Compare commits
No commits in common. "5852b1cabd160c62e11ea48c4cf860602870f182" and "4af6d5e6c82e1427bae268d1f4bc5a6af980aa16" have entirely different histories.
5852b1cabd
...
4af6d5e6c8
9 changed files with 67 additions and 53 deletions
|
@ -36,13 +36,15 @@
|
|||
config = {
|
||||
### Visuals
|
||||
output."*".bg = "${inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system}.background} fill";
|
||||
bars = lib.singleton {
|
||||
statusCommand = "${lib.getExe pkgs.i3status-rust} $HOME/.config/i3status-rust/config-default.toml";
|
||||
position = "top";
|
||||
extraConfig = ''
|
||||
icon_theme ${config.gtk.iconTheme.name}
|
||||
'';
|
||||
};
|
||||
bars = [
|
||||
{
|
||||
statusCommand = "${lib.getExe pkgs.i3status-rust} $HOME/.config/i3status-rust/config-default.toml";
|
||||
position = "top";
|
||||
extraConfig = ''
|
||||
icon_theme ${config.gtk.iconTheme.name}
|
||||
'';
|
||||
}
|
||||
];
|
||||
|
||||
### Inputs
|
||||
input = {
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{
|
||||
lib,
|
||||
inputs,
|
||||
config,
|
||||
...
|
||||
|
@ -44,5 +43,7 @@
|
|||
fsType = "vfat";
|
||||
};
|
||||
};
|
||||
swapDevices = lib.singleton { device = "/dev/disk/by-uuid/8a2e90a9-5cc2-40fc-82fe-69ef3cd88e29"; };
|
||||
swapDevices = [
|
||||
{ device = "/dev/disk/by-uuid/8a2e90a9-5cc2-40fc-82fe-69ef3cd88e29"; }
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, config, ... }:
|
||||
{ config, ... }:
|
||||
{
|
||||
services.matrix-synapse = {
|
||||
enable = true;
|
||||
|
@ -13,13 +13,15 @@
|
|||
{
|
||||
path = "/run/matrix-synapse/synapse.sock";
|
||||
type = "http";
|
||||
resources = lib.singleton {
|
||||
names = [
|
||||
"client"
|
||||
"federation"
|
||||
];
|
||||
compress = true;
|
||||
};
|
||||
resources = [
|
||||
{
|
||||
names = [
|
||||
"client"
|
||||
"federation"
|
||||
];
|
||||
compress = true;
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
|
@ -30,23 +32,25 @@
|
|||
};
|
||||
|
||||
# https://element-hq.github.io/synapse/latest/openid.html#keycloak
|
||||
oidc_providers = lib.singleton {
|
||||
idp_id = "keycloak";
|
||||
idp_name = "id.ny4.dev";
|
||||
issuer = "https://id.ny4.dev/realms/ny4";
|
||||
client_id = "synapse";
|
||||
client_secret_path = config.sops.secrets."synapse/oidc".path;
|
||||
scopes = [
|
||||
"openid"
|
||||
"profile"
|
||||
];
|
||||
user_mapping_provider.config = {
|
||||
localpart_template = "{{ user.preferred_username }}";
|
||||
display_name_template = "{{ user.name }}";
|
||||
};
|
||||
backchannel_logout_enabled = true;
|
||||
allow_existing_users = true;
|
||||
};
|
||||
oidc_providers = [
|
||||
{
|
||||
idp_id = "keycloak";
|
||||
idp_name = "id.ny4.dev";
|
||||
issuer = "https://id.ny4.dev/realms/ny4";
|
||||
client_id = "synapse";
|
||||
client_secret_path = config.sops.secrets."synapse/oidc".path;
|
||||
scopes = [
|
||||
"openid"
|
||||
"profile"
|
||||
];
|
||||
user_mapping_provider.config = {
|
||||
localpart_template = "{{ user.preferred_username }}";
|
||||
display_name_template = "{{ user.name }}";
|
||||
};
|
||||
backchannel_logout_enabled = true;
|
||||
allow_existing_users = true;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -25,10 +25,12 @@
|
|||
boot.loader.grub.device = lib.mkForce "/dev/nvme0n1";
|
||||
system.stateVersion = "24.05";
|
||||
|
||||
swapDevices = lib.singleton {
|
||||
device = "/var/lib/swapfile";
|
||||
size = 4 * 1024; # 4 GiB
|
||||
};
|
||||
swapDevices = [
|
||||
{
|
||||
device = "/var/lib/swapfile";
|
||||
size = 4 * 1024; # 4 GiB
|
||||
}
|
||||
];
|
||||
|
||||
# WORKAROUND:
|
||||
systemd.services."print-host-key".enable = false;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{
|
||||
"m.homeserver": {
|
||||
"base_url": "https://matrix.ny4.dev"
|
||||
}
|
||||
},
|
||||
}
|
||||
|
|
|
@ -9,7 +9,6 @@
|
|||
enable = true;
|
||||
listenAddress = "127.0.0.1";
|
||||
port = 9090;
|
||||
webExternalUrl = "https://prom.ny4.dev";
|
||||
|
||||
exporters.blackbox = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, config, ... }:
|
||||
{ config, ... }:
|
||||
{
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
27253
|
||||
|
@ -30,10 +30,12 @@
|
|||
}
|
||||
];
|
||||
|
||||
outbounds = lib.singleton {
|
||||
type = "direct";
|
||||
tag = "direct";
|
||||
};
|
||||
outbounds = [
|
||||
{
|
||||
type = "direct";
|
||||
tag = "direct";
|
||||
}
|
||||
];
|
||||
|
||||
route = {
|
||||
final = "direct";
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
{ config, lib, ... }:
|
||||
|
||||
{
|
||||
services.prometheus.exporters.node = {
|
||||
enable = true;
|
||||
|
|
|
@ -12,14 +12,16 @@
|
|||
level = "info";
|
||||
};
|
||||
|
||||
inbounds = lib.singleton {
|
||||
type = "http";
|
||||
tag = "inbound";
|
||||
listen = "127.0.0.1";
|
||||
listen_port = 1080;
|
||||
sniff = true;
|
||||
sniff_override_destination = true;
|
||||
};
|
||||
inbounds = [
|
||||
{
|
||||
type = "http";
|
||||
tag = "inbound";
|
||||
listen = "127.0.0.1";
|
||||
listen_port = 1080;
|
||||
sniff = true;
|
||||
sniff_override_destination = true;
|
||||
}
|
||||
];
|
||||
|
||||
outbounds = [
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue