nyancat/flake
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: nyancat:997cf6d287b25f2e9e1edb5146ebcc26954e306b
Branches Tags
nyancat:master
..
compare: nyancat:0aa66218edf20f8d4a249b1e2495514248d10992
Branches Tags
nyancat:master

No commits in common. "997cf6d287b25f2e9e1edb5146ebcc26954e306b" and "0aa66218edf20f8d4a249b1e2495514248d10992" have entirely different histories.
997cf6d287 ... 0aa66218ed

10 changed files with 233 additions and 22 deletions
Show stats Expand all files Collapse all files

3
.helix/languages.toml Normal file
View file

@ -0,0 +1,3 @@
[[language]]
name = "nix"
formatter = { command = "alejandra", args = ["--quiet"] }

130
flake.lock
View file

@ -1,5 +1,28 @@
{ {
"nodes": { "nodes": {
"aagl": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1721560199,
"narHash": "sha256-XQVh+i9/m2J2AfwuqJcKpm3GM67Top8mHKgaJ7lL1l0=",
"owner": "ezKEa",
"repo": "aagl-gtk-on-nix",
"rev": "cdb74c540af1d365ea799ba5d2200df707e31090",
"type": "github"
},
"original": {
"owner": "ezKEa",
"repo": "aagl-gtk-on-nix",
"type": "github"
}
},
"crane": { "crane": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -234,6 +257,32 @@
"type": "github" "type": "github"
} }
}, },
"nix-formatter-pack": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"nmd": [
"nmd"
],
"nmt": [
"nmt"
]
},
"locked": {
"lastModified": 1715807870,
"narHash": "sha256-lutvG1LFGSpXsGA7U4TWfdfq6p71WdSlhw3vM4W/Opk=",
"owner": "Gerschtli",
"repo": "nix-formatter-pack",
"rev": "ab5feb867e5d074918852de6134500a82a09dc48",
"type": "github"
},
"original": {
"owner": "Gerschtli",
"repo": "nix-formatter-pack",
"type": "github"
}
},
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1722114937, "lastModified": 1722114937,
@ -280,6 +329,61 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable": {
"locked": {
"lastModified": 1720535198,
"narHash": "sha256-zwVvxrdIzralnSbcpghA92tWu2DV2lwv89xZc8MTrbg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "205fd4226592cc83fd4c0885a3e4c9c400efabb5",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nmd": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"scss-reset": [
"scss-reset"
]
},
"locked": {
"lastModified": 1705050560,
"narHash": "sha256-x3zzcdvhJpodsmdjqB4t5mkVW22V3wqHLOun0KRBzUI=",
"owner": "~rycee",
"repo": "nmd",
"rev": "66d9334933119c36f91a78d565c152a4fdc8d3d3",
"type": "sourcehut"
},
"original": {
"owner": "~rycee",
"repo": "nmd",
"type": "sourcehut"
}
},
"nmt": {
"flake": false,
"locked": {
"lastModified": 1705307515,
"narHash": "sha256-krVKx3/u1mDo8qe5qylYgmwAmlAPHa1BSPDzxq09FmI=",
"owner": "~rycee",
"repo": "nmt",
"rev": "1562940b7765a32f1987bd9a3ee6a4fa034c9429",
"type": "sourcehut"
},
"original": {
"owner": "~rycee",
"repo": "nmt",
"type": "sourcehut"
}
},
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1722176547, "lastModified": 1722176547,
@ -307,7 +411,7 @@
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-stable": [ "nixpkgs-stable": [
"nixpkgs" "nixpkgs-stable"
] ]
}, },
"locked": { "locked": {
@ -326,6 +430,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"aagl": "aagl",
"crane": "crane", "crane": "crane",
"disko": "disko", "disko": "disko",
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
@ -337,12 +442,17 @@
"lanzaboote": "lanzaboote", "lanzaboote": "lanzaboote",
"neovim": "neovim", "neovim": "neovim",
"nix-darwin": "nix-darwin", "nix-darwin": "nix-darwin",
"nix-formatter-pack": "nix-formatter-pack",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixos-sensible": "nixos-sensible", "nixos-sensible": "nixos-sensible",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable",
"nmd": "nmd",
"nmt": "nmt",
"nur": "nur", "nur": "nur",
"pre-commit-hooks-nix": "pre-commit-hooks-nix", "pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay", "rust-overlay": "rust-overlay",
"scss-reset": "scss-reset",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"srvos": "srvos", "srvos": "srvos",
"systems": "systems", "systems": "systems",
@ -369,13 +479,29 @@
"type": "github" "type": "github"
} }
}, },
"scss-reset": {
"flake": false,
"locked": {
"lastModified": 1683906868,
"narHash": "sha256-cif5Sx8Ca5vxdw/mNAgpulLH15TwmzyJFNM7JURpoaE=",
"owner": "andreymatin",
"repo": "scss-reset",
"rev": "5a7bd491ac82441e6283fb0d5d54644b913b30c7",
"type": "github"
},
"original": {
"owner": "andreymatin",
"repo": "scss-reset",
"type": "github"
}
},
"sops-nix": { "sops-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-stable": [ "nixpkgs-stable": [
"nixpkgs" "nixpkgs-stable"
] ]
}, },
"locked": { "locked": {

29
flake.nix
View file

@ -8,7 +8,13 @@
# #
# REFERENCE: https://discourse.nixos.org/t/differences-between-nix-channels/13998/5 # REFERENCE: https://discourse.nixos.org/t/differences-between-nix-channels/13998/5
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.11";
aagl = {
url = "github:ezKEa/aagl-gtk-on-nix";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-compat.follows = "flake-compat";
};
disko = { disko = {
url = "github:nix-community/disko"; url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -56,7 +62,7 @@
sops-nix = { sops-nix = {
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs-stable.follows = "nixpkgs"; inputs.nixpkgs-stable.follows = "nixpkgs-stable";
}; };
srvos = { srvos = {
url = "github:nix-community/srvos"; url = "github:nix-community/srvos";
@ -84,10 +90,25 @@
url = "github:hercules-ci/gitignore.nix"; url = "github:hercules-ci/gitignore.nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nix-formatter-pack = {
url = "github:Gerschtli/nix-formatter-pack";
inputs.nixpkgs.follows = "nixpkgs";
inputs.nmd.follows = "nmd";
inputs.nmt.follows = "nmt";
};
nmd = {
url = "sourcehut:~rycee/nmd";
inputs.nixpkgs.follows = "nixpkgs";
inputs.scss-reset.follows = "scss-reset";
};
nmt = {
url = "sourcehut:~rycee/nmt";
flake = false;
};
pre-commit-hooks-nix = { pre-commit-hooks-nix = {
url = "github:cachix/pre-commit-hooks.nix"; url = "github:cachix/pre-commit-hooks.nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs-stable.follows = "nixpkgs"; inputs.nixpkgs-stable.follows = "nixpkgs-stable";
inputs.flake-compat.follows = "flake-compat"; inputs.flake-compat.follows = "flake-compat";
inputs.gitignore.follows = "gitignore"; inputs.gitignore.follows = "gitignore";
}; };
@ -95,6 +116,10 @@
url = "github:oxalica/rust-overlay"; url = "github:oxalica/rust-overlay";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
scss-reset = {
url = "github:andreymatin/scss-reset";
flake = false;
};
}; };
outputs = inputs: outputs = inputs:

8
home/default.nix
View file

@ -7,8 +7,7 @@
}: { }: {
home = { home = {
username = "guanranwang"; username = "guanranwang";
homeDirectory = homeDirectory = if pkgs.stdenv.hostPlatform.isDarwin
if pkgs.stdenv.hostPlatform.isDarwin
then "/Users/${config.home.username}" then "/Users/${config.home.username}"
else "/home/${config.home.username}"; else "/home/${config.home.username}";
@ -57,6 +56,11 @@
trashy trashy
]); ]);
home.shellAliases = {
".." = "cd ..";
"farsee" = "curl -F 'c=@-' 'https://fars.ee/'"; # pb
};
programs.fish.functions = let programs.fish.functions = let
jq = lib.getExe pkgs.jq; jq = lib.getExe pkgs.jq;
nix = lib.getExe pkgs.nix; nix = lib.getExe pkgs.nix;

6
hosts/lightsail-tokyo/Caddyfile
View file

@ -88,12 +88,6 @@ element.ny4.dev {
file_server file_server
} }
cinny.ny4.dev {
import default
root * @cinny@
file_server
}
git.ny4.dev { git.ny4.dev {
import default import default
reverse_proxy unix//run/forgejo/forgejo.sock reverse_proxy unix//run/forgejo/forgejo.sock

13
hosts/lightsail-tokyo/default.nix
View file

@ -64,12 +64,12 @@
"element" = pkgs.element-web.override { "element" = pkgs.element-web.override {
element-web-unwrapped = pkgs.element-web-unwrapped.overrideAttrs (oldAttrs: { element-web-unwrapped = pkgs.element-web-unwrapped.overrideAttrs (oldAttrs: {
version = "1.11.72"; version = "1.11.72-rc.0";
src = oldAttrs.src.overrideAttrs { src = oldAttrs.src.overrideAttrs {
outputHash = "sha256-ZLSCbt00R3azFz2lOuj8yqaLFyobnmGmQKYOYLHCA1w="; outputHash = "sha256-IftQCQ3m7w2F9/q0n2W9JMIouu79cYkwVRLjWY1CQGg=";
}; };
offlineCache = oldAttrs.offlineCache.overrideAttrs { offlineCache = oldAttrs.offlineCache.overrideAttrs {
outputHash = "sha256-7NXXjv7xNEBVRmWawpdfZBFV51hAspdP1oAURGaRg48="; outputHash = "sha256-xBpwEbHeJSVKsEvmH2SNZOtEZkPRgPIiChbTkmjJQa4=";
}; };
}); });
@ -79,13 +79,6 @@
}; };
}; };
"cinny" = pkgs.cinny.override {
conf = {
defaultHomeserver = 0;
homeserverList = ["ny4.dev"];
};
};
"mastodon" = pkgs.mastodon; "mastodon" = pkgs.mastodon;
}; };
}; };

1
nixos/modules/default.nix
View file

@ -2,5 +2,6 @@
imports = [ imports = [
./services/hysteria.nix ./services/hysteria.nix
./services/pixivfe.nix ./services/pixivfe.nix
./services/rathole.nix
]; ];
} }

50
nixos/modules/services/rathole.nix Normal file
View file

@ -0,0 +1,50 @@
{
pkgs,
config,
lib,
...
}: let
cfg = config.services.rathole;
in {
options.services.rathole = {
enable = lib.mkEnableOption "Rathole, a lightweight and high-performance reverse proxy for NAT traversal";
package = lib.mkPackageOption pkgs "rathole" {};
configFile = lib.mkOption {
default = null;
type = lib.types.nullOr lib.types.path;
description = "Configuration file to use.";
};
credentials = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
example = lib.literalExpression ''
[
"cert:/tmp/certificate.crt"
"key:/tmp/private-key.key"
];
'';
description = ''
Extra credentials loaded by systemd, you can access them by `/run/credentials/rathole.service/foobar`.
See `systemd.exec(5)` for more information.
'';
};
};
config = lib.mkIf cfg.enable {
systemd.services.rathole = {
description = "Rathole daemon, a lightweight and high-performance reverse proxy for NAT traversal.";
wantedBy = ["multi-user.target"];
after = ["network-online.target"];
wants = ["network-online.target"];
serviceConfig = {
ExecStart = "${lib.getExe cfg.package} $\{CREDENTIALS_DIRECTORY}/rathole.toml";
LoadCredential = ["rathole.toml:${cfg.configFile}"] ++ cfg.credentials;
DynamicUser = true;
};
};
};
}

1
nixos/profiles/core/default.nix
View file

@ -13,6 +13,7 @@
"${inputs.srvos}/nixos/common/well-known-hosts.nix" "${inputs.srvos}/nixos/common/well-known-hosts.nix"
] ]
++ (with inputs; [ ++ (with inputs; [
aagl.nixosModules.default
disko.nixosModules.disko disko.nixosModules.disko
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
impermanence.nixosModules.impermanence impermanence.nixosModules.impermanence

14
treefmt.nix
View file

@ -6,6 +6,20 @@
programs.statix.enable = true; programs.statix.enable = true;
programs.alejandra.enable = true; programs.alejandra.enable = true;
### shell
programs.shfmt.enable = true;
settings.formatter.shfmt.options = ["-i" "2" "-sr"];
programs.shellcheck.enable = true;
settings.formatter.shellcheck.options = [
"-s"
"bash"
"-e"
"SC2016" # shfmt kept doing it, didn't find a toggle to turn it off
];
### toml
programs.taplo.enable = true;
### misc ### misc
programs.prettier.enable = true; programs.prettier.enable = true;
settings.formatter.prettier.excludes = [ settings.formatter.prettier.excludes = [