nix
|
||||
];
|
||||
|
||||
@ -58,37 +57,16 @@
|
||||
};
|
||||
};
|
||||
|
||||
environment = {
|
||||
systemPackages = with pkgs; [
|
||||
chromedriver
|
||||
chromium
|
||||
docker-compose
|
||||
filebot
|
||||
intel-gpu-tools
|
||||
jellyfin-ffmpeg
|
||||
jq
|
||||
yt-dlp
|
||||
yq
|
||||
];
|
||||
etc = {
|
||||
# Creates /etc/lynis/custom.prf
|
||||
"lynis/custom.prf" = {
|
||||
text = ''
|
||||
skip-test=BANN-7126
|
||||
skip-test=BANN-7130
|
||||
skip-test=DEB-0520
|
||||
skip-test=DEB-0810
|
||||
skip-test=FIRE-4513
|
||||
skip-test=HRDN-7222
|
||||
skip-test=KRNL-5820
|
||||
skip-test=LOGG-2190
|
||||
skip-test=LYNIS
|
||||
skip-test=TOOL-5002
|
||||
'';
|
||||
mode = "0440";
|
||||
};
|
||||
};
|
||||
};
|
||||
environment.systemPackages = with pkgs; [
|
||||
chromedriver
|
||||
chromium
|
||||
docker-compose
|
||||
intel-gpu-tools
|
||||
jellyfin-ffmpeg
|
||||
jq
|
||||
yt-dlp
|
||||
yq
|
||||
];
|
||||
|
||||
services = {
|
||||
samba.enable = true;
|
||||
|
@ -3,8 +3,5 @@
|
||||
users = [ "alice" ];
|
||||
modules = [
|
||||
# inputs.attic.nixosModules.atticd
|
||||
inputs.nixos-hardware.nixosModules.common-cpu-amd
|
||||
inputs.nixos-hardware.nixosModules.common-cpu-amd-pstate
|
||||
inputs.nixos-hardware.nixosModules.supermicro
|
||||
];
|
||||
}
|
||||
|
@ -6,13 +6,11 @@
|
||||
let
|
||||
vars = import ../vars.nix;
|
||||
act_path = vars.primary_act;
|
||||
act_config_path = ./act_config.yaml;
|
||||
in
|
||||
{
|
||||
virtualisation.oci-containers.containers = {
|
||||
act-stable-latest-main = {
|
||||
image = "gitea/act_runner:latest";
|
||||
pull = "always";
|
||||
extraOptions = [
|
||||
"--stop-signal=SIGINT"
|
||||
];
|
||||
@ -22,9 +20,10 @@ in
|
||||
};
|
||||
ports = [ "8088:8088" ];
|
||||
volumes = [
|
||||
"${act_config_path}:/config.yaml"
|
||||
"${act_path}/stable-latest-main/config.yaml:/config.yaml"
|
||||
"${act_path}/stable-latest-main/data:/data"
|
||||
"/var/run/docker.sock:/var/run/docker.sock"
|
||||
"/nix:/nix"
|
||||
];
|
||||
environment = {
|
||||
CONFIG_FILE = "/config.yaml";
|
||||
@ -36,7 +35,6 @@ in
|
||||
|
||||
act-stable-latest-1 = {
|
||||
image = "gitea/act_runner:latest";
|
||||
pull = "always";
|
||||
extraOptions = [
|
||||
"--stop-signal=SIGINT"
|
||||
];
|
||||
@ -45,9 +43,10 @@ in
|
||||
"com.centurylinklabs.watchtower.scope" = "act-runner";
|
||||
};
|
||||
volumes = [
|
||||
"${./act_config.yaml}:/config.yaml"
|
||||
"${act_path}/stable-latest-1/config.yaml:/config.yaml"
|
||||
"${act_path}/stable-latest-1/data:/data"
|
||||
"/var/run/docker.sock:/var/run/docker.sock"
|
||||
"/nix:/nix"
|
||||
];
|
||||
environment = {
|
||||
CONFIG_FILE = "/config.yaml";
|
||||
@ -59,7 +58,6 @@ in
|
||||
|
||||
act-stable-latest-2 = {
|
||||
image = "gitea/act_runner:latest";
|
||||
pull = "always";
|
||||
extraOptions = [
|
||||
"--stop-signal=SIGINT"
|
||||
];
|
||||
@ -68,9 +66,10 @@ in
|
||||
"com.centurylinklabs.watchtower.scope" = "act-runner";
|
||||
};
|
||||
volumes = [
|
||||
"${act_config_path}:/config.yaml"
|
||||
"${act_path}/stable-latest-2/config.yaml:/config.yaml"
|
||||
"${act_path}/stable-latest-2/data:/data"
|
||||
"/var/run/docker.sock:/var/run/docker.sock"
|
||||
"/nix:/nix"
|
||||
];
|
||||
environment = {
|
||||
CONFIG_FILE = "/config.yaml";
|
||||
@ -79,6 +78,75 @@ in
|
||||
environmentFiles = [ config.sops.secrets."docker/act-runner".path ];
|
||||
log-driver = "local";
|
||||
};
|
||||
|
||||
act-stable-latest-3 = {
|
||||
image = "gitea/act_runner:latest";
|
||||
extraOptions = [
|
||||
"--stop-signal=SIGINT"
|
||||
];
|
||||
labels = {
|
||||
"com.centurylinklabs.watchtower.enable" = "true";
|
||||
"com.centurylinklabs.watchtower.scope" = "act-runner";
|
||||
};
|
||||
volumes = [
|
||||
"${act_path}/stable-latest-3/config.yaml:/config.yaml"
|
||||
"${act_path}/stable-latest-3/data:/data"
|
||||
"/var/run/docker.sock:/var/run/docker.sock"
|
||||
"/nix:/nix"
|
||||
];
|
||||
environment = {
|
||||
CONFIG_FILE = "/config.yaml";
|
||||
GITEA_RUNNER_NAME = "stable-latest-3";
|
||||
};
|
||||
environmentFiles = [ config.sops.secrets."docker/act-runner".path ];
|
||||
log-driver = "local";
|
||||
};
|
||||
|
||||
act-stable-latest-4 = {
|
||||
image = "gitea/act_runner:latest";
|
||||
extraOptions = [
|
||||
"--stop-signal=SIGINT"
|
||||
];
|
||||
labels = {
|
||||
"com.centurylinklabs.watchtower.enable" = "true";
|
||||
"com.centurylinklabs.watchtower.scope" = "act-runner";
|
||||
};
|
||||
volumes = [
|
||||
"${act_path}/stable-latest-4/config.yaml:/config.yaml"
|
||||
"${act_path}/stable-latest-4/data:/data"
|
||||
"/var/run/docker.sock:/var/run/docker.sock"
|
||||
"/nix:/nix"
|
||||
];
|
||||
environment = {
|
||||
CONFIG_FILE = "/config.yaml";
|
||||
GITEA_RUNNER_NAME = "stable-latest-4";
|
||||
};
|
||||
environmentFiles = [ config.sops.secrets."docker/act-runner".path ];
|
||||
log-driver = "local";
|
||||
};
|
||||
|
||||
act-stable-latest-5 = {
|
||||
image = "gitea/act_runner:latest";
|
||||
extraOptions = [
|
||||
"--stop-signal=SIGINT"
|
||||
];
|
||||
labels = {
|
||||
"com.centurylinklabs.watchtower.enable" = "true";
|
||||
"com.centurylinklabs.watchtower.scope" = "act-runner";
|
||||
};
|
||||
volumes = [
|
||||
"${act_path}/stable-latest-5/config.yaml:/config.yaml"
|
||||
"${act_path}/stable-latest-5/data:/data"
|
||||
"/var/run/docker.sock:/var/run/docker.sock"
|
||||
"/nix:/nix"
|
||||
];
|
||||
environment = {
|
||||
CONFIG_FILE = "/config.yaml";
|
||||
GITEA_RUNNER_NAME = "stable-latest-5";
|
||||
};
|
||||
environmentFiles = [ config.sops.secrets."docker/act-runner".path ];
|
||||
log-driver = "local";
|
||||
};
|
||||
};
|
||||
|
||||
systemd = {
|
||||
@ -106,9 +174,7 @@ in
|
||||
"docker/act-runner" = {
|
||||
owner = "root";
|
||||
restartUnits = [
|
||||
"docker-act-stable-latest-main.service"
|
||||
"docker-act-stable-latest-1.service"
|
||||
"docker-act-stable-latest-2.service"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
@ -1,95 +0,0 @@
|
||||
# Example configuration file, it's safe to copy this as the default config file without any modification.
|
||||
# You don't have to copy this file to your instance,
|
||||
# just run `./act_runner generate-config > config.yaml` to generate a config file.
|
||||
log:
|
||||
# The level of logging, can be trace, debug, info, warn, error, fatal
|
||||
level: debug
|
||||
runner:
|
||||
# Where to store the registration result.
|
||||
file: .runner
|
||||
# Execute how many tasks concurrently at the same time.
|
||||
capacity: 1
|
||||
# Extra environment variables to run jobs.
|
||||
envs:
|
||||
A_TEST_ENV_NAME_1: a_test_env_value_1
|
||||
A_TEST_ENV_NAME_2: a_test_env_value_2
|
||||
# Extra environment variables to run jobs from a file.
|
||||
# It will be ignored if it's empty or the file doesn't exist.
|
||||
env_file: .env
|
||||
# The timeout for a job to be finished.
|
||||
# Please note that the Gitea instance also has a timeout (3h by default) for the job.
|
||||
# So the job could be stopped by the Gitea instance if it's timeout is shorter than this.
|
||||
timeout: 3h
|
||||
# The timeout for the runner to wait for running jobs to finish when shutting down.
|
||||
# Any running jobs that haven't finished after this timeout will be cancelled.
|
||||
shutdown_timeout: 30m
|
||||
# Whether skip verifying the TLS certificate of the Gitea instance.
|
||||
insecure: false
|
||||
# The timeout for fetching the job from the Gitea instance.
|
||||
fetch_timeout: 5s
|
||||
# The interval for fetching the job from the Gitea instance.
|
||||
fetch_interval: 2s
|
||||
# The labels of a runner are used to determine which jobs the runner can run, and how to run them.
|
||||
# Like: "macos-arm64:host" or "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest"
|
||||
# Find more images provided by Gitea at https://gitea.com/gitea/runner-images .
|
||||
# If it's empty when registering, it will ask for inputting labels.
|
||||
# If it's empty when execute `daemon`, will use labels in `.runner` file.
|
||||
labels:
|
||||
- "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest"
|
||||
- "ubuntu-22.04:docker://gitea/runner-images:ubuntu-22.04"
|
||||
- "ubuntu-20.04:docker://gitea/runner-images:ubuntu-20.04"
|
||||
#cache:
|
||||
# Enable cache server to use actions/cache.
|
||||
#enabled: true
|
||||
# The directory to store the cache data.
|
||||
# If it's empty, the cache data will be stored in $HOME/.cache/actcache.
|
||||
#dir: ""
|
||||
# The host of the cache server.
|
||||
# It's not for the address to listen, but the address to connect from job containers.
|
||||
# So 0.0.0.0 is a bad choice, leave it empty to detect automatically.
|
||||
#host: ""
|
||||
# The port of the cache server.
|
||||
# 0 means to use a random available port.
|
||||
#port: 0
|
||||
# The external cache server URL. Valid only when enable is true.
|
||||
# If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself.
|
||||
# The URL should generally end with "/".
|
||||
#external_server: ""
|
||||
container:
|
||||
# Specifies the network to which the container will connect.
|
||||
# Could be host, bridge or the name of a custom network.
|
||||
# If it's empty, act_runner will create a network automatically.
|
||||
network: ""
|
||||
# Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker).
|
||||
privileged: false
|
||||
# And other options to be used when the container is started (eg, --add-host=my.gitea.url:host-gateway).
|
||||
options:
|
||||
# The parent directory of a job's working directory.
|
||||
# NOTE: There is no need to add the first '/' of the path as act_runner will add it automatically.
|
||||
# If the path starts with '/', the '/' will be trimmed.
|
||||
# For example, if the parent directory is /path/to/my/dir, workdir_parent should be path/to/my/dir
|
||||
# If it's empty, /workspace will be used.
|
||||
workdir_parent:
|
||||
# Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob
|
||||
# You can specify multiple volumes. If the sequence is empty, no volumes can be mounted.
|
||||
# For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to:
|
||||
# valid_volumes:
|
||||
# - data
|
||||
# - /src/*.json
|
||||
# If you want to allow any volume, please use the following configuration:
|
||||
# valid_volumes:
|
||||
# - '**'
|
||||
valid_volumes: []
|
||||
# overrides the docker client host with the specified one.
|
||||
# If it's empty, act_runner will find an available docker host automatically.
|
||||
# If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers.
|
||||
# If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work.
|
||||
docker_host: ""
|
||||
# Pull docker image(s) even if already present
|
||||
force_pull: true
|
||||
# Rebuild docker image(s) even if already present
|
||||
force_rebuild: false
|
||||
host:
|
||||
# The parent directory of a job's working directory.
|
||||
# If it's empty, $HOME/.cache/act/ will be used.
|
||||
workdir_parent:
|
@ -122,7 +122,7 @@ let
|
||||
cmd = lib.splitString " " "--concurrent 6 AmAnd0";
|
||||
|
||||
};
|
||||
inherit (lib.adev.container-utils) createTemplatedContainers;
|
||||
inherit (lib.rad-dev.container-utils) createTemplatedContainers;
|
||||
|
||||
vars = import ../vars.nix;
|
||||
at_path = vars.primary_archiveteam;
|
||||
|
@ -1,124 +0,0 @@
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
vars = import ../vars.nix;
|
||||
in
|
||||
{
|
||||
virtualisation.oci-containers.containers = {
|
||||
bazarr = {
|
||||
image = "ghcr.io/linuxserver/bazarr:latest";
|
||||
ports = [ "6767:6767" ];
|
||||
environment = {
|
||||
PUID = "600";
|
||||
PGID = "100";
|
||||
TZ = "America/New_York";
|
||||
};
|
||||
volumes = [
|
||||
"${vars.primary_docker}/bazarr:/config"
|
||||
"${vars.primary_plex_storage}/data:/data"
|
||||
];
|
||||
autoStart = true;
|
||||
};
|
||||
prowlarr = {
|
||||
image = "ghcr.io/linuxserver/prowlarr:latest";
|
||||
ports = [ "9696:9696" ];
|
||||
environment = {
|
||||
PUID = "600";
|
||||
PGID = "100";
|
||||
TZ = "America/New_York";
|
||||
};
|
||||
volumes = [ "${vars.primary_docker}/prowlarr:/config" ];
|
||||
autoStart = true;
|
||||
};
|
||||
radarr = {
|
||||
image = "ghcr.io/linuxserver/radarr:latest";
|
||||
ports = [ "7878:7878" ];
|
||||
environment = {
|
||||
PUID = "600";
|
||||
PGID = "100";
|
||||
TZ = "America/New_York";
|
||||
};
|
||||
volumes = [
|
||||
"${vars.primary_docker}/radarr:/config"
|
||||
"${vars.primary_plex_storage}/data:/data"
|
||||
];
|
||||
autoStart = true;
|
||||
};
|
||||
sonarr = {
|
||||
image = "ghcr.io/linuxserver/sonarr:latest";
|
||||
ports = [ "8989:8989" ];
|
||||
environment = {
|
||||
PUID = "600";
|
||||
PGID = "100";
|
||||
TZ = "America/New_York";
|
||||
};
|
||||
volumes = [
|
||||
"${vars.primary_docker}/sonarr:/config"
|
||||
"${vars.primary_plex_storage}/data:/data"
|
||||
];
|
||||
autoStart = true;
|
||||
};
|
||||
lidarr = {
|
||||
image = "ghcr.io/linuxserver/lidarr:latest";
|
||||
ports = [ "8686:8686" ];
|
||||
environment = {
|
||||
PUID = "600";
|
||||
PGID = "100";
|
||||
TZ = "America/New_York";
|
||||
};
|
||||
volumes = [
|
||||
"${vars.primary_docker}/lidarr:/config"
|
||||
"${vars.primary_plex_storage}/data:/data"
|
||||
];
|
||||
autoStart = true;
|
||||
};
|
||||
readarr = {
|
||||
image = "ghcr.io/linuxserver/readarr:latest";
|
||||
ports = [ "8787:8787" ];
|
||||
environment = {
|
||||
PUID = "600";
|
||||
PGID = "100";
|
||||
TZ = "America/New_York";
|
||||
};
|
||||
volumes = [
|
||||
"${vars.primary_docker}/readarr:/config"
|
||||
"${vars.primary_plex_storage}/data:/data"
|
||||
];
|
||||
autoStart = true;
|
||||
};
|
||||
unpackerr = {
|
||||
image = "golift/unpackerr:latest";
|
||||
user = "600:100";
|
||||
environment = {
|
||||
TZ = "America/New_York";
|
||||
};
|
||||
volumes = [
|
||||
"${vars.primary_docker}/unpackerr:/config"
|
||||
"${vars.primary_plex_storage}:/data"
|
||||
];
|
||||
autoStart = true;
|
||||
};
|
||||
|
||||
overseerr = {
|
||||
image = "lscr.io/linuxserver/overseerr";
|
||||
environment = {
|
||||
PUID = "600";
|
||||
PGID = "100";
|
||||
TZ = "America/New_York";
|
||||
};
|
||||
volumes = [ "${vars.primary_docker}/overseerr:/config" ];
|
||||
# TODO: remove ports later since this is going through web
|
||||
ports = [ "5055:5055" ]; # Web UI port
|
||||
dependsOn = [
|
||||
"radarr"
|
||||
"sonarr"
|
||||
];
|
||||
extraOptions = [ "--network=haproxy-net" ];
|
||||
autoStart = true;
|
||||
};
|
||||
};
|
||||
}
|
@ -8,7 +8,6 @@
|
||||
{
|
||||
imports = [
|
||||
./act-runner.nix
|
||||
./arr.nix
|
||||
# temp disable archiveteam for tiktok archiving
|
||||
#./archiveteam.nix
|
||||
# ./books.nix
|
||||
|
@ -8,7 +8,6 @@ in
|
||||
virtualisation.oci-containers.containers = {
|
||||
glances = {
|
||||
image = "nicolargo/glances:latest-full";
|
||||
pull = "always";
|
||||
extraOptions = [
|
||||
"--pid=host"
|
||||
"--network=haproxy-net"
|
||||
|
@ -9,37 +9,36 @@ let
|
||||
divinejourney = "dj.alicehuston.xyz";
|
||||
rlcraft = "rlcraft.alicehuston.xyz";
|
||||
arcanum-institute = "arcanum.alicehuston.xyz";
|
||||
# bcg-plus = "bcg.alicehuston.xyz";
|
||||
bcg-plus = "bcg.alicehuston.xyz";
|
||||
};
|
||||
|
||||
defaultServer = "rlcraft";
|
||||
|
||||
# defaultEnv = {
|
||||
# EULA = "true";
|
||||
# TYPE = "AUTO_CURSEFORGE";
|
||||
# STOP_SERVER_ANNOUNCE_DELAY = "120";
|
||||
# STOP_DURATION = "600";
|
||||
# SYNC_CHUNK_WRITES = "false";
|
||||
# USE_AIKAR_FLAGS = "true";
|
||||
# MEMORY = "8GB";
|
||||
# ALLOW_FLIGHT = "true";
|
||||
# MAX_TICK_TIME = "-1";
|
||||
# };
|
||||
defaultEnv = {
|
||||
EULA = "true";
|
||||
TYPE = "AUTO_CURSEFORGE";
|
||||
STOP_SERVER_ANNOUNCE_DELAY = "120";
|
||||
STOP_DURATION = "600";
|
||||
SYNC_CHUNK_WRITES = "false";
|
||||
USE_AIKAR_FLAGS = "true";
|
||||
MEMORY = "8GB";
|
||||
ALLOW_FLIGHT = "true";
|
||||
MAX_TICK_TIME = "-1";
|
||||
};
|
||||
|
||||
# defaultOptions = [
|
||||
# "--stop-signal=SIGTERM"
|
||||
# "--stop-timeout=1800"
|
||||
# "--network=minecraft-net"
|
||||
# ];
|
||||
defaultOptions = [
|
||||
"--stop-signal=SIGTERM"
|
||||
"--stop-timeout=1800"
|
||||
"--network=minecraft-net"
|
||||
];
|
||||
|
||||
# vars = import ../vars.nix;
|
||||
# minecraft_path = "${vars.primary_games}/minecraft";
|
||||
vars = import ../vars.nix;
|
||||
minecraft_path = "${vars.primary_games}/minecraft";
|
||||
in
|
||||
{
|
||||
virtualisation.oci-containers.containers = {
|
||||
mc-router = {
|
||||
image = "itzg/mc-router:latest";
|
||||
pull = "always";
|
||||
extraOptions = [
|
||||
"--network=haproxy-net"
|
||||
"--network=minecraft-net"
|
||||
@ -47,7 +46,7 @@ in
|
||||
cmd = [
|
||||
(
|
||||
"--mapping=mc.alicehuston.xyz=${defaultServer}:25565"
|
||||
+ (lib.adev.mapAttrsToString (hostname: url: "," + url + "=" + hostname + ":25565") servers)
|
||||
+ (lib.rad-dev.mapAttrsToString (hostname: url: "," + url + "=" + hostname + ":25565") servers)
|
||||
)
|
||||
];
|
||||
};
|
||||
@ -68,24 +67,24 @@ in
|
||||
# log-driver = "local";
|
||||
# environmentFiles = [ config.sops.secrets."docker/minecraft".path ];
|
||||
# };
|
||||
# bcg-plus = {
|
||||
# image = "itzg/minecraft-server:java17";
|
||||
# volumes = [
|
||||
# "${minecraft_path}/bcg-plus/modpacks:/modpacks:ro"
|
||||
# "${minecraft_path}/bcg-plus/data:/data"
|
||||
# ];
|
||||
# hostname = "bcg-plus";
|
||||
# environment = defaultEnv // {
|
||||
# VERSION = "1.17";
|
||||
# CF_SLUG = "bcg";
|
||||
# DIFFICULTY = "normal";
|
||||
# DEBUG = "true";
|
||||
# # ENABLE_COMMAND_BLOCK = "true";
|
||||
# };
|
||||
# extraOptions = defaultOptions;
|
||||
# log-driver = "local";
|
||||
# environmentFiles = [ config.sops.secrets."docker/minecraft".path ];
|
||||
# };
|
||||
bcg-plus = {
|
||||
image = "itzg/minecraft-server:java17";
|
||||
volumes = [
|
||||
"${minecraft_path}/bcg-plus/modpacks:/modpacks:ro"
|
||||
"${minecraft_path}/bcg-plus/data:/data"
|
||||
];
|
||||
hostname = "bcg-plus";
|
||||
environment = defaultEnv // {
|
||||
VERSION = "1.17";
|
||||
CF_SLUG = "bcg";
|
||||
DIFFICULTY = "normal";
|
||||
DEBUG = "true";
|
||||
# ENABLE_COMMAND_BLOCK = "true";
|
||||
};
|
||||
extraOptions = defaultOptions;
|
||||
log-driver = "local";
|
||||
environmentFiles = [ config.sops.secrets."docker/minecraft".path ];
|
||||
};
|
||||
};
|
||||
|
||||
sops = {
|
||||
|
@ -9,7 +9,6 @@ let
|
||||
nextcloud-base = {
|
||||
# image comes from running docker compose build in nextcloud-docker/.examples/full/apache
|
||||
image = "nextcloud-nextcloud";
|
||||
pull = "always";
|
||||
hostname = "nextcloud";
|
||||
volumes = [
|
||||
"${nextcloud_path}/nc_data:/var/www/html:z"
|
||||
@ -33,7 +32,6 @@ in
|
||||
};
|
||||
redis = {
|
||||
image = "redis:latest";
|
||||
pull = "always";
|
||||
user = "600:600";
|
||||
volumes = [
|
||||
"${config.sops.secrets."docker/redis".path}:/usr/local/etc/redis/redis.conf"
|
||||
@ -49,7 +47,6 @@ in
|
||||
};
|
||||
go-vod = {
|
||||
image = "radialapps/go-vod:latest";
|
||||
pull = "always";
|
||||
dependsOn = [ "nextcloud" ];
|
||||
environment = {
|
||||
NEXTCLOUD_HOST = "https://nextcloud.alicehuston.xyz";
|
||||
@ -61,7 +58,6 @@ in
|
||||
};
|
||||
collabora-code = {
|
||||
image = "collabora/code:latest";
|
||||
pull = "always";
|
||||
dependsOn = [ "nextcloud" ];
|
||||
environment = {
|
||||
aliasgroup1 = "https://collabora.nayenoie.com:443";
|
||||
|
File diff suppressed because one or more lines are too long
@ -1,8 +1,7 @@
|
||||
{ config, pkgs, ... }:
|
||||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
delugeBase = {
|
||||
pull = "always";
|
||||
environment = {
|
||||
PUID = "600";
|
||||
PGID = "100";
|
||||
@ -20,31 +19,18 @@ let
|
||||
deluge_path = "${torr_path}/deluge";
|
||||
delugevpn_path = "${torr_path}/delugevpn";
|
||||
|
||||
#genSopsConfWg = file: {
|
||||
# "${file}" = {
|
||||
# format = "binary";
|
||||
# sopsFile = ./wg/${file};
|
||||
# path = "${delugevpn_path}/config/wireguard/configs/${file}";
|
||||
# owner = "docker-service";
|
||||
# group = "users";
|
||||
# restartUnits = [ "docker-delugeVPN.service" ];
|
||||
# };
|
||||
#};
|
||||
|
||||
genSopsConfOvpn = file: {
|
||||
genSopsConf = file: {
|
||||
"${file}" = {
|
||||
format = "binary";
|
||||
sopsFile = ./openvpn/${file};
|
||||
path = "${delugevpn_path}/config/openvpn/configs/${file}";
|
||||
sopsFile = ./wg/${file};
|
||||
path = "${delugevpn_path}/config/wireguard/configs/${file}";
|
||||
owner = "docker-service";
|
||||
group = "users";
|
||||
restartUnits = [ "docker-delugeVPN.service" ];
|
||||
};
|
||||
|
||||
};
|
||||
in
|
||||
{
|
||||
|
||||
virtualisation.oci-containers.containers = {
|
||||
deluge = delugeBase // {
|
||||
image = "binhex/arch-deluge";
|
||||
@ -59,26 +45,25 @@ in
|
||||
];
|
||||
};
|
||||
delugeVPN = delugeBase // {
|
||||
image = "binhex/arch-delugevpn:latest";
|
||||
capabilities = {
|
||||
NET_ADMIN = true;
|
||||
};
|
||||
autoRemoveOnStop = false;
|
||||
image = "binhex/arch-delugevpn";
|
||||
extraOptions = [
|
||||
"--privileged=true"
|
||||
"--sysctl"
|
||||
"net.ipv4.conf.all.src_valid_mark=1"
|
||||
];
|
||||
environment = delugeBase.environment // {
|
||||
VPN_ENABLED = "yes";
|
||||
VPN_CLIENT = "openvpn";
|
||||
VPN_PROV = "protonvpn";
|
||||
VPN_CLIENT = "wireguard";
|
||||
VPN_PROV = "custom";
|
||||
ENABLE_PRIVOXY = "yes";
|
||||
LAN_NETWORK = "192.168.0.0/16";
|
||||
ENABLE_STARTUP_SCRIPTS = "yes";
|
||||
#NAME_SERVERS = "194.242.2.9";
|
||||
#NAME_SERVERS = "9.9.9.9";
|
||||
NAME_SERVERS = "194.242.2.9";
|
||||
# note, delete /config/perms.txt to force a bulk permissions update
|
||||
|
||||
};
|
||||
environmentFiles = [ config.sops.secrets."docker/delugevpn".path ];
|
||||
volumes = [
|
||||
"${delugevpn_path}/config:/config"
|
||||
"${deluge_path}/data:/data" # use common torrent path yuck
|
||||
"${delugevpn_path}/data:/data"
|
||||
"/etc/localtime:/etc/localtime:ro"
|
||||
];
|
||||
ports = [
|
||||
@ -86,9 +71,6 @@ in
|
||||
"8119:8118"
|
||||
"39275:39275"
|
||||
"39275:39275/udp"
|
||||
"48346:48346"
|
||||
"48346:48346/udp"
|
||||
|
||||
];
|
||||
};
|
||||
};
|
||||
@ -97,34 +79,25 @@ in
|
||||
serviceConfig = {
|
||||
ExecStartPre = [
|
||||
(
|
||||
"${pkgs.bash}/bin/bash -c \"${pkgs.findutils}/bin/find ${delugevpn_path}/config/openvpn/configs "
|
||||
+ "-type l -not -name network.ovpn "
|
||||
"${pkgs.bash}/bin/bash -c \"${pkgs.findutils}/bin/find ${delugevpn_path}/config/wireguard/configs "
|
||||
+ "-type l -not -name wg0.conf "
|
||||
+ "| ${pkgs.coreutils}/bin/shuf -n 1 "
|
||||
+ "| ${pkgs.findutils}/bin/xargs -I {} cp -L {} ${delugevpn_path}/config/openvpn/network.ovpn &&"
|
||||
+ "${pkgs.coreutils}/bin/chown docker-service:users ${delugevpn_path}/config/openvpn/network.ovpn &&"
|
||||
+ "${pkgs.coreutils}/bin/chmod 440 ${delugevpn_path}/config/openvpn/network.ovpn\""
|
||||
)
|
||||
(
|
||||
"${pkgs.bash}/bin/bash -c \"${pkgs.findutils}/bin/find ${delugevpn_path}/config/scripts/links "
|
||||
+ "-type l "
|
||||
+ "| ${pkgs.findutils}/bin/xargs -I {} cp -L {} ${delugevpn_path}/config/scripts/ \""
|
||||
+ "| ${pkgs.findutils}/bin/xargs -I {} cp -L {} ${delugevpn_path}/config/wireguard/wg0.conf &&"
|
||||
+ "${pkgs.coreutils}/bin/chown docker-service:users ${delugevpn_path}/config/wireguard/wg0.conf &&"
|
||||
+ "${pkgs.coreutils}/bin/chmod 440 ${delugevpn_path}/config/wireguard/wg0.conf\""
|
||||
)
|
||||
];
|
||||
ExecStopPost = [ "${pkgs.coreutils}/bin/rm ${delugevpn_path}/config/scripts/*sh" ];
|
||||
ExecStopPost = [ "${pkgs.coreutils}/bin/rm ${delugevpn_path}/config/wireguard/wg0.conf" ];
|
||||
};
|
||||
};
|
||||
|
||||
sops.secrets = (genSopsConfOvpn "se.protonvpn.udp.ovpn") // {
|
||||
"docker/delugevpn" = {
|
||||
owner = "docker-service";
|
||||
group = "users";
|
||||
restartUnits = [ "docker-delugeVPN.service" ];
|
||||
};
|
||||
"docker/protonvpn-start-script" = {
|
||||
path = "${delugevpn_path}/config/scripts/links/protonvpn-start-script.sh";
|
||||
owner = "docker-service";
|
||||
group = "users";
|
||||
restartUnits = [ "docker-delugeVPN.service" ];
|
||||
};
|
||||
};
|
||||
sops.secrets =
|
||||
(genSopsConf "se-mma-wg-001.conf")
|
||||
// (genSopsConf "se-mma-wg-002.conf")
|
||||
// (genSopsConf "se-mma-wg-003.conf")
|
||||
// (genSopsConf "se-mma-wg-004.conf")
|
||||
// (genSopsConf "se-mma-wg-005.conf")
|
||||
// (genSopsConf "se-mma-wg-101.conf")
|
||||
// (genSopsConf "se-mma-wg-102.conf")
|
||||
// (genSopsConf "se-mma-wg-103.conf");
|
||||
}
|
||||
|
@ -24,15 +24,6 @@
|
||||
|
||||
# collabora
|
||||
9980
|
||||
|
||||
# arr
|
||||
6767
|
||||
9696
|
||||
7878
|
||||
8989
|
||||
8686
|
||||
8787
|
||||
5055
|
||||
];
|
||||
|
||||
}
|
||||
|
@ -10,7 +10,7 @@ in
|
||||
{
|
||||
services.gitea = {
|
||||
enable = true;
|
||||
appName = "Nayeonie's Trove";
|
||||
appName = "The Hearth";
|
||||
database = {
|
||||
type = "postgres";
|
||||
passwordFile = config.sops.secrets."gitea/dbpass".path;
|
||||
@ -27,12 +27,6 @@ in
|
||||
SSH_PORT = 2222;
|
||||
SSH_LISTEN_PORT = 2223;
|
||||
START_SSH_SERVER = true;
|
||||
PUBLIC_URL_DETECTION = "auto";
|
||||
};
|
||||
repository = {
|
||||
ENABLE_PUSH_CREATE_USER = true;
|
||||
DEFAULT_MERGE_STYLE = "rebase-merge";
|
||||
|
||||
};
|
||||
service = {
|
||||
DISABLE_REGISTRATION = true;
|
||||
@ -51,15 +45,6 @@ in
|
||||
host = "192.168.76.2";
|
||||
port = "8088";
|
||||
};
|
||||
"storage.minio" = {
|
||||
STORAGE_TYPE = "minio";
|
||||
MINIO_ENDPOINT = "minio.nayeonie.com";
|
||||
MINIO_BUCKET = "gitea";
|
||||
MINIO_LOCATION = "us-east-1";
|
||||
MINIO_USE_SSL = true;
|
||||
MINIO_INSECURE_SKIP_VERIFY = false;
|
||||
MINIO_BUCKET_LOOKUP_TYPE = "auto";
|
||||
};
|
||||
};
|
||||
stateDir = base_path;
|
||||
lfs.enable = true;
|
||||
@ -75,6 +60,5 @@ in
|
||||
|
||||
sops.secrets = {
|
||||
"gitea/dbpass".owner = "gitea";
|
||||
"gitea/minio".owner = "gitea";
|
||||
};
|
||||
}
|
||||
|
@ -1,6 +1,7 @@
|
||||
{
|
||||
config,
|
||||
inputs,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
@ -42,7 +43,6 @@ in
|
||||
services = {
|
||||
hydra = {
|
||||
enable = true;
|
||||
package = inputs.hydra.packages.x86_64-linux.hydra;
|
||||
hydraURL = "https://hydra.alicehuston.xyz";
|
||||
smtpHost = "alicehuston.xyz";
|
||||
notificationSender = "hydra@alicehuston.xyz";
|
||||
@ -82,10 +82,10 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
# nix-serve = {
|
||||
# enable = true;
|
||||
# secretKeyFile = config.sops.secrets."nix-serve/secret-key".path;
|
||||
# };
|
||||
nix-serve = {
|
||||
enable = true;
|
||||
secretKeyFile = config.sops.secrets."nix-serve/secret-key".path;
|
||||
};
|
||||
prometheus = {
|
||||
enable = true;
|
||||
webExternalUrl = "https://prom.alicehuston.xyz";
|
||||
@ -134,7 +134,7 @@ in
|
||||
sops = {
|
||||
secrets = {
|
||||
"hydra/environment".owner = "hydra";
|
||||
# "nix-serve/secret-key".owner = "root";
|
||||
"nix-serve/secret-key".owner = "root";
|
||||
"alice/gha-hydra-token" = {
|
||||
sopsFile = ../../users/alice/secrets.yaml;
|
||||
owner = "hydra";
|
||||
|
@ -1,28 +0,0 @@
|
||||
{
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
vars = import ../vars.nix;
|
||||
in
|
||||
{
|
||||
services.plex = {
|
||||
enable = true;
|
||||
dataDir = vars.primary_plex;
|
||||
};
|
||||
systemd.services.plex_permission = {
|
||||
description = "maintains plex permissions";
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
ExecStart = "${pkgs.bash}/bin/bash ${./plex_permission.sh}";
|
||||
};
|
||||
};
|
||||
systemd.timers.plex_permission = {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnBootSec = "1h";
|
||||
OnCalendar = "daily 03:00";
|
||||
Unit = "plex_permission.service";
|
||||
};
|
||||
};
|
||||
}
|
@ -1,7 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
plex_dir="/ZFS/ZFS-primary/plex"
|
||||
|
||||
chown docker-service:users -R "$plex_dir"
|
||||
find "$plex_dir" -type f -exec chmod 664 {} \;
|
||||
find "$plex_dir" -type d -exec chmod 775 {} \;
|
@ -19,9 +19,6 @@ in
|
||||
enable = true;
|
||||
enableJIT = true;
|
||||
package = pkgs.postgresql_16;
|
||||
configurePgStatStatements = true;
|
||||
enableAllPreloadedLibraries = true;
|
||||
#preloadAllExtensions = true;
|
||||
identMap = ''
|
||||
# ArbitraryMapName systemUser DBUser
|
||||
superuser_map root postgres
|
||||
@ -31,126 +28,13 @@ in
|
||||
'';
|
||||
|
||||
# initialScript = config.sops.secrets."postgres/init".path;
|
||||
ensureDatabases = [
|
||||
"atticd"
|
||||
"alice"
|
||||
];
|
||||
ensureDatabases = [ "atticd" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "atticd";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
{
|
||||
name = "alice";
|
||||
ensureDBOwnership = true;
|
||||
ensureClauses = {
|
||||
superuser = true;
|
||||
login = true;
|
||||
createrole = true;
|
||||
createdb = true;
|
||||
replication = true;
|
||||
};
|
||||
}
|
||||
];
|
||||
# Thank you NotAShelf
|
||||
# https://github.com/NotAShelf/nyx/blob/d407b4d6e5ab7f60350af61a3d73a62a5e9ac660/modules/core/roles/server/system/services/databases/postgresql.nix#L74
|
||||
# commented out statements are likely overriden by pgtune settings
|
||||
# https://pgtune.leopard.in.ua/?dbVersion=17&osType=linux&dbType=web&cpuNum=64&totalMemory=8&totalMemoryUnit=GB&connectionNum=1024&hdType=hdd
|
||||
settings = {
|
||||
# Connectivity;
|
||||
# max_connections = 100;
|
||||
superuser_reserved_connections = 3;
|
||||
|
||||
# Memory Settings;
|
||||
#shared_buffers = "1024 MB";
|
||||
#work_mem = "32 MB";
|
||||
#maintenance_work_mem = "320 MB";
|
||||
#huge_pages = "off";
|
||||
#effective_cache_size = "2 GB";
|
||||
#effective_io_concurrency = 100; # concurrent IO only really activated if OS supports posix_fadvise function;
|
||||
#random_page_cost = 1.25; # speed of random disk access relative to sequential access (1.0);
|
||||
|
||||
# Monitoring;
|
||||
#shared_preload_libraries = "pg_stat_statements,auto_explain"; # per statement resource usage stats & log explain statements for slow queries
|
||||
track_io_timing = "on"; # measure exact block IO times;
|
||||
track_functions = "pl"; # track execution times of pl-language procedures if any;
|
||||
# Replication;
|
||||
wal_level = "replica"; # consider using at least "replica";
|
||||
max_wal_senders = 0;
|
||||
synchronous_commit = "on";
|
||||
|
||||
# Checkpointing: ;
|
||||
checkpoint_timeout = "15 min";
|
||||
#checkpoint_completion_target = 0.9;
|
||||
#max_wal_size = "1024 MB";
|
||||
#min_wal_size = "512 MB";
|
||||
|
||||
# WAL writing;
|
||||
wal_compression = "on";
|
||||
wal_buffers = -1; # auto-tuned by Postgres till maximum of segment size (16MB by default);
|
||||
wal_writer_delay = "200ms";
|
||||
wal_writer_flush_after = "1MB";
|
||||
|
||||
# Background writer;
|
||||
bgwriter_delay = "200ms";
|
||||
bgwriter_lru_maxpages = 100;
|
||||
bgwriter_lru_multiplier = 2.0;
|
||||
bgwriter_flush_after = 0;
|
||||
|
||||
# Parallel queries: ;
|
||||
#max_worker_processes = 6;
|
||||
#max_parallel_workers_per_gather = 3;
|
||||
#max_parallel_maintenance_workers = 3;
|
||||
#max_parallel_workers = 6;
|
||||
parallel_leader_participation = "on";
|
||||
|
||||
# Advanced features ;
|
||||
enable_partitionwise_join = "on";
|
||||
enable_partitionwise_aggregate = "on";
|
||||
jit = "on";
|
||||
|
||||
jit_above_cost = 100000;
|
||||
jit_inline_above_cost = 150000;
|
||||
jit_optimize_above_cost = 500000;
|
||||
|
||||
# log slow queries
|
||||
log_min_duration_statement = 100;
|
||||
"auto_explain.log_min_duration" = 100;
|
||||
|
||||
# logging configuration
|
||||
log_connections = true;
|
||||
log_statement = "all";
|
||||
logging_collector = true;
|
||||
log_disconnections = true;
|
||||
|
||||
# from pgtune
|
||||
# DB Version: 17
|
||||
# OS Type: linux
|
||||
# DB Type: web
|
||||
# Total Memory (RAM): 8 GB
|
||||
# CPUs num: 64
|
||||
# Connections num: 1024
|
||||
# Data Storage: hdd
|
||||
|
||||
max_connections = 1024;
|
||||
shared_buffers = "2GB";
|
||||
effective_cache_size = "6GB";
|
||||
maintenance_work_mem = "512MB";
|
||||
checkpoint_completion_target = 0.9;
|
||||
#wal_buffers = "16MB"; allow auto-tuning as per above
|
||||
default_statistics_target = 100;
|
||||
random_page_cost = 4;
|
||||
effective_io_concurrency = 2;
|
||||
work_mem = "512kB";
|
||||
huge_pages = "off";
|
||||
min_wal_size = "1GB";
|
||||
max_wal_size = "4GB";
|
||||
max_worker_processes = 64;
|
||||
max_parallel_workers_per_gather = 4;
|
||||
max_parallel_workers = 64;
|
||||
max_parallel_maintenance_workers = 4;
|
||||
|
||||
};
|
||||
|
||||
refreshCollation = true;
|
||||
vacuumAnalyzeTimer.enable = true;
|
||||
@ -164,7 +48,6 @@ in
|
||||
"hydra-send-stats"
|
||||
"hydra-server"
|
||||
"atticd"
|
||||
"gitea"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
@ -2,13 +2,14 @@
|
||||
{
|
||||
services.samba = {
|
||||
enable = true;
|
||||
securityType = "user";
|
||||
openFirewall = true;
|
||||
settings = {
|
||||
global = {
|
||||
security = "user";
|
||||
"workgroup" = "WORKGROUP";
|
||||
"server string" = "palatine-hill";
|
||||
"netbios name" = "palatine-hill";
|
||||
"security" = "user";
|
||||
#"use sendfile" = "yes";
|
||||
#"max protocol" = "smb2";
|
||||
# note: localhost is the ipv6 localhost ::1
|
||||
|
@ -10,7 +10,6 @@ postgres:
|
||||
init: ENC[AES256_GCM,data:trwA30EswHEPa6V2GuHsGgU4NK/j/UQveldwHng0Ilwyqh9aZCgF3axP48MmcciBssux8DZ4O5U=,iv:VC+tpG5yuiBE7pjZ85lYCwHG/bTePxeXQDz2zyLyLYA=,tag:5+jwWTv5T5YWwQpR58QfOA==,type:str]
|
||||
gitea:
|
||||
dbpass: ENC[AES256_GCM,data:8jECcEJ8JnK7fztTckzLrQ==,iv:yQMp5VrierOKXwiop0NUA7Qbn2eH5iUCVlKppZwKLIQ=,tag:rI9WT7zLIaFxVcTu3ufW4g==,type:str]
|
||||
minio: ENC[AES256_GCM,data:LxY6AD+CZ9VQEl5FrG6o0XiOiizLcwiLiyH1WJD8mMCPWhDjGzt+k+YPOm1BpWzTZF8+2EoxR9oKFJu9mzTibl2Ieits0/RNwh1VdQALXw3FwfRym7CFS+Z5S8H9kGMoXWRrr+I5,iv:g/wq0r2HKfX2AwirT4hm/H1Ms/mtbf4ZuFLISikRyoI=,tag:he99s/WpKoN+lHR8r4K30w==,type:str]
|
||||
upsmon:
|
||||
password: ENC[AES256_GCM,data:52Rxsh7KUq+aYjQORBC+Yq5B,iv:F05g/a5bv7DQ+eLlMqsNeRHLxzl7AyXU1zAlmFevQ6o=,tag:xkGDD3hDF+u5fUbP33OrlA==,type:str]
|
||||
minio:
|
||||
@ -23,16 +22,16 @@ docker:
|
||||
redis: ENC[AES256_GCM,data:c+55cN6IpUNeKd+wC2zv3eunYjBsmZtXTczokqaxB2Q=,iv:M3pwNUlT9kUMv4JDE6bp/gub9CdBGxdApIvpOt3JpgE=,tag:3rPlV3U0AP9zAeF7xDouKw==,type:str]
|
||||
act-runner: ENC[AES256_GCM,data:gdrqXBBzdMW26MgNfP6P1c/m7pLANCXjcZLvVsxlWcgpAZd8IaO2FUqomL3xFI3UDPveQh0UvC3044ueoWhYJOq7ZmKJGvdf0ZrpP1MkXZKvjFjbTsuf/6/SYKhPqnP28HqznUWIVJYcRmP+A2oVeJY=,iv:/yOqJYDpxbqCm1whqcypp7Ba1Xlaebrv+h6lHr57Qa8=,tag:PzVqxP+QwQq69jqhmagj3w==,type:str]
|
||||
collabora: ENC[AES256_GCM,data:LPRkzPEv5qfzeWSDbf+L+0asfmiK5Mhj8jCdfVyvVQAaD75Cbo4qLD0Nc80z,iv:/l2vAyYYJChhv6T+JkHT4I74ZpdhvbVqxlDWIM4Y4bw=,tag:/+uzn1vtd1RnO9/lGiQAKA==,type:str]
|
||||
delugevpn: ENC[AES256_GCM,data:YGkgaQUuA9oteKD77tnFzxZSHctyOQjMNlfvJr3mPWAl2P8wfcshiUoa6SNp69pagxbzRV6mfuzwzinbkQCoZN3lw7uF76y0,iv:Bro0H4tFR+3wi9DGGq9a6ge4o4uPlVXBUF7h17zyqg8=,tag:N1kVNFasqGMx8R9qTq2dJA==,type:str]
|
||||
protonvpn-start-script: ENC[AES256_GCM,data:ZnlDpCLdILHXSUCI6itWkqO4y75Lwjj7qT1DBkfueLneQOaQ0JhuE2FbOOajkmI046nP9fMrJbu3g4QZHsq1g8yqGU1wb0OOT+eS9+M92Md29B4NnUdwnVAO6/RzvRKXP2tsQ4iprx9An+BEFwZYD6WG6DQc6NjJVSgRcYvfH9rQey2VdwLysNsgFCs8eC6QgikqBpeg4eOIvDDNbdXPKkW+ZPph9xpzGkcFIMwlX5esg0n7qyUoMvWwBn4avC46U5erOw0fNajY60ri9sm5Afht6LZrFal71Hx/K9/5EXBp9dD4teLO2Ew0CQX0i94pKCuR207l9868s7Ao3udLp4wbiLnXoRKq+w==,iv:qR0kNYpb50NXEqSksvHBPAaRG51RKCsSwTq32nosxzo=,tag:+xRQyuWi4Ja/N9lcd11oJA==,type:str]
|
||||
acme:
|
||||
bunny: ENC[AES256_GCM,data:P2yROVUga9mORcq8VR/l0i4/2Vod1zvlYq+ZJLLNKow0SpblkwQX/i1ucQYAOkTTRddN+3C+t0zj1rMWkdLoaLjEUJJi3VsSxi+chV2FFiVKFQGEcg24,iv:aQvGgGLsgRGoEmwTgZHR8Jm/MYxmGtVTT/fZKaTLeMs=,tag:m3ssF4O8qs4yxvMu6yUcjw==,type:str]
|
||||
dnsimple: ENC[AES256_GCM,data:37FKyBibFtXZgI4EduJQ0z8F+shBc5Q6YlLa3YkVPh9XuJVS20eybi75bfJxiozcZ9d+YRaqcbkBQCSdFOCotDU=,iv:oq3JjqbfAm2C4jcL1lvUb2EOmnwlR07vPoO8H0BmydQ=,tag:E3NO/jMElL6Q817666gIyg==,type:str]
|
||||
server-validation:
|
||||
webhook: ENC[AES256_GCM,data:Lwqy4UhyFutpXjai7EJPKp8MDlI+ayDna4T8jluvC6qkeJ7o1UaaDCOsgLy4Fw7LC77tXhJtkcmep9w37JaiHp2CoDOfy2iAaq8o9CCSi/a0zqMJx+HdZYZNemvmpc6E/be0K+JDrFZLbjr3unSpCidQ3whccC6XyY013R12swN3bFZIu1gtzXCgUZ4U,iv:pVbrRwH3ziu4+R5BfimPV7N71QmyerJEc9M5K4eofOc=,tag:zNrCXrIioQWPEPVz/wMDpQ==,type:str]
|
||||
typhon:
|
||||
hashedPassword: ENC[AES256_GCM,data:gMyY8gxUn3HzycQRu2cminqRFWghqWcjzZzTxAQZ5PJqn604iSwDiVdr7icHB7drJfCAfsE7L4oKRJgxaIAE32043oOkb2T7DDH8y2jxMzqmZCfbvrfMI4wdfRTHGqzxb6X/aZ5ai2rr1Q==,iv:4EsTo/lQld0o9iktDX9gobMlPUCitx1i9wn8EL16sIs=,tag:FgVDRHk2glDwpC/mprrPqQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1qw5k8h72k3fjg5gmlxx8q8gwlc2k6n6u08d8hdzpm2pk9r0fnfxsmw33nh
|
||||
enc: |
|
||||
@ -43,8 +42,8 @@ sops:
|
||||
cXNZWmZqd0R0SmhINExscHBKWmxvblUKEFEQvt/zQFARba4S8vHz/1SoKdKg69At
|
||||
LZ58XQGOmlGbBhPr7EzYQ2XSY4flWbnnD174cmCR8DNFm15DsNA5fw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-06-01T23:54:50Z"
|
||||
mac: ENC[AES256_GCM,data:xBSrKfuBEXYVqLhZF903HbLaCpgXyuo3r7/FUBPM9Pl+rKUGx8p7LKCIec2NPCGO8ylQvC8T2mochSHSAvN339nxPlQ7f/tKWc6QgicaX4Sb4k0wJdqamSJTq4mkg8482HOUiFCSi3lA3zWC3Y9ZixESmEWTbxe9sQ51Vo69lkw=,iv:XiGVzryZwo5UmJe7I8pkg5IEdms0vR9iRdlFu2wjUeI=,tag:jhOuV+aZd5rQF0xg+0tvOg==,type:str]
|
||||
lastmodified: "2025-03-04T04:53:14Z"
|
||||
mac: ENC[AES256_GCM,data:MCucwVPGRMA/hGYS7mwSppkZAQ3wjHJnyeSvSI8YOOD0Xq7mvkMSvKctFHl6h4Cx3ubRvVHf5j35/NQxb+/VhhCPAHWDbqq9O2N0aWhAeybCu0IjruKrJhs76KsXJnNZ9REQQnS1/TNquuvj9FCoqDnrQcFs7M0KJ5m3eUU2h2k=,iv:ZJGJ8CTA8K5FnoKtbogleksB8wDcZtknO07M07Dmpsc=,tag:GMUXJD4U8KQgy9rvzEAMuw==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-11-28T18:56:39Z"
|
||||
enc: |-
|
||||
@ -59,4 +58,4 @@ sops:
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 5EFFB75F7C9B74EAA5C4637547940175096C1330
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.10.2
|
||||
version: 3.9.4
|
||||
|
@ -1,17 +0,0 @@
|
||||
{ config, ... }:
|
||||
|
||||
let
|
||||
vars = import ./vars.nix;
|
||||
typhon_path = vars.primary_typhon;
|
||||
in
|
||||
{
|
||||
services.typhon = {
|
||||
enable = true;
|
||||
hashedPasswordFile = config.sops.secrets."typhon/hashedPassword".path;
|
||||
home = typhon_path;
|
||||
};
|
||||
|
||||
sops.secrets = {
|
||||
"typhon/hashedPassword".owner = "root";
|
||||
};
|
||||
}
|
@ -17,6 +17,4 @@ rec {
|
||||
primary_nextcloud = "${zfs_primary}/nextcloud";
|
||||
primary_redis = "${zfs_primary}/redis";
|
||||
primary_torr = "${zfs_primary}/torr";
|
||||
primary_plex = "${zfs_primary}/plex";
|
||||
primary_plex_storage = "${zfs_primary}/plex_storage";
|
||||
}
|
||||
|
@ -1,35 +0,0 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
# rtkit is optional but recommended
|
||||
security.rtkit.enable = true;
|
||||
services = {
|
||||
pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
# If you want to use JACK applications, uncomment this
|
||||
#jack.enable = true;
|
||||
};
|
||||
|
||||
pipewire.wireplumber.configPackages = [
|
||||
(pkgs.writeTextDir "share/wireplumber/bluetooth.lua.d/51-bluez-config.lua" ''
|
||||
bluez_monitor.properties = {
|
||||
["bluez5.enable-sbc-xq"] = true,
|
||||
["bluez5.enable-msbc"] = true,
|
||||
["bluez5.enable-hw-volume"] = true,
|
||||
["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]"
|
||||
}
|
||||
'')
|
||||
];
|
||||
blueman.enable = true;
|
||||
};
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
hardware.bluetooth.powerOnBoot = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [ pavucontrol ];
|
||||
|
||||
programs.noisetorch.enable = true;
|
||||
}
|
@ -1,49 +0,0 @@
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
./audio.nix
|
||||
./desktop.nix
|
||||
./fonts.nix
|
||||
./graphics.nix
|
||||
./polkit.nix
|
||||
./programs.nix
|
||||
./steam.nix
|
||||
./stylix.nix
|
||||
];
|
||||
|
||||
time.timeZone = "America/New_York";
|
||||
|
||||
# temp workaround for building while in nixos-enter
|
||||
#services.logrotate.checkConfig = false;
|
||||
|
||||
networking = {
|
||||
hostId = "9f2e1ff9";
|
||||
firewall.enable = true;
|
||||
useNetworkd = true;
|
||||
};
|
||||
|
||||
boot = {
|
||||
kernelPackages = lib.mkForce pkgs.linuxPackages_xanmod;
|
||||
useSystemdBoot = true;
|
||||
default = true;
|
||||
};
|
||||
|
||||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
|
||||
services = {
|
||||
flatpak.enable = true;
|
||||
gvfs.enable = true;
|
||||
openssh.enable = lib.mkForce false;
|
||||
};
|
||||
|
||||
system.stateVersion = "25.11";
|
||||
|
||||
sops = {
|
||||
defaultSopsFile = ./secrets.yaml;
|
||||
};
|
||||
}
|
@ -1,23 +0,0 @@
|
||||
{ inputs, ... }:
|
||||
{
|
||||
system = "x86_64-linux";
|
||||
home = true;
|
||||
sops = true;
|
||||
server = false;
|
||||
users = [ "alice" ];
|
||||
modules = [
|
||||
inputs.nixos-hardware.nixosModules.common-pc
|
||||
inputs.nixos-hardware.nixosModules.common-pc-ssd
|
||||
inputs.nixos-hardware.nixosModules.common-gpu-nvidia-nonprime
|
||||
inputs.nixos-hardware.nixosModules.common-cpu-amd
|
||||
inputs.nixos-hardware.nixosModules.common-cpu-amd-pstate
|
||||
inputs.nixos-hardware.nixosModules.common-cpu-amd-zenpower
|
||||
inputs.stylix.nixosModules.stylix
|
||||
{
|
||||
environment.systemPackages = [
|
||||
inputs.wired-notify.packages.x86_64-linux.default
|
||||
inputs.hyprland-contrib.packages.x86_64-linux.grimblast
|
||||
];
|
||||
}
|
||||
];
|
||||
}
|
@ -1,38 +0,0 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
# installs hyprland, and its dependencies
|
||||
|
||||
programs = {
|
||||
hyprland = {
|
||||
enable = true;
|
||||
xwayland.enable = true;
|
||||
withUWSM = true;
|
||||
};
|
||||
hyprlock.enable = true;
|
||||
ydotool.enable = true;
|
||||
};
|
||||
# Optional, hint electron apps to use wayland:
|
||||
environment.sessionVariables.NIXOS_OZONE_WL = "1";
|
||||
|
||||
services = {
|
||||
displayManager.gdm = {
|
||||
enable = true;
|
||||
wayland = true;
|
||||
};
|
||||
|
||||
dbus = {
|
||||
enable = true;
|
||||
implementation = "broker";
|
||||
};
|
||||
};
|
||||
|
||||
powerManagement = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
libsForQt5.qt5.qtwayland
|
||||
qt6.qtwayland
|
||||
];
|
||||
}
|
@ -1,15 +0,0 @@
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
fonts = {
|
||||
fontconfig.enable = true;
|
||||
enableDefaultPackages = true;
|
||||
packages = with pkgs.nerd-fonts; [
|
||||
fira-code
|
||||
droid-sans-mono
|
||||
hack
|
||||
dejavu-sans-mono
|
||||
noto
|
||||
open-dyslexic
|
||||
];
|
||||
};
|
||||
}
|
@ -1,40 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
hardware.graphics = {
|
||||
## radv: an open-source Vulkan driver from freedesktop
|
||||
enable = true;
|
||||
enable32Bit = true;
|
||||
|
||||
};
|
||||
hardware.nvidia = {
|
||||
|
||||
# Modesetting is required.
|
||||
modesetting.enable = true;
|
||||
|
||||
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
|
||||
# Enable this if you have graphical corruption issues or application crashes after waking
|
||||
# up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead
|
||||
# of just the bare essentials.
|
||||
powerManagement.enable = false;
|
||||
|
||||
# Fine-grained power management. Turns off GPU when not in use.
|
||||
# Experimental and only works on modern Nvidia GPUs (Turing or newer).
|
||||
powerManagement.finegrained = false;
|
||||
|
||||
# Use the NVidia open source kernel module (not to be confused with the
|
||||
# independent third-party "nouveau" open source driver).
|
||||
# Support is limited to the Turing and later architectures. Full list of
|
||||
# supported GPUs is at:
|
||||
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
|
||||
# Only available from driver 515.43.04+
|
||||
open = false;
|
||||
|
||||
# Enable the Nvidia settings menu,
|
||||
# accessible via `nvidia-settings`.
|
||||
nvidiaSettings = true;
|
||||
|
||||
# Optionally, you may need to select the appropriate driver version for your specific GPU.
|
||||
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
||||
};
|
||||
}
|
@ -1,96 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}:
|
||||
|
||||
{
|
||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||
|
||||
boot = {
|
||||
initrd.availableKernelModules = [
|
||||
"nvme"
|
||||
"xhci_pci"
|
||||
"thunderbolt"
|
||||
"usb_storage"
|
||||
"usbhid"
|
||||
"sd_mod"
|
||||
"ip_vs"
|
||||
"ip_vs_rr"
|
||||
"nf_conntrack"
|
||||
];
|
||||
initrd.kernelModules = [
|
||||
"dm-snapshot"
|
||||
"r8152"
|
||||
];
|
||||
kernelModules = [ "kvm-amd" ];
|
||||
extraModulePackages = [ ];
|
||||
kernelParams = [
|
||||
"amdgpu.sg_display=0"
|
||||
"amdgpu.graphics_sg=0"
|
||||
"amdgpu.abmlevel=3"
|
||||
];
|
||||
};
|
||||
|
||||
fileSystems = {
|
||||
|
||||
"/" = lib.mkDefault {
|
||||
device = "/dev/disk/by-uuid/f3c11d62-37f4-495e-b668-1ff49e0d3a47";
|
||||
fsType = "ext4";
|
||||
options = [
|
||||
"noatime"
|
||||
"nodiratime"
|
||||
];
|
||||
};
|
||||
|
||||
"/home" = {
|
||||
device = "/dev/disk/by-uuid/720af942-464c-4c1e-be41-0438936264f0";
|
||||
fsType = "ext4";
|
||||
options = [
|
||||
"noatime"
|
||||
"nodiratime"
|
||||
];
|
||||
};
|
||||
|
||||
"/nix" = {
|
||||
device = "/dev/disk/by-uuid/035f23f8-d895-4b0c-bcf5-45885a5dbbd9";
|
||||
fsType = "ext4";
|
||||
options = [
|
||||
"noatime"
|
||||
"nodiratime"
|
||||
];
|
||||
};
|
||||
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-uuid/5AD7-6005";
|
||||
fsType = "vfat";
|
||||
options = [
|
||||
"noatime"
|
||||
"nodiratime"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
swapDevices = [ { device = "/dev/disk/by-uuid/3ec276b5-9088-45b0-9cb4-60812f2d1a73"; } ];
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
"nixos-pv" = {
|
||||
device = "/dev/disk/by-uuid/12a7f660-bbcc-4066-81d0-e66005ee534a";
|
||||
preLVM = true;
|
||||
allowDiscards = true;
|
||||
};
|
||||
};
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
}
|
@ -1,22 +0,0 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
security.polkit.enable = true;
|
||||
environment.systemPackages = with pkgs; [ polkit_gnome ];
|
||||
|
||||
systemd = {
|
||||
user.services.polkit-gnome-authentication-agent-1 = {
|
||||
description = "polkit-gnome-authentication-agent-1";
|
||||
wantedBy = [ "graphical-session.target" ];
|
||||
wants = [ "graphical-session.target" ];
|
||||
after = [ "graphical-session.target" ];
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
|
||||
Restart = "on-failure";
|
||||
RestartSec = 1;
|
||||
TimeoutStopSec = 10;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
@ -1,112 +0,0 @@
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
act
|
||||
alacritty
|
||||
attic-client
|
||||
amdgpu_top
|
||||
bat
|
||||
bitwarden-cli
|
||||
bfg-repo-cleaner
|
||||
btop
|
||||
calibre
|
||||
# calibre dedrm?
|
||||
candy-icons
|
||||
chromium
|
||||
chromedriver
|
||||
croc
|
||||
deadnix
|
||||
direnv
|
||||
easyeffects
|
||||
eza
|
||||
fanficfare
|
||||
ferium
|
||||
fd
|
||||
file
|
||||
firefox
|
||||
# gestures replacement
|
||||
git
|
||||
glances
|
||||
gpu-viewer
|
||||
grim
|
||||
helvum
|
||||
htop
|
||||
hwloc
|
||||
ipmiview
|
||||
iperf3
|
||||
# ipscan
|
||||
jp2a
|
||||
jq
|
||||
kdePackages.kdenlive
|
||||
kitty
|
||||
kubectl
|
||||
kubernetes-helm
|
||||
libreoffice-fresh
|
||||
libtool
|
||||
lsof
|
||||
lynis
|
||||
masterpdfeditor4
|
||||
minikube
|
||||
mons
|
||||
mpv
|
||||
# nbt explorer?
|
||||
ncdu
|
||||
nemo-with-extensions
|
||||
neofetch
|
||||
neovim
|
||||
nix-init
|
||||
nix-output-monitor
|
||||
nix-prefetch
|
||||
nix-tree
|
||||
nixpkgs-fmt
|
||||
nmap
|
||||
obs-studio
|
||||
obsidian
|
||||
ocrmypdf
|
||||
pciutils
|
||||
#disabled until wxpython compat with python3.12
|
||||
#playonlinux
|
||||
prismlauncher
|
||||
protonmail-bridge
|
||||
protontricks
|
||||
proxychains
|
||||
qrencode
|
||||
redshift
|
||||
restic
|
||||
ripgrep
|
||||
rpi-imager
|
||||
rofi-wayland
|
||||
samba
|
||||
signal-desktop
|
||||
# signal in tray?
|
||||
siji
|
||||
simple-mtpfs
|
||||
skaffold
|
||||
slack
|
||||
slurp
|
||||
smartmontools
|
||||
snyk
|
||||
sops
|
||||
spotify
|
||||
spotify-player
|
||||
#swaylock/waylock?
|
||||
sweet-nova
|
||||
telegram-desktop
|
||||
terraform
|
||||
tig
|
||||
tokei
|
||||
tree
|
||||
unipicker
|
||||
unzip
|
||||
uutils-coreutils-noprefix
|
||||
vesktop
|
||||
vscode
|
||||
watchman
|
||||
wget
|
||||
wl-clipboard
|
||||
yq
|
||||
yt-dlp
|
||||
zoom-us
|
||||
zoxide
|
||||
];
|
||||
}
|
@ -1,20 +0,0 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
environment.systemPackages = [ pkgs.steam-run ];
|
||||
hardware.steam-hardware.enable = true;
|
||||
programs = {
|
||||
gamescope = {
|
||||
enable = true;
|
||||
capSysNice = true;
|
||||
};
|
||||
steam = {
|
||||
enable = true;
|
||||
remotePlay.openFirewall = true;
|
||||
localNetworkGameTransfers.openFirewall = true;
|
||||
extraCompatPackages = with pkgs; [ proton-ge-bin ];
|
||||
gamescopeSession.enable = true;
|
||||
extest.enable = true;
|
||||
};
|
||||
};
|
||||
}
|
@ -1,16 +0,0 @@
|
||||
{ pkgs, ... }:
|
||||
# let
|
||||
# randWallpaper = pkgs.runCommand "stylix-wallpaper" { } ''
|
||||
# numWallpapers =
|
||||
# $((1 + $RANDOM % 10))
|
||||
|
||||
# in
|
||||
{
|
||||
stylix = {
|
||||
enable = true;
|
||||
image = "${pkgs.hyprland}/share/hypr/wall2.png";
|
||||
|
||||
#image = "/home/alice/Pictures/Screenshots/screenshot_2024-12-04-2030.png";
|
||||
polarity = "dark";
|
||||
};
|
||||
}
|
@ -80,6 +80,7 @@
|
||||
# doom emacs dependencies
|
||||
fd
|
||||
ripgrep
|
||||
ruff-lsp
|
||||
pyright
|
||||
|
||||
# audit
|
||||
@ -89,9 +90,6 @@
|
||||
nodejs_20
|
||||
nodePackages.prettier
|
||||
treefmt
|
||||
|
||||
gocryptfs
|
||||
awscli2
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -22,6 +22,3 @@
|
||||
|
||||
(setq! lsp-nix-nil-max-mem 20000)
|
||||
(setq! lsp-nix-nil-formatter ["nixfmt"])
|
||||
;; (add-hook 'python-mode-hook (lambda ()
|
||||
;; (require 'sphinx-doc)
|
||||
;; (sphinx-doc-mode t)))
|
||||
|
@ -80,10 +80,3 @@
|
||||
|
||||
(package! pacdiff.el
|
||||
:recipe (:host github :repo "fbrosda/pacdiff.el" :files ("pacdiff.el" "README.org" "LICENSE")))
|
||||
|
||||
;;(package! python-docstring-mode
|
||||
;; :recipe (:host github :repo "glyph/python-docstring-mode" :files ("python-docstring.el" "docstring_wrap.py")))
|
||||
|
||||
;;(package! sphinx-doc)
|
||||
|
||||
;; https://github.com/glyph/python-docstring-mode.git
|
||||
|
@ -3,7 +3,6 @@
|
||||
{
|
||||
programs.git = {
|
||||
enable = true;
|
||||
lfs.enable = true;
|
||||
signing = {
|
||||
key = "5EFFB75F7C9B74EAA5C4637547940175096C1330";
|
||||
signByDefault = true;
|
||||
@ -29,8 +28,6 @@
|
||||
color.ui = true;
|
||||
init.defaultBranch = "main";
|
||||
format.signoff = true;
|
||||
pack.windowMemory = "2g";
|
||||
pack.packSizeLimit = "1g";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -4,8 +4,8 @@
|
||||
"layer": "top",
|
||||
"position": "top",
|
||||
"output": [
|
||||
"eDP-1",
|
||||
"eDP-2",
|
||||
"eDP-1",
|
||||
"HDMI-0",
|
||||
"DP-0"
|
||||
],
|
||||
|
@ -1,9 +1,10 @@
|
||||
{ lib, ... }:
|
||||
{ ... }:
|
||||
{
|
||||
|
||||
programs.zsh = {
|
||||
|
||||
enable = true;
|
||||
# autosuggestion.enable = true;
|
||||
oh-my-zsh = {
|
||||
enable = true;
|
||||
plugins = [
|
||||
@ -22,27 +23,7 @@
|
||||
"z"
|
||||
];
|
||||
};
|
||||
/*
|
||||
To specify the order, use lib.mkOrder.
|
||||
|
||||
Common order values:
|
||||
|
||||
500 (mkBefore): Early initialization (replaces initExtraFirst)
|
||||
|
||||
550: Before completion initialization (replaces initExtraBeforeCompInit)
|
||||
|
||||
1000 (default): General configuration (replaces initExtra)
|
||||
|
||||
1500 (mkAfter): Last to run configuration
|
||||
|
||||
To specify both content in Early initialization and General configuration, use lib.mkMerge.
|
||||
|
||||
e.g.
|
||||
|
||||
initContent = let zshConfigEarlyInit = lib.mkOrder 500 “do something”; zshConfig = lib.mkOrder 1000 “do something”; in lib.mkMerge [ zshConfigEarlyInit zshConfig ];
|
||||
*/
|
||||
|
||||
initContent = lib.mkOrder 1000 ''
|
||||
initExtra = ''
|
||||
# functions
|
||||
function mount-data {
|
||||
if [[ -f /home/alice/backup/.noconnection ]]; then
|
||||
|
@ -5,46 +5,6 @@
|
||||
enable = true;
|
||||
package = pkgs.emacs30-pgtk;
|
||||
};
|
||||
programs.vesktop = {
|
||||
enable = true;
|
||||
settings = {
|
||||
appBadge = false;
|
||||
arRPC = true;
|
||||
checkUpdates = false;
|
||||
customTitleBar = false;
|
||||
hardwareAcceleration = true;
|
||||
};
|
||||
vencord.settings = {
|
||||
autoUpdate = false;
|
||||
autoUpdateNotification = false;
|
||||
notifyAboutUpdates = false;
|
||||
plugins = {
|
||||
AnonymiseFileNames.enabled = true;
|
||||
BetterFolders.enabled = true;
|
||||
BetterGifAltText.enabled = true;
|
||||
CallTimer.enabled = true;
|
||||
ClearURLs.enabled = true;
|
||||
CopyFileContents.enabled = true;
|
||||
CtrlEnterSend.enabled = true;
|
||||
CustomIdle = {
|
||||
enabled = true;
|
||||
remainInIdle = false;
|
||||
};
|
||||
FriendsSince.enabled = true;
|
||||
GameActivityToggle.enabled = true;
|
||||
ImplicitRelationships.enabled = true;
|
||||
MutualGroupDMs.enabled = true;
|
||||
QuickMention.enabled = true;
|
||||
QuickReply.enabled = true;
|
||||
ReplaceGoogleSearch = {
|
||||
enabled = true;
|
||||
customEngineName = "DuckDuckGo";
|
||||
};
|
||||
ReviewDB.enabled = true;
|
||||
ShowConnections.enabled = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
home.packages = with pkgs; [
|
||||
cmake
|
||||
shellcheck
|
||||
|
@ -2,15 +2,18 @@ alice:
|
||||
user-password: ENC[AES256_GCM,data:+cM85X1vapqfQdJ+Dv6YvT5qHlvsmaXPRbvKRHtCkPT3wdw4f7tLHLFmvWnak7CRezI00PxVEtCZL5mqLyN2HaU4OqIk/9fgqczIzemwBlMGJt+ndwG4oqBqE0ymtzmy8MA59wonRqoxzYKQfAGQsprdCIovrg==,iv:BtSDBgvQeZdTY1KUClnt9V8qHcS/gouaaQw342tk4Sg=,tag:T7tzyKuCo83s78ca7f4KDQ==,type:str]
|
||||
#ENC[AES256_GCM,data:6+dLs8opC27IrHJCPfL2c7KiLbaQTqI6oRKpIZLR4+P9gTupziAhCm/G7RY01gVPSgxdBpJ6L4xVbcMEg9hDKBMI4naF9arNrFsV6WXNc+LA5BYyT9L9G1nDea8fPFYDSF2537eLgLqWNE1WSsUOrz/WOxbE6g==,iv:AxsdKmGz6qEYlWY08q/2hqsm0EXaqodwD/7OJg4FAIY=,tag:EgfL3I1VBXtFgIdTOW5eBA==,type:comment]
|
||||
#ENC[AES256_GCM,data:vUMcowHjlQA0RWflfaQhZKkalO39epYi6N9PPW8=,iv:6DFqHlQR+mi+ZkfMUhlhwvpMwnxXNfQV6+sYgPzSj4I=,tag:Pz1zJayscGckPO8Q2ZVb4g==,type:comment]
|
||||
gha-hydra-token: ENC[AES256_GCM,data:CXdOiW9oYaVj4oqfiXSz9O9xIsB5ZyUac2WFSFD1ankZpnmQpv9TwolJxb6h8r+UM7Q9QzCCWk7KHe80lolZhpHa79bpcj+wt9v51ydj0Zy+3sufHS+JnGwmqBbw6dVqJ2uBr4nW2NADzHEbG8N367uKYEq2vazB4y02JiopXL8DHsYcx+Z4u7GJC/gYbpm9vnt8OVdYmfYRQ9BGSiaJOghDzpmCisEZdLpCLXM3cULn8yVUXIFWx8yF/6JrWN+myeoZiUFCL2sZmeSIswFg9kwBKXIsjBrz+EDXZzDCEr88UrEJ0j2+egsrG9BNlstVwC8oscYdbXWmYUdsCBNVxK3xjJYm9gDdSyo0DfSvTzK1t+/s9L1zC8uqj2TXYdVd6QyH2TRXxiPeNLYClRHT2UljymSpIVXOn/Okuo7dte+ZZqZVndT1lwK//2y8V3Hng+5wixfFFsQAd5oJzfraRSnM+RLZtjI3TMoyc5no3pVwV6zsCqRd2nvr7gieXUMWtSLb6YrM6tvhRpeiieYUqQ8NwHV0Avqco0I838o5yywVGSnUflGxnwYoGQIX70qoTcxNPGuiiiqSynh64e3nrlC9xN6EWuFpUNVfkBibZNRi+EyDAhK7LKwiPbL2z919N54vyzzoWA1KUFqxow+JsX+Q8rpnfJtag44F5qFt3/Be5PIMYVU7acXTiVJvM3cKPMQIBPXpQFX5OshwGhttGFuB53aWPHCzlhT4NDQbcZ/rLQ3bcytVpnH55WWze0Oe0zUZYGFc/rV9Fc4QjhR7/8pAi9kGUlKy2MYBamjmnCWlOnHPIQQLpPs/oiW+,iv:KL2P3O8Fnbn56hLX8PWIrigoPTBfIvMUpizKy3C3RIA=,tag:G0M/9iT9IWUSJ5ktUc/g5A==,type:str]
|
||||
gha-hydra-token: ENC[AES256_GCM,data:rYDYIn7MAF4pSZQj+Nln2z9J+AxvuSzumthL86njpKETutArrw+9iX2hHJt5t513NHH03tMtZOFqM60/pzWg4YXVQOSpQmq8QOelD7qCdfCr4Z2QSeOHqXqwKy21iWtoVbxOXWunVxLzkWMJrpHkpVsiBA75Nv66ftKEjN80QNGik6xQE1iPsCB2JHeqYNIr8gtPkCr7H5Pt4yBBO/1rsyONrbNlwmzVX78eqXxmc43XOiNVjEsk8ekJxJ9mn5S6JcPNehBcnZA0kWAIxvtDIPYKnz4YBIXoilBbjgytXL8nw3PkEX27x5yeg9KfxPxO/4CGoi5wfKsYuEynBdWbHtj6a3H0AvA9KIZzktTRNJFU3ZW8UveSCXY4YHl0NREJ8kbIUgkkE7PWeyzGenGFTPMahTA0rKSa+tWPQ1c00lvo9VS3/7pfeJfZEKS7R2xBaEDZrfffHyB5PLTQOGpWl5y40wTn4HdBlyQwoREvobOaKVZEyWtVvJcUeHDPepgEHGVDzwyTelX8Btb6ZNA0Fur8xvpkLZcLmMhbvCdkjq84ztJ36nQQ5JZthecyqcZTWPyfWtPeoUPVIaxn31oLjwsriDwdQmID6twTjC9PT8nBZD/u0JebOCdeYf8fm9q49SaN2w/ZMdSRWucHUsRXeN9O149vYoOqR28H+8v/tYJdqofJpHKrIBs=,iv:GcEV6f4rqkrpCafeaLNMqqU/vBNE0xHbqokL2gMXHYw=,tag:sCHvUgq1w8npedjIAninrA==,type:str]
|
||||
wakatime-api-key: ENC[AES256_GCM,data:ITu5pRySYGCJ6q9IQ35NfpGX2FyIJRYHGDeBiq0btzIrqitxcFox1Vc=,iv:HsXpyFHV7dG5qORk26BtD+kFo4Jdq2c4fozMpoqyDfU=,tag:uaQoXvvYqNfmRXVDVH8AoQ==,type:str]
|
||||
attic-nix-cache-creator: ENC[AES256_GCM,data:ygWuPJfFZQVHtJ83DfB7VB84PNF0knLkOwD4A67NMNp8pU9pA9lI56RSyKDkFd+qYRBSeEXSepbSOA+BhvQaCZiVEiao3LBlh7/6Sp5ni+Rdt3hGKcd+JRQyedEmTkg9h8NbtR6LvI90EiMhyVg6WLCzlGAtFFBcSvIqssrC/KDHCjd4uMzXeW23wUB40dU1PpwkLPtcNVvIzgxqYRsRPFOXZxGxQYGpBWtzDveqgmeLwavhU481wHfCwqpyXJZflbR+UzWdr+zbmSFdJadlLdHeooNGvRC+av0MK4YMCCgu1Em34IeawpiesFhhj/IVGa2xQWjXE0MF3SDLvlh5yMqNPodTZ7FAEZgD7rTYIbaH8JHiYbgI6v7/ANPcFqw2eKT7wVP8cTL1yPedcZcU,iv:J7JYA98NHxM0tExfUdjkir6/+tkOkPLMBNdjXBP9fbA=,tag:WaCWmrzLgr9lDUL+jxeMNA==,type:str]
|
||||
attic-nix-cache-reader: ENC[AES256_GCM,data:78jJJh332XvFx29HxNW7CULMNMsQ2xMTCIIk5oX5AimBoFXXVH7z9EGFbDimwfaYlsPK6xuU+9mnCnhCjCoGFRX9GQbW+Z2D9TGMsBfe3eztbWlcJ++EkWSCbHKEIGKTF13aRGrKRIOjIy9Gl3qZt4BnZtQPFMOzQO8u80M116u3w4ttqz9rzaIrXWB6GIMI5lWF5rQe5ML1vDgvL2KNMNkPAAm5O1Fv887woVcqxbPhiNhJGXBSiPZpe3PG8wP6z0GTe/GhMTPCOlVJIdsxKnEaRaTSAtVazFos5zSMvLYYrbj6ISoS9tEQ6bFMy6xl,iv:dGDSTtsQlwElerRXpT97uapzOh766bysZTQMjUEEJnM=,tag:OQOYmQqKywdSjUUXnELdpQ==,type:str]
|
||||
attic-nix-cache-writer: ENC[AES256_GCM,data:IIrGw+MtZEZqJdNGPryN5xKg7UOP+0kjzpthhyRdQz0P3yS/vThSaV+VuduQq5WgnaNjXLA6LBU+cufmVmvrkeTkZ281976sLTbYzrPCW/hCy1+w7qdv6vauaFsLqtnmWlHNwCIkXbUvQWq56WvP6m1PuYaUIFYn3SUprQ1du+X0buK1FUOhSH4HXfiqpNJOomLhok9M0Tyzn8yK5Fn1dzmJ8tsgBczzhWeZzsj4TuksFLV2r6NXzeQp2jWQkxv39Eg6Lf+0eaHxWQFR4s2uKYzwdsDOnpSmUgXFTzVB6RGAEpasKkVZ2NfG4GeUKBFPDVJoR6ilLZA=,iv:e58OGCbgLIIzKfBALtrsYmWg9Gp0nySNYsJ3X5IWp4I=,tag:bnwBipVK3BSOizg8twQ4lQ==,type:str]
|
||||
attic-nix-cache-admin: ENC[AES256_GCM,data:xHJGeU4EUn1HRy2nIValiJ6iLZnYmmT6Njv/cGMh15Q0hJXKNBSsi8f0mAfLI7EX+GaC299VKh2uTlU25jptrAvogLxNJIc+LZBLsSkyGE/ojqqevHMKmZ/6eciLZRQL5ey9TM3V9HHyDOhGaFgdfawtwg/vyvbV13lZBKpqneAX9T3gPRuKRjV4/Uc/5cUckiOF8bQ50xVFN8Cql9HgGDJEGWgg4XUTPu5eYspof2EN63pYvU7wg6HD2begeLDvqc2/i2DIcsc0wqc5DgkY/dH2YtcssBtU8AR9vKpl+HmH/wvt6dfaEyZ7hF7ITGwWnOO6H2ko3SjYRfHkFK3XDmm1YRRjfkptnw==,iv:BdVgNyZ1azl5tKfH+RTeXuNV/rYY6hPvrareKlIXSeQ=,tag:/ar87eAjMod4TmQXoerNBQ==,type:str]
|
||||
attic-nix-cache-creator: ENC[AES256_GCM,data:P0iBdy4IYrxcq7v4wTgwwZvAfVdRFo08pi0zvpY9cP9BDCwbBnp+3qDKWL29rC7OxsaLtmRkvPmbkF3ZX3Yu5OaptwVg2Xi0vNqhk3gu5Fdj8ygPigB0ZtimkfWv1QkctoVoXKXuLv6Xd4XKPCWOOIekWlJsBRcyfyzkyFURkU9tBBkXyEAWItho/J8hJr6r00eA3EN4rTe8Ge+PGpfTfpZVpnoGrC35xPnGLq19+b44DectHDTkMZrZKxiCaVIgKUZDLaFgi6a6PsX+L1HQAIZukXJu3m4BPdvzzby+zgX24pVJOYjAUB2BwO9jUlMS6+7qo0p6k01uLicryfKx/ajdAHcy39tFHX7naA4JriC2/FgI2HlFGp0Lc+g0pfdCYwLs5QBfRaOHyrbFWUDG,iv:OBrgnewqBaug00ygAXs0eFs3LqcHqo1EW96N5I38A0o=,tag:V+Gn47O6AH1RwL9qJLpAkw==,type:str]
|
||||
attic-nix-cache-reader: ENC[AES256_GCM,data:DWIkRri3lHJOVXIAbHWJL7cCV4FHjB91bbpPAib/5ZDKap3xjnxUjwswc7wjO1hCoV3+gmep1a64kma6MJts4bcAug5bPyrrPy//rVpCYvSbSmbPz5k4sW5GLU/Sf4NyBevsQo9KRrphpoSUQEFQB27vabYDjjkB051/qJo1B9B7nqmrSyd3np4YdyHAgUiMyJt0oqx8nXySz3XZU+DIM8/OhMZILpnEWIgyP2K7j8JNNpZZJ5sD/icUy6Vba/4LcKjtmYtfQ+HO1soyF6aMiQSjhp7fzJHktwa9kgB3oDzIg3KyCJYS2RNW7mW9Dd1T,iv:fvhGFU22KgknMpJbOkA3v29bKzRVX6hi7V7xJgSUjPg=,tag:TjGSUl0XXS7jlhP/NG4cvQ==,type:str]
|
||||
attic-nix-cache-writer: ENC[AES256_GCM,data:vxSeys7EJDyatZFpeyxeDzaKGqDtm3atpVly6+BPHUFTrlLaVl86roGZjpBB9wwOMuP007qJNva0HQcTONbSyNw/snUU5JpaFWLT87Eu81V8gdulzHwm61caQ4A/e1ylKkdtwalNymBSyWi9b+SOWXTgralrg9L3OHw+nVuZaAi8QXF2ImLoZ2vXl7MGNXParflV2KK2uqfRatDZMbSSFipT0tQpkNTBTA6l8woILK3BKrHdYq+D8n4EmRowSuMWuN1uknyctb4+Ap3AeBITvyJjKejocQ9qK9plP6CChiC4Z1mmt/HOrfXYXiJO+Va64rOYRywMga8=,iv:bAx7iR24dpIOudkiFOc/xmIG73rcaMDdhWjiBO4BsBM=,tag:gtTyldhdRV97YJREG5lPjA==,type:str]
|
||||
attic-nix-cache-admin: ENC[AES256_GCM,data:OP02nJTo0cx8M9cR+P7cpI1gEXCKqXWehlaL+dYGwGSUnQ6iSC25vpdZ5SSnjyhiBZe+VnYld+b5PO+OOt7NMGxVvQ0zcuvrG7qfhEpIfGrbx9S9cEV2eAMchG/Hua609MUTbFYKvpwWw6tFZD2dYYQv2gXI7mYSeN0Tw4i2x1f/+cKDtV+ak+UHRgEe/f5OdE8v5I6dRXUQGVOBSRAQkfYDFuI2JUz4oNJsz66YkdMtgudhqWi4mekODD3v2Gcg/zAv1PogaHaIH1BHNvLQ/DsNVcvLsnTb6inM3cTCyPpHcx+VwPO7g9kYNV8xcCRkAIvX6aFzRVT0tJcEXFWStMnKS8nr8HoKFQ==,iv:ftmN3jK5qa6SwrSyhhL3PZls2hTG6xGa0LW7ycdkYxQ=,tag:TQCELzJQjsMfAJseZ7tB4w==,type:str]
|
||||
gitea-actions-token: ENC[AES256_GCM,data:QTEPMAh1RWWJ/O3yhkQkEBTdVL8XhIRGCDbiM0lLjfILKF4SpSJ2sA==,iv:mBaaB1JHb2KVc9n2pdeX4pSMvb7q5z3joMT7rR5Whgs=,tag:ef+58SI4AUeqUsk3RVDsRQ==,type:str]
|
||||
gitea-pr-token: ENC[AES256_GCM,data:ybTya4X2wd65pNFSGbQkg73lu66GNtSba4yf8J6tT8XkuOtfvtBS4g==,iv:39mJiAlw4kud4l06jOpxOCRumChE/5q8IBNsPHG1rMc=,tag:MEvHD2b9E3fVHLlz7haNyw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1qw5k8h72k3fjg5gmlxx8q8gwlc2k6n6u08d8hdzpm2pk9r0fnfxsmw33nh
|
||||
enc: |
|
||||
@ -39,8 +42,8 @@ sops:
|
||||
ZERFTlFyNjhOb3VCaW43ZXFHT1Vxc0UK7YV+BU7dCEOZxpqkQA394eDsnthvorj6
|
||||
7bqrCdeU+6DU7DmFs6++BrNO2tx8vvOa1im+ZGrM/gZAJdv/7R2d6Q==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-04-07T23:43:57Z"
|
||||
mac: ENC[AES256_GCM,data:ygQzxSpGJqXwkOq7jGDeflA2FTSSxnre/PXm0LxmxzQQW5s7LeIVSI75fMqWir0WU3Pi/xroYGEWjpCG6JvxV5RiJycTONk8VE7c3jtw3AbrHSS0b1K5tJ+Sf+q3rHJFWWk/COrPk8IsRFNb+taqH4jnaH3AAVNo5u0C1CHKMes=,iv:FO2GVDXE8SjjA81/9cDwc+dX8kJ2oHt5kqkhNBuMb54=,tag:hgzRAmsh32SCvJEvKyV+vg==,type:str]
|
||||
lastmodified: "2025-03-18T22:08:52Z"
|
||||
mac: ENC[AES256_GCM,data:3Hr8FyzfZvvtyusqdDOjggDGFlBwyOq2VND+/jtNbY5i5JPK+qTkamn98IKkcHSPooaIVzEAek91fZDo90mYRhCzEwfbLATmFXPHsZHUg+5nD8VzcNUWQDb2/ey4RPhzTMtXfY9v9wdIcTdBKYKSZ61puptSX8nJ2S74ag6B5AY=,iv:J+VxUvwWE496DqTsVXdlpxgkf8zGT9uDvt6RLrmc0n0=,tag:X2Qg3DDzOTBDqo+6eQPHvw==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-09-05T06:10:22Z"
|
||||
enc: |-
|
||||
@ -55,4 +58,4 @@ sops:
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 5EFFB75F7C9B74EAA5C4637547940175096C1330
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.10.1
|
||||
version: 3.9.4
|
||||
|
@ -14,7 +14,6 @@
|
||||
hashedPasswordFile = config.sops.secrets."${name}/user-password".path or null;
|
||||
openssh.authorizedKeys.keys = publicKeys;
|
||||
extraGroups = [
|
||||
"users"
|
||||
"wheel"
|
||||
"media"
|
||||
(lib.mkIf config.networking.networkmanager.enable "networkmanager")
|
||||
|
@ -10,4 +10,4 @@ set -e
|
||||
script_path=$(dirname "$(readlink -f $0)")
|
||||
parent_path=$(dirname "$script_path")
|
||||
|
||||
nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --compare-drvs --allow-import-from-derivation --compare-output-to-file "$parent_path"
|
||||
nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --compare-drvs --compare-output-to-file "$parent_path"
|
||||
|
@ -16,4 +16,4 @@ script_path=$(dirname "$(readlink -f $0)")
|
||||
parent_path=$(dirname "$script_path")
|
||||
out_path="$parent_path/$1.json"
|
||||
|
||||
nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --evaluate --allow-import-from-derivation --json "$out_path" "$parent_path"
|
||||
nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --evaluate --json "$out_path" "$parent_path"
|
||||
|
@ -1,33 +0,0 @@
|
||||
#!/usr/bin/env nix
|
||||
#! nix shell nixpkgs#python3 --command python
|
||||
import logging
|
||||
|
||||
def inject_diff():
|
||||
source_file = 'post-diff'
|
||||
target_file = 'pr_body.md'
|
||||
placeholder = "nix-diff-placeholder"
|
||||
|
||||
logging.info(f"injecting '{source_file}' into '{target_file}' using '{placeholder}' as a placeholder")
|
||||
|
||||
out = []
|
||||
with open(source_file,'r') as src:
|
||||
src_content = src.read()
|
||||
if len(src_content) > 60000:
|
||||
logging.warning(f"{source_file} is longer than 60k characters, truncating")
|
||||
src_content = src_content[:60000]
|
||||
with open(target_file,'r') as tgt:
|
||||
for line in tgt.readlines():
|
||||
if placeholder in line:
|
||||
out.append(line.replace(placeholder,src_content))
|
||||
else:
|
||||
out.append(line)
|
||||
|
||||
with open(target_file,'w') as tgt:
|
||||
tgt.writelines(out)
|
||||
|
||||
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
logging.basicConfig( level=logging.INFO)
|
||||
inject_diff()
|
Loading…
x
Reference in New Issue
Block a user