mirror of
https://git.sr.ht/~rouven/nixos-config
synced 2024-11-25 17:11:06 +01:00
ran deadnix
This commit is contained in:
parent
cf5fdaed5d
commit
2281866548
114
flake.lock
114
flake.lock
|
@ -33,14 +33,15 @@
|
|||
"flake-utils": "flake-utils",
|
||||
"napalm": "napalm",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"poetry2nix": "poetry2nix"
|
||||
"poetry2nix": "poetry2nix",
|
||||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1724362025,
|
||||
"narHash": "sha256-/fzIU/Hjgksy7A4ji09zK6cH7ATQV5rAEYb/wgBw8x8=",
|
||||
"lastModified": 1725809370,
|
||||
"narHash": "sha256-uUc+TbF17Q9H00aj1cbZGB25Tob6PpZ9M0RoY/jOo6s=",
|
||||
"owner": "nix-community",
|
||||
"repo": "authentik-nix",
|
||||
"rev": "39cf62b92149800dd2a436f8b18acd471c9180dd",
|
||||
"rev": "0fd076529b40e7fc7304a398618cab76ff7e96c3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -52,16 +53,16 @@
|
|||
"authentik-src": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1724339964,
|
||||
"narHash": "sha256-QwK/auMLCJEHHtyexFnO+adCq/u0fezHQ90fXW9J4c4=",
|
||||
"lastModified": 1725718494,
|
||||
"narHash": "sha256-X4Bwm7s6/8HcvKE+kyqwU+M1GEK/+RVHtDK1GpkuM4s=",
|
||||
"owner": "goauthentik",
|
||||
"repo": "authentik",
|
||||
"rev": "8a0b31b9227ca33b96c5448f185419f17090ed38",
|
||||
"rev": "f5580d311d01f2202b666f76931ed04f30b9ec30",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "goauthentik",
|
||||
"ref": "version/2024.6.4",
|
||||
"ref": "version/2024.8.1",
|
||||
"repo": "authentik",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -183,11 +184,11 @@
|
|||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1722555600,
|
||||
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
|
||||
"lastModified": 1725234343,
|
||||
"narHash": "sha256-+ebgonl3NbiKD2UD0x4BszCZQ6sTfL4xioaM49o5B3Y=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
|
||||
"rev": "567b938d64d4b4112ee253b9274472dc3a346eb6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -219,7 +220,10 @@
|
|||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
"systems": [
|
||||
"authentik",
|
||||
"systems"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710146030,
|
||||
|
@ -252,7 +256,7 @@
|
|||
},
|
||||
"flake-utils_3": {
|
||||
"inputs": {
|
||||
"systems": "systems_4"
|
||||
"systems": "systems_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710146030,
|
||||
|
@ -297,11 +301,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1725180166,
|
||||
"narHash": "sha256-fzssXuGR/mCeGbzM1ExaTqDz7QDGta3WA4jJsZyRruo=",
|
||||
"lastModified": 1725948275,
|
||||
"narHash": "sha256-4QOPemDQ9VRLQaAdWuvdDBhh+lEUOAnSMHhdr4nS1mk=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "471e3eb0a114265bcd62d11d58ba8d3421ee68eb",
|
||||
"rev": "e5fa72bad0c6f533e8d558182529ee2acc9454fe",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -332,11 +336,11 @@
|
|||
},
|
||||
"impermanence": {
|
||||
"locked": {
|
||||
"lastModified": 1724489415,
|
||||
"narHash": "sha256-ey8vhwY/6XCKoh7fyTn3aIQs7WeYSYtLbYEG87VCzX4=",
|
||||
"lastModified": 1725690722,
|
||||
"narHash": "sha256-4qWg9sNh5g1qPGO6d/GV2ktY+eDikkBTbWSg5/iD2nY=",
|
||||
"owner": "nix-community",
|
||||
"repo": "impermanence",
|
||||
"rev": "c7f5b394397398c023000cf843986ee2571a1fd7",
|
||||
"rev": "63f4d0443e32b0dd7189001ee1894066765d18a5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -384,15 +388,16 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717929455,
|
||||
"narHash": "sha256-BiI5xWygriOJuNISnGAeL0KYxrEMnjgpg+7wDskVBhI=",
|
||||
"owner": "nix-community",
|
||||
"lastModified": 1725806412,
|
||||
"narHash": "sha256-lGZjkjds0p924QEhm/r0BhAxbHBJE1xMOldB/HmQH04=",
|
||||
"owner": "willibutz",
|
||||
"repo": "napalm",
|
||||
"rev": "e1babff744cd278b56abe8478008b4a9e23036cf",
|
||||
"rev": "b492440d9e64ae20736d3bec5c7715ffcbde83f5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"owner": "willibutz",
|
||||
"ref": "avoid-foldl-stack-overflow",
|
||||
"repo": "napalm",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -445,11 +450,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1725161148,
|
||||
"narHash": "sha256-WfAHq3Ag3vLNFfWxKHjFBFdPI6JIideWFJod9mx1eoo=",
|
||||
"lastModified": 1725765290,
|
||||
"narHash": "sha256-hwX53i24KyWzp2nWpQsn8lfGQNCP0JoW/bvQmcR1DPY=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-index-database",
|
||||
"rev": "32058e9138248874773630c846563b1a78ee7a5b",
|
||||
"rev": "642275444c5a9defce57219c944b3179bf2adaa9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -460,11 +465,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1724224976,
|
||||
"narHash": "sha256-Z/ELQhrSd7bMzTO8r7NZgi9g5emh+aRKoCdaAv5fiO0=",
|
||||
"lastModified": 1725634671,
|
||||
"narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "c374d94f1536013ca8e92341b540eba4c22f9c62",
|
||||
"rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -476,14 +481,14 @@
|
|||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"lastModified": 1722555339,
|
||||
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
|
||||
"lastModified": 1725233747,
|
||||
"narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib_2": {
|
||||
|
@ -519,11 +524,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1725103162,
|
||||
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
|
||||
"lastModified": 1725634671,
|
||||
"narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
|
||||
"rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -563,15 +568,18 @@
|
|||
"authentik",
|
||||
"nixpkgs"
|
||||
],
|
||||
"systems": "systems_3",
|
||||
"systems": [
|
||||
"authentik",
|
||||
"systems"
|
||||
],
|
||||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1724208502,
|
||||
"narHash": "sha256-TCRcEPSfgAw/t7kClmlr23s591N06mQCrhzlAO7cyFw=",
|
||||
"lastModified": 1725532428,
|
||||
"narHash": "sha256-dCfawQDwpukcwQw++Cn/3LIh/RZMmH+k3fm91Oc5Pf0=",
|
||||
"owner": "nix-community",
|
||||
"repo": "poetry2nix",
|
||||
"rev": "884b66152b0c625b8220b570a31dc7acc36749a3",
|
||||
"rev": "a313fd7169ae43ecd1a2ea2f1e4899fe3edba4d2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -685,34 +693,20 @@
|
|||
},
|
||||
"systems_2": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"lastModified": 1689347949,
|
||||
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"repo": "default-linux",
|
||||
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"repo": "default-linux",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_3": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "systems",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"systems_4": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
|
|
|
@ -53,7 +53,6 @@
|
|||
{ self
|
||||
, nixpkgs
|
||||
, home-manager
|
||||
, dns
|
||||
, nix-index-database
|
||||
, agenix
|
||||
, authentik
|
||||
|
@ -70,7 +69,7 @@
|
|||
# thinkpad = self.nixosConfigurations.thinkpad.config.system.build.toplevel;
|
||||
jmri = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/jmri { };
|
||||
adguardian-term = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/adguardian-term { };
|
||||
matrix-authentication-service = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/matrix-authentication-service { };
|
||||
# matrix-authentication-service = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/matrix-authentication-service { };
|
||||
pww = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/pww { };
|
||||
gnome-break-timer = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/gnome-break-timer { };
|
||||
hashcash-milter = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/hashcash-milter { };
|
||||
|
|
|
@ -36,7 +36,7 @@ let
|
|||
subdomains =
|
||||
let
|
||||
getVirtualHosts = hostname: map (name: builtins.substring 0 (builtins.stringLength name - (builtins.stringLength domain + 1)) name) (builtins.attrNames self.nixosConfigurations."${hostname}".config.services.caddy.virtualHosts);
|
||||
genCNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (label: { CNAME = [ "${hostname}.${domain}." ]; });
|
||||
genCNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (_label: { CNAME = [ "${hostname}.${domain}." ]; });
|
||||
in
|
||||
lib.attrsets.mergeAttrsList [
|
||||
rec {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, ... }:
|
||||
{ config, ... }:
|
||||
{
|
||||
# required for elasticsearch
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
|
|
@ -53,56 +53,56 @@
|
|||
console.keyMap = "dvorak";
|
||||
|
||||
|
||||
# services.openldap = {
|
||||
# enable = true;
|
||||
# urlList = [ "ldap:///" ];
|
||||
# settings = {
|
||||
# attrs = {
|
||||
# olcLogLevel = "conns config";
|
||||
# };
|
||||
# children = {
|
||||
# "cn=schema".includes = [
|
||||
# "${pkgs.openldap}/etc/schema/core.ldif"
|
||||
# # attributetype ( 9999.1.1 NAME 'isMemberOf'
|
||||
# # DESC 'back-reference to groups this user is a member of'
|
||||
# # SUP distinguishedName )
|
||||
# "${pkgs.openldap}/etc/schema/cosine.ldif"
|
||||
# "${pkgs.openldap}/etc/schema/inetorgperson.ldif"
|
||||
# "${pkgs.openldap}/etc/schema/nis.ldif"
|
||||
# # "${pkgs.writeText "openssh.schema" ''
|
||||
# # attributetype ( 9999.1.2 NAME 'sshPublicKey'
|
||||
# # DESC 'SSH public key used by this user'
|
||||
# # SUP name )
|
||||
# # ''}"
|
||||
# ];
|
||||
services.openldap = {
|
||||
enable = true;
|
||||
urlList = [ "ldap:///" ];
|
||||
settings = {
|
||||
attrs = {
|
||||
olcLogLevel = "conns config";
|
||||
};
|
||||
children = {
|
||||
"cn=schema".includes = [
|
||||
"${pkgs.openldap}/etc/schema/core.ldif"
|
||||
# attributetype ( 9999.1.1 NAME 'isMemberOf'
|
||||
# DESC 'back-reference to groups this user is a member of'
|
||||
# SUP distinguishedName )
|
||||
"${pkgs.openldap}/etc/schema/cosine.ldif"
|
||||
"${pkgs.openldap}/etc/schema/inetorgperson.ldif"
|
||||
"${pkgs.openldap}/etc/schema/nis.ldif"
|
||||
# "${pkgs.writeText "openssh.schema" ''
|
||||
# attributetype ( 9999.1.2 NAME 'sshPublicKey'
|
||||
# DESC 'SSH public key used by this user'
|
||||
# SUP name )
|
||||
# ''}"
|
||||
];
|
||||
|
||||
# "olcDatabase={1}mdb".attrs = {
|
||||
# objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
|
||||
"olcDatabase={1}mdb".attrs = {
|
||||
objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
|
||||
|
||||
# olcDatabase = "{1}mdb";
|
||||
# olcDbDirectory = "/var/lib/openldap/data";
|
||||
olcDatabase = "{1}mdb";
|
||||
olcDbDirectory = "/var/lib/openldap/data";
|
||||
|
||||
# olcSuffix = "dc=ifsr,dc=de";
|
||||
olcSuffix = "dc=ifsr,dc=de";
|
||||
|
||||
# /* your admin account, do not use writeText on a production system */
|
||||
# olcRootDN = "cn=portunus,dc=ifsr,dc=de";
|
||||
# olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
|
||||
/* your admin account, do not use writeText on a production system */
|
||||
olcRootDN = "cn=portunus,dc=ifsr,dc=de";
|
||||
olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
|
||||
|
||||
# olcAccess = [
|
||||
# /* custom access rules for userPassword attributes */
|
||||
# ''{0}to attrs=userPassword
|
||||
# by self write
|
||||
# by anonymous auth
|
||||
# by * none''
|
||||
olcAccess = [
|
||||
/* custom access rules for userPassword attributes */
|
||||
''{0}to attrs=userPassword
|
||||
by self write
|
||||
by anonymous auth
|
||||
by * none''
|
||||
|
||||
# /* allow read on anything else */
|
||||
# ''{1}to *
|
||||
# by * read''
|
||||
# ];
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
/* allow read on anything else */
|
||||
''{1}to *
|
||||
by * read''
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
services = {
|
||||
|
|
|
@ -5,6 +5,9 @@
|
|||
# enable = true;
|
||||
# defaultNetwork.settings.dns_enabled = true;
|
||||
# };
|
||||
docker = {
|
||||
enable = true;
|
||||
};
|
||||
libvirtd = {
|
||||
enable = true;
|
||||
qemu = {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, lib, nixpkgs-systemd-256, ... }:
|
||||
{ pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
systemd = {
|
||||
|
|
Loading…
Reference in a new issue