Compare commits
No commits in common. "5852b1cabd160c62e11ea48c4cf860602870f182" and "4af6d5e6c82e1427bae268d1f4bc5a6af980aa16" have entirely different histories.
5852b1cabd
...
4af6d5e6c8
9 changed files with 67 additions and 53 deletions
|
@ -36,13 +36,15 @@
|
||||||
config = {
|
config = {
|
||||||
### Visuals
|
### Visuals
|
||||||
output."*".bg = "${inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system}.background} fill";
|
output."*".bg = "${inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system}.background} fill";
|
||||||
bars = lib.singleton {
|
bars = [
|
||||||
statusCommand = "${lib.getExe pkgs.i3status-rust} $HOME/.config/i3status-rust/config-default.toml";
|
{
|
||||||
position = "top";
|
statusCommand = "${lib.getExe pkgs.i3status-rust} $HOME/.config/i3status-rust/config-default.toml";
|
||||||
extraConfig = ''
|
position = "top";
|
||||||
icon_theme ${config.gtk.iconTheme.name}
|
extraConfig = ''
|
||||||
'';
|
icon_theme ${config.gtk.iconTheme.name}
|
||||||
};
|
'';
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
### Inputs
|
### Inputs
|
||||||
input = {
|
input = {
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{
|
{
|
||||||
lib,
|
|
||||||
inputs,
|
inputs,
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
|
@ -44,5 +43,7 @@
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
swapDevices = lib.singleton { device = "/dev/disk/by-uuid/8a2e90a9-5cc2-40fc-82fe-69ef3cd88e29"; };
|
swapDevices = [
|
||||||
|
{ device = "/dev/disk/by-uuid/8a2e90a9-5cc2-40fc-82fe-69ef3cd88e29"; }
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, config, ... }:
|
{ config, ... }:
|
||||||
{
|
{
|
||||||
services.matrix-synapse = {
|
services.matrix-synapse = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -13,13 +13,15 @@
|
||||||
{
|
{
|
||||||
path = "/run/matrix-synapse/synapse.sock";
|
path = "/run/matrix-synapse/synapse.sock";
|
||||||
type = "http";
|
type = "http";
|
||||||
resources = lib.singleton {
|
resources = [
|
||||||
names = [
|
{
|
||||||
"client"
|
names = [
|
||||||
"federation"
|
"client"
|
||||||
];
|
"federation"
|
||||||
compress = true;
|
];
|
||||||
};
|
compress = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -30,23 +32,25 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# https://element-hq.github.io/synapse/latest/openid.html#keycloak
|
# https://element-hq.github.io/synapse/latest/openid.html#keycloak
|
||||||
oidc_providers = lib.singleton {
|
oidc_providers = [
|
||||||
idp_id = "keycloak";
|
{
|
||||||
idp_name = "id.ny4.dev";
|
idp_id = "keycloak";
|
||||||
issuer = "https://id.ny4.dev/realms/ny4";
|
idp_name = "id.ny4.dev";
|
||||||
client_id = "synapse";
|
issuer = "https://id.ny4.dev/realms/ny4";
|
||||||
client_secret_path = config.sops.secrets."synapse/oidc".path;
|
client_id = "synapse";
|
||||||
scopes = [
|
client_secret_path = config.sops.secrets."synapse/oidc".path;
|
||||||
"openid"
|
scopes = [
|
||||||
"profile"
|
"openid"
|
||||||
];
|
"profile"
|
||||||
user_mapping_provider.config = {
|
];
|
||||||
localpart_template = "{{ user.preferred_username }}";
|
user_mapping_provider.config = {
|
||||||
display_name_template = "{{ user.name }}";
|
localpart_template = "{{ user.preferred_username }}";
|
||||||
};
|
display_name_template = "{{ user.name }}";
|
||||||
backchannel_logout_enabled = true;
|
};
|
||||||
allow_existing_users = true;
|
backchannel_logout_enabled = true;
|
||||||
};
|
allow_existing_users = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -25,10 +25,12 @@
|
||||||
boot.loader.grub.device = lib.mkForce "/dev/nvme0n1";
|
boot.loader.grub.device = lib.mkForce "/dev/nvme0n1";
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
|
|
||||||
swapDevices = lib.singleton {
|
swapDevices = [
|
||||||
device = "/var/lib/swapfile";
|
{
|
||||||
size = 4 * 1024; # 4 GiB
|
device = "/var/lib/swapfile";
|
||||||
};
|
size = 4 * 1024; # 4 GiB
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
# WORKAROUND:
|
# WORKAROUND:
|
||||||
systemd.services."print-host-key".enable = false;
|
systemd.services."print-host-key".enable = false;
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
{
|
{
|
||||||
"m.homeserver": {
|
"m.homeserver": {
|
||||||
"base_url": "https://matrix.ny4.dev"
|
"base_url": "https://matrix.ny4.dev"
|
||||||
}
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,6 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
listenAddress = "127.0.0.1";
|
listenAddress = "127.0.0.1";
|
||||||
port = 9090;
|
port = 9090;
|
||||||
webExternalUrl = "https://prom.ny4.dev";
|
|
||||||
|
|
||||||
exporters.blackbox = {
|
exporters.blackbox = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, config, ... }:
|
{ config, ... }:
|
||||||
{
|
{
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [
|
||||||
27253
|
27253
|
||||||
|
@ -30,10 +30,12 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
outbounds = lib.singleton {
|
outbounds = [
|
||||||
type = "direct";
|
{
|
||||||
tag = "direct";
|
type = "direct";
|
||||||
};
|
tag = "direct";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
route = {
|
route = {
|
||||||
final = "direct";
|
final = "direct";
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
{ config, lib, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
services.prometheus.exporters.node = {
|
services.prometheus.exporters.node = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -12,14 +12,16 @@
|
||||||
level = "info";
|
level = "info";
|
||||||
};
|
};
|
||||||
|
|
||||||
inbounds = lib.singleton {
|
inbounds = [
|
||||||
type = "http";
|
{
|
||||||
tag = "inbound";
|
type = "http";
|
||||||
listen = "127.0.0.1";
|
tag = "inbound";
|
||||||
listen_port = 1080;
|
listen = "127.0.0.1";
|
||||||
sniff = true;
|
listen_port = 1080;
|
||||||
sniff_override_destination = true;
|
sniff = true;
|
||||||
};
|
sniff_override_destination = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
outbounds = [
|
outbounds = [
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue