nyancat/flake
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: nyancat:5852b1cabd160c62e11ea48c4cf860602870f182
Branches Tags
nyancat:master
..
compare: nyancat:4af6d5e6c82e1427bae268d1f4bc5a6af980aa16
Branches Tags
nyancat:master

No commits in common. "5852b1cabd160c62e11ea48c4cf860602870f182" and "4af6d5e6c82e1427bae268d1f4bc5a6af980aa16" have entirely different histories.
5852b1cabd ... 4af6d5e6c8

9 changed files with 67 additions and 53 deletions
Show stats Expand all files Collapse all files

16
home/applications/sway/default.nix
View file

@ -36,13 +36,15 @@
config = { config = {
### Visuals ### Visuals
output."*".bg = "${inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system}.background} fill"; output."*".bg = "${inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system}.background} fill";
bars = lib.singleton { bars = [
statusCommand = "${lib.getExe pkgs.i3status-rust} $HOME/.config/i3status-rust/config-default.toml"; {
position = "top"; statusCommand = "${lib.getExe pkgs.i3status-rust} $HOME/.config/i3status-rust/config-default.toml";
extraConfig = '' position = "top";
icon_theme ${config.gtk.iconTheme.name} extraConfig = ''
''; icon_theme ${config.gtk.iconTheme.name}
}; '';
}
];
### Inputs ### Inputs
input = { input = {

5
hosts/blacksteel/hardware-configuration.nix
View file

@ -1,5 +1,4 @@
{ {
lib,
inputs, inputs,
config, config,
... ...
@ -44,5 +43,7 @@
fsType = "vfat"; fsType = "vfat";
}; };
}; };
swapDevices = lib.singleton { device = "/dev/disk/by-uuid/8a2e90a9-5cc2-40fc-82fe-69ef3cd88e29"; }; swapDevices = [
{ device = "/dev/disk/by-uuid/8a2e90a9-5cc2-40fc-82fe-69ef3cd88e29"; }
];
} }

54
hosts/blacksteel/services/matrix.nix
View file

@ -1,4 +1,4 @@
{ lib, config, ... }: { config, ... }:
{ {
services.matrix-synapse = { services.matrix-synapse = {
enable = true; enable = true;
@ -13,13 +13,15 @@
{ {
path = "/run/matrix-synapse/synapse.sock"; path = "/run/matrix-synapse/synapse.sock";
type = "http"; type = "http";
resources = lib.singleton { resources = [
names = [ {
"client" names = [
"federation" "client"
]; "federation"
compress = true; ];
}; compress = true;
}
];
} }
]; ];
@ -30,23 +32,25 @@
}; };
# https://element-hq.github.io/synapse/latest/openid.html#keycloak # https://element-hq.github.io/synapse/latest/openid.html#keycloak
oidc_providers = lib.singleton { oidc_providers = [
idp_id = "keycloak"; {
idp_name = "id.ny4.dev"; idp_id = "keycloak";
issuer = "https://id.ny4.dev/realms/ny4"; idp_name = "id.ny4.dev";
client_id = "synapse"; issuer = "https://id.ny4.dev/realms/ny4";
client_secret_path = config.sops.secrets."synapse/oidc".path; client_id = "synapse";
scopes = [ client_secret_path = config.sops.secrets."synapse/oidc".path;
"openid" scopes = [
"profile" "openid"
]; "profile"
user_mapping_provider.config = { ];
localpart_template = "{{ user.preferred_username }}"; user_mapping_provider.config = {
display_name_template = "{{ user.name }}"; localpart_template = "{{ user.preferred_username }}";
}; display_name_template = "{{ user.name }}";
backchannel_logout_enabled = true; };
allow_existing_users = true; backchannel_logout_enabled = true;
}; allow_existing_users = true;
}
];
}; };
}; };

10
hosts/tyo0/default.nix
View file

@ -25,10 +25,12 @@
boot.loader.grub.device = lib.mkForce "/dev/nvme0n1"; boot.loader.grub.device = lib.mkForce "/dev/nvme0n1";
system.stateVersion = "24.05"; system.stateVersion = "24.05";
swapDevices = lib.singleton { swapDevices = [
device = "/var/lib/swapfile"; {
size = 4 * 1024; # 4 GiB device = "/var/lib/swapfile";
}; size = 4 * 1024; # 4 GiB
}
];
# WORKAROUND: # WORKAROUND:
systemd.services."print-host-key".enable = false; systemd.services."print-host-key".enable = false;

2
hosts/tyo0/matrix-client.json
View file

@ -1,5 +1,5 @@
{ {
"m.homeserver": { "m.homeserver": {
"base_url": "https://matrix.ny4.dev" "base_url": "https://matrix.ny4.dev"
} },
} }

1
hosts/tyo0/services/prometheus.nix
View file

@ -9,7 +9,6 @@
enable = true; enable = true;
listenAddress = "127.0.0.1"; listenAddress = "127.0.0.1";
port = 9090; port = 9090;
webExternalUrl = "https://prom.ny4.dev";
exporters.blackbox = { exporters.blackbox = {
enable = true; enable = true;

12
hosts/tyo0/services/sing-box.nix
View file

@ -1,4 +1,4 @@
{ lib, config, ... }: { config, ... }:
{ {
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
27253 27253
@ -30,10 +30,12 @@
} }
]; ];
outbounds = lib.singleton { outbounds = [
type = "direct"; {
tag = "direct"; type = "direct";
}; tag = "direct";
}
];
route = { route = {
final = "direct"; final = "direct";

2
nixos/profiles/prometheus/default.nix
View file

@ -1,3 +1,5 @@
{ config, lib, ... }:
{ {
services.prometheus.exporters.node = { services.prometheus.exporters.node = {
enable = true; enable = true;

18
nixos/profiles/sing-box/default.nix
View file

@ -12,14 +12,16 @@
level = "info"; level = "info";
}; };
inbounds = lib.singleton { inbounds = [
type = "http"; {
tag = "inbound"; type = "http";
listen = "127.0.0.1"; tag = "inbound";
listen_port = 1080; listen = "127.0.0.1";
sniff = true; listen_port = 1080;
sniff_override_destination = true; sniff = true;
}; sniff_override_destination = true;
}
];
outbounds = [ outbounds = [
{ {