rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2024-11-15 05:13:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

ran deadnix

Browse source
This commit is contained in:
Rouven Seifert 2024-09-10 13:12:09 +02:00
parent cf5fdaed5d
commit 2281866548
7 changed files with 105 additions and 109 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

114
flake.lock
View file

@ -33,14 +33,15 @@
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"napalm": "napalm", "napalm": "napalm",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"poetry2nix": "poetry2nix" "poetry2nix": "poetry2nix",
"systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1724362025, "lastModified": 1725809370,
"narHash": "sha256-/fzIU/Hjgksy7A4ji09zK6cH7ATQV5rAEYb/wgBw8x8=", "narHash": "sha256-uUc+TbF17Q9H00aj1cbZGB25Tob6PpZ9M0RoY/jOo6s=",
"owner": "nix-community", "owner": "nix-community",
"repo": "authentik-nix", "repo": "authentik-nix",
"rev": "39cf62b92149800dd2a436f8b18acd471c9180dd", "rev": "0fd076529b40e7fc7304a398618cab76ff7e96c3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -52,16 +53,16 @@
"authentik-src": { "authentik-src": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1724339964, "lastModified": 1725718494,
"narHash": "sha256-QwK/auMLCJEHHtyexFnO+adCq/u0fezHQ90fXW9J4c4=", "narHash": "sha256-X4Bwm7s6/8HcvKE+kyqwU+M1GEK/+RVHtDK1GpkuM4s=",
"owner": "goauthentik", "owner": "goauthentik",
"repo": "authentik", "repo": "authentik",
"rev": "8a0b31b9227ca33b96c5448f185419f17090ed38", "rev": "f5580d311d01f2202b666f76931ed04f30b9ec30",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "goauthentik", "owner": "goauthentik",
"ref": "version/2024.6.4", "ref": "version/2024.8.1",
"repo": "authentik", "repo": "authentik",
"type": "github" "type": "github"
} }
@ -183,11 +184,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1722555600, "lastModified": 1725234343,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", "narHash": "sha256-+ebgonl3NbiKD2UD0x4BszCZQ6sTfL4xioaM49o5B3Y=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d", "rev": "567b938d64d4b4112ee253b9274472dc3a346eb6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -219,7 +220,10 @@
}, },
"flake-utils": { "flake-utils": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": [
"authentik",
"systems"
]
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1710146030,
@ -252,7 +256,7 @@
}, },
"flake-utils_3": { "flake-utils_3": {
"inputs": { "inputs": {
"systems": "systems_4" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1710146030,
@ -297,11 +301,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1725180166, "lastModified": 1725948275,
"narHash": "sha256-fzssXuGR/mCeGbzM1ExaTqDz7QDGta3WA4jJsZyRruo=", "narHash": "sha256-4QOPemDQ9VRLQaAdWuvdDBhh+lEUOAnSMHhdr4nS1mk=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "471e3eb0a114265bcd62d11d58ba8d3421ee68eb", "rev": "e5fa72bad0c6f533e8d558182529ee2acc9454fe",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -332,11 +336,11 @@
}, },
"impermanence": { "impermanence": {
"locked": { "locked": {
"lastModified": 1724489415, "lastModified": 1725690722,
"narHash": "sha256-ey8vhwY/6XCKoh7fyTn3aIQs7WeYSYtLbYEG87VCzX4=", "narHash": "sha256-4qWg9sNh5g1qPGO6d/GV2ktY+eDikkBTbWSg5/iD2nY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "impermanence", "repo": "impermanence",
"rev": "c7f5b394397398c023000cf843986ee2571a1fd7", "rev": "63f4d0443e32b0dd7189001ee1894066765d18a5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -384,15 +388,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1717929455, "lastModified": 1725806412,
"narHash": "sha256-BiI5xWygriOJuNISnGAeL0KYxrEMnjgpg+7wDskVBhI=", "narHash": "sha256-lGZjkjds0p924QEhm/r0BhAxbHBJE1xMOldB/HmQH04=",
"owner": "nix-community", "owner": "willibutz",
"repo": "napalm", "repo": "napalm",
"rev": "e1babff744cd278b56abe8478008b4a9e23036cf", "rev": "b492440d9e64ae20736d3bec5c7715ffcbde83f5",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "willibutz",
"ref": "avoid-foldl-stack-overflow",
"repo": "napalm", "repo": "napalm",
"type": "github" "type": "github"
} }
@ -445,11 +450,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1725161148, "lastModified": 1725765290,
"narHash": "sha256-WfAHq3Ag3vLNFfWxKHjFBFdPI6JIideWFJod9mx1eoo=", "narHash": "sha256-hwX53i24KyWzp2nWpQsn8lfGQNCP0JoW/bvQmcR1DPY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-index-database", "repo": "nix-index-database",
"rev": "32058e9138248874773630c846563b1a78ee7a5b", "rev": "642275444c5a9defce57219c944b3179bf2adaa9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -460,11 +465,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1724224976, "lastModified": 1725634671,
"narHash": "sha256-Z/ELQhrSd7bMzTO8r7NZgi9g5emh+aRKoCdaAv5fiO0=", "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "c374d94f1536013ca8e92341b540eba4c22f9c62", "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -476,14 +481,14 @@
}, },
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1722555339, "lastModified": 1725233747,
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=", "narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=",
"type": "tarball", "type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
} }
}, },
"nixpkgs-lib_2": { "nixpkgs-lib_2": {
@ -519,11 +524,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1725103162, "lastModified": 1725634671,
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=", "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b", "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -563,15 +568,18 @@
"authentik", "authentik",
"nixpkgs" "nixpkgs"
], ],
"systems": "systems_3", "systems": [
"authentik",
"systems"
],
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1724208502, "lastModified": 1725532428,
"narHash": "sha256-TCRcEPSfgAw/t7kClmlr23s591N06mQCrhzlAO7cyFw=", "narHash": "sha256-dCfawQDwpukcwQw++Cn/3LIh/RZMmH+k3fm91Oc5Pf0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "poetry2nix", "repo": "poetry2nix",
"rev": "884b66152b0c625b8220b570a31dc7acc36749a3", "rev": "a313fd7169ae43ecd1a2ea2f1e4899fe3edba4d2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -685,34 +693,20 @@
}, },
"systems_2": { "systems_2": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1689347949,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default", "repo": "default-linux",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default", "repo": "default-linux",
"type": "github" "type": "github"
} }
}, },
"systems_3": { "systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"id": "systems",
"type": "indirect"
}
},
"systems_4": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",

3
flake.nix
View file

@ -53,7 +53,6 @@
{ self { self
, nixpkgs , nixpkgs
, home-manager , home-manager
, dns
, nix-index-database , nix-index-database
, agenix , agenix
, authentik , authentik
@ -70,7 +69,7 @@
# thinkpad = self.nixosConfigurations.thinkpad.config.system.build.toplevel; # thinkpad = self.nixosConfigurations.thinkpad.config.system.build.toplevel;
jmri = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/jmri { }; jmri = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/jmri { };
adguardian-term = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/adguardian-term { }; adguardian-term = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/adguardian-term { };
matrix-authentication-service = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/matrix-authentication-service { }; # matrix-authentication-service = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/matrix-authentication-service { };
pww = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/pww { }; pww = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/pww { };
gnome-break-timer = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/gnome-break-timer { }; gnome-break-timer = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/gnome-break-timer { };
hashcash-milter = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/hashcash-milter { }; hashcash-milter = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/hashcash-milter { };

2
hosts/falkenstein/modules/dns/default.nix
View file

@ -36,7 +36,7 @@ let
subdomains = subdomains =
let let
getVirtualHosts = hostname: map (name: builtins.substring 0 (builtins.stringLength name - (builtins.stringLength domain + 1)) name) (builtins.attrNames self.nixosConfigurations."${hostname}".config.services.caddy.virtualHosts); getVirtualHosts = hostname: map (name: builtins.substring 0 (builtins.stringLength name - (builtins.stringLength domain + 1)) name) (builtins.attrNames self.nixosConfigurations."${hostname}".config.services.caddy.virtualHosts);
genCNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (label: { CNAME = [ "${hostname}.${domain}." ]; }); genCNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (_label: { CNAME = [ "${hostname}.${domain}." ]; });
in in
lib.attrsets.mergeAttrsList [ lib.attrsets.mergeAttrsList [
rec { rec {

2
hosts/falkenstein/modules/monitoring/dmarc.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }: { config, ... }:
{ {
# required for elasticsearch # required for elasticsearch
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;

88
hosts/thinkpad/default.nix
View file

@ -53,56 +53,56 @@
console.keyMap = "dvorak"; console.keyMap = "dvorak";
# services.openldap = { services.openldap = {
# enable = true; enable = true;
# urlList = [ "ldap:///" ]; urlList = [ "ldap:///" ];
# settings = { settings = {
# attrs = { attrs = {
# olcLogLevel = "conns config"; olcLogLevel = "conns config";
# }; };
# children = { children = {
# "cn=schema".includes = [ "cn=schema".includes = [
# "${pkgs.openldap}/etc/schema/core.ldif" "${pkgs.openldap}/etc/schema/core.ldif"
# # attributetype ( 9999.1.1 NAME 'isMemberOf' # attributetype ( 9999.1.1 NAME 'isMemberOf'
# # DESC 'back-reference to groups this user is a member of' # DESC 'back-reference to groups this user is a member of'
# # SUP distinguishedName ) # SUP distinguishedName )
# "${pkgs.openldap}/etc/schema/cosine.ldif" "${pkgs.openldap}/etc/schema/cosine.ldif"
# "${pkgs.openldap}/etc/schema/inetorgperson.ldif" "${pkgs.openldap}/etc/schema/inetorgperson.ldif"
# "${pkgs.openldap}/etc/schema/nis.ldif" "${pkgs.openldap}/etc/schema/nis.ldif"
# # "${pkgs.writeText "openssh.schema" '' # "${pkgs.writeText "openssh.schema" ''
# # attributetype ( 9999.1.2 NAME 'sshPublicKey' # attributetype ( 9999.1.2 NAME 'sshPublicKey'
# # DESC 'SSH public key used by this user' # DESC 'SSH public key used by this user'
# # SUP name ) # SUP name )
# # ''}" # ''}"
# ]; ];
# "olcDatabase={1}mdb".attrs = { "olcDatabase={1}mdb".attrs = {
# objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ]; objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
# olcDatabase = "{1}mdb"; olcDatabase = "{1}mdb";
# olcDbDirectory = "/var/lib/openldap/data"; olcDbDirectory = "/var/lib/openldap/data";
# olcSuffix = "dc=ifsr,dc=de"; olcSuffix = "dc=ifsr,dc=de";
# /* your admin account, do not use writeText on a production system */ /* your admin account, do not use writeText on a production system */
# olcRootDN = "cn=portunus,dc=ifsr,dc=de"; olcRootDN = "cn=portunus,dc=ifsr,dc=de";
# olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32"; olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
# olcAccess = [ olcAccess = [
# /* custom access rules for userPassword attributes */ /* custom access rules for userPassword attributes */
# ''{0}to attrs=userPassword ''{0}to attrs=userPassword
# by self write by self write
# by anonymous auth by anonymous auth
# by * none'' by * none''
# /* allow read on anything else */ /* allow read on anything else */
# ''{1}to * ''{1}to *
# by * read'' by * read''
# ]; ];
# }; };
# }; };
# }; };
# }; };
services = { services = {

3
hosts/thinkpad/modules/virtualisation/default.nix
View file

@ -5,6 +5,9 @@
# enable = true; # enable = true;
# defaultNetwork.settings.dns_enabled = true; # defaultNetwork.settings.dns_enabled = true;
# }; # };
docker = {
enable = true;
};
libvirtd = { libvirtd = {
enable = true; enable = true;
qemu = { qemu = {

2
shared/systemd.nix
View file

@ -1,4 +1,4 @@
{ pkgs, lib, nixpkgs-systemd-256, ... }: { pkgs, lib, ... }:
{ {
systemd = { systemd = {