rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2024-11-25 17:11:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

ran deadnix

Browse source
This commit is contained in:
Rouven Seifert 2024-09-10 13:12:09 +02:00
parent cf5fdaed5d
commit 2281866548
7 changed files with 105 additions and 109 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

114
flake.lock
View file

@ -33,14 +33,15 @@
"flake-utils": "flake-utils",
"napalm": "napalm",
"nixpkgs": "nixpkgs",
"poetry2nix": "poetry2nix"
"poetry2nix": "poetry2nix",
"systems": "systems_2"
},
"locked": {
"lastModified": 1724362025,
"narHash": "sha256-/fzIU/Hjgksy7A4ji09zK6cH7ATQV5rAEYb/wgBw8x8=",
"lastModified": 1725809370,
"narHash": "sha256-uUc+TbF17Q9H00aj1cbZGB25Tob6PpZ9M0RoY/jOo6s=",
"owner": "nix-community",
"repo": "authentik-nix",
"rev": "39cf62b92149800dd2a436f8b18acd471c9180dd",
"rev": "0fd076529b40e7fc7304a398618cab76ff7e96c3",
"type": "github"
},
"original": {
@ -52,16 +53,16 @@
"authentik-src": {
"flake": false,
"locked": {
"lastModified": 1724339964,
"narHash": "sha256-QwK/auMLCJEHHtyexFnO+adCq/u0fezHQ90fXW9J4c4=",
"lastModified": 1725718494,
"narHash": "sha256-X4Bwm7s6/8HcvKE+kyqwU+M1GEK/+RVHtDK1GpkuM4s=",
"owner": "goauthentik",
"repo": "authentik",
"rev": "8a0b31b9227ca33b96c5448f185419f17090ed38",
"rev": "f5580d311d01f2202b666f76931ed04f30b9ec30",
"type": "github"
},
"original": {
"owner": "goauthentik",
"ref": "version/2024.6.4",
"ref": "version/2024.8.1",
"repo": "authentik",
"type": "github"
}
@ -183,11 +184,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1722555600,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
"lastModified": 1725234343,
"narHash": "sha256-+ebgonl3NbiKD2UD0x4BszCZQ6sTfL4xioaM49o5B3Y=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
"rev": "567b938d64d4b4112ee253b9274472dc3a346eb6",
"type": "github"
},
"original": {
@ -219,7 +220,10 @@
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
"systems": [
"authentik",
"systems"
]
},
"locked": {
"lastModified": 1710146030,
@ -252,7 +256,7 @@
},
"flake-utils_3": {
"inputs": {
"systems": "systems_4"
"systems": "systems_3"
},
"locked": {
"lastModified": 1710146030,
@ -297,11 +301,11 @@
]
},
"locked": {
"lastModified": 1725180166,
"narHash": "sha256-fzssXuGR/mCeGbzM1ExaTqDz7QDGta3WA4jJsZyRruo=",
"lastModified": 1725948275,
"narHash": "sha256-4QOPemDQ9VRLQaAdWuvdDBhh+lEUOAnSMHhdr4nS1mk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "471e3eb0a114265bcd62d11d58ba8d3421ee68eb",
"rev": "e5fa72bad0c6f533e8d558182529ee2acc9454fe",
"type": "github"
},
"original": {
@ -332,11 +336,11 @@
},
"impermanence": {
"locked": {
"lastModified": 1724489415,
"narHash": "sha256-ey8vhwY/6XCKoh7fyTn3aIQs7WeYSYtLbYEG87VCzX4=",
"lastModified": 1725690722,
"narHash": "sha256-4qWg9sNh5g1qPGO6d/GV2ktY+eDikkBTbWSg5/iD2nY=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "c7f5b394397398c023000cf843986ee2571a1fd7",
"rev": "63f4d0443e32b0dd7189001ee1894066765d18a5",
"type": "github"
},
"original": {
@ -384,15 +388,16 @@
]
},
"locked": {
"lastModified": 1717929455,
"narHash": "sha256-BiI5xWygriOJuNISnGAeL0KYxrEMnjgpg+7wDskVBhI=",
"owner": "nix-community",
"lastModified": 1725806412,
"narHash": "sha256-lGZjkjds0p924QEhm/r0BhAxbHBJE1xMOldB/HmQH04=",
"owner": "willibutz",
"repo": "napalm",
"rev": "e1babff744cd278b56abe8478008b4a9e23036cf",
"rev": "b492440d9e64ae20736d3bec5c7715ffcbde83f5",
"type": "github"
},
"original": {
"owner": "nix-community",
"owner": "willibutz",
"ref": "avoid-foldl-stack-overflow",
"repo": "napalm",
"type": "github"
}
@ -445,11 +450,11 @@
]
},
"locked": {
"lastModified": 1725161148,
"narHash": "sha256-WfAHq3Ag3vLNFfWxKHjFBFdPI6JIideWFJod9mx1eoo=",
"lastModified": 1725765290,
"narHash": "sha256-hwX53i24KyWzp2nWpQsn8lfGQNCP0JoW/bvQmcR1DPY=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "32058e9138248874773630c846563b1a78ee7a5b",
"rev": "642275444c5a9defce57219c944b3179bf2adaa9",
"type": "github"
},
"original": {
@ -460,11 +465,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1724224976,
"narHash": "sha256-Z/ELQhrSd7bMzTO8r7NZgi9g5emh+aRKoCdaAv5fiO0=",
"lastModified": 1725634671,
"narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c374d94f1536013ca8e92341b540eba4c22f9c62",
"rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
"type": "github"
},
"original": {
@ -476,14 +481,14 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1722555339,
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
"lastModified": 1725233747,
"narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
}
},
"nixpkgs-lib_2": {
@ -519,11 +524,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1725103162,
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
"lastModified": 1725634671,
"narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
"rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
"type": "github"
},
"original": {
@ -563,15 +568,18 @@
"authentik",
"nixpkgs"
],
"systems": "systems_3",
"systems": [
"authentik",
"systems"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1724208502,
"narHash": "sha256-TCRcEPSfgAw/t7kClmlr23s591N06mQCrhzlAO7cyFw=",
"lastModified": 1725532428,
"narHash": "sha256-dCfawQDwpukcwQw++Cn/3LIh/RZMmH+k3fm91Oc5Pf0=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "884b66152b0c625b8220b570a31dc7acc36749a3",
"rev": "a313fd7169ae43ecd1a2ea2f1e4899fe3edba4d2",
"type": "github"
},
"original": {
@ -685,34 +693,20 @@
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"repo": "default-linux",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"id": "systems",
"type": "indirect"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",

3
flake.nix
View file

@ -53,7 +53,6 @@
{ self
, nixpkgs
, home-manager
, dns
, nix-index-database
, agenix
, authentik
@ -70,7 +69,7 @@
# thinkpad = self.nixosConfigurations.thinkpad.config.system.build.toplevel;
jmri = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/jmri { };
adguardian-term = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/adguardian-term { };
matrix-authentication-service = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/matrix-authentication-service { };
# matrix-authentication-service = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/matrix-authentication-service { };
pww = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/pww { };
gnome-break-timer = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/gnome-break-timer { };
hashcash-milter = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/hashcash-milter { };

2
hosts/falkenstein/modules/dns/default.nix
View file

@ -36,7 +36,7 @@ let
subdomains =
let
getVirtualHosts = hostname: map (name: builtins.substring 0 (builtins.stringLength name - (builtins.stringLength domain + 1)) name) (builtins.attrNames self.nixosConfigurations."${hostname}".config.services.caddy.virtualHosts);
genCNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (label: { CNAME = [ "${hostname}.${domain}." ]; });
genCNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (_label: { CNAME = [ "${hostname}.${domain}." ]; });
in
lib.attrsets.mergeAttrsList [
rec {

2
hosts/falkenstein/modules/monitoring/dmarc.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }:
{ config, ... }:
{
# required for elasticsearch
nixpkgs.config.allowUnfree = true;

88
hosts/thinkpad/default.nix
View file

@ -53,56 +53,56 @@
console.keyMap = "dvorak";
# services.openldap = {
# enable = true;
# urlList = [ "ldap:///" ];
# settings = {
# attrs = {
# olcLogLevel = "conns config";
# };
# children = {
# "cn=schema".includes = [
# "${pkgs.openldap}/etc/schema/core.ldif"
# # attributetype ( 9999.1.1 NAME 'isMemberOf'
# # DESC 'back-reference to groups this user is a member of'
# # SUP distinguishedName )
# "${pkgs.openldap}/etc/schema/cosine.ldif"
# "${pkgs.openldap}/etc/schema/inetorgperson.ldif"
# "${pkgs.openldap}/etc/schema/nis.ldif"
# # "${pkgs.writeText "openssh.schema" ''
# # attributetype ( 9999.1.2 NAME 'sshPublicKey'
# # DESC 'SSH public key used by this user'
# # SUP name )
# # ''}"
# ];
services.openldap = {
enable = true;
urlList = [ "ldap:///" ];
settings = {
attrs = {
olcLogLevel = "conns config";
};
children = {
"cn=schema".includes = [
"${pkgs.openldap}/etc/schema/core.ldif"
# attributetype ( 9999.1.1 NAME 'isMemberOf'
# DESC 'back-reference to groups this user is a member of'
# SUP distinguishedName )
"${pkgs.openldap}/etc/schema/cosine.ldif"
"${pkgs.openldap}/etc/schema/inetorgperson.ldif"
"${pkgs.openldap}/etc/schema/nis.ldif"
# "${pkgs.writeText "openssh.schema" ''
# attributetype ( 9999.1.2 NAME 'sshPublicKey'
# DESC 'SSH public key used by this user'
# SUP name )
# ''}"
];
# "olcDatabase={1}mdb".attrs = {
# objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
"olcDatabase={1}mdb".attrs = {
objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
# olcDatabase = "{1}mdb";
# olcDbDirectory = "/var/lib/openldap/data";
olcDatabase = "{1}mdb";
olcDbDirectory = "/var/lib/openldap/data";
# olcSuffix = "dc=ifsr,dc=de";
olcSuffix = "dc=ifsr,dc=de";
# /* your admin account, do not use writeText on a production system */
# olcRootDN = "cn=portunus,dc=ifsr,dc=de";
# olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
/* your admin account, do not use writeText on a production system */
olcRootDN = "cn=portunus,dc=ifsr,dc=de";
olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
# olcAccess = [
# /* custom access rules for userPassword attributes */
# ''{0}to attrs=userPassword
# by self write
# by anonymous auth
# by * none''
olcAccess = [
/* custom access rules for userPassword attributes */
''{0}to attrs=userPassword
by self write
by anonymous auth
by * none''
# /* allow read on anything else */
# ''{1}to *
# by * read''
# ];
# };
# };
# };
# };
/* allow read on anything else */
''{1}to *
by * read''
];
};
};
};
};
services = {

3
hosts/thinkpad/modules/virtualisation/default.nix
View file

@ -5,6 +5,9 @@
# enable = true;
# defaultNetwork.settings.dns_enabled = true;
# };
docker = {
enable = true;
};
libvirtd = {
enable = true;
qemu = {

2
shared/systemd.nix
View file

@ -1,4 +1,4 @@
{ pkgs, lib, nixpkgs-systemd-256, ... }:
{ pkgs, lib, ... }:
{
systemd = {