Compare commits
No commits in common. "997cf6d287b25f2e9e1edb5146ebcc26954e306b" and "0aa66218edf20f8d4a249b1e2495514248d10992" have entirely different histories.
997cf6d287
...
0aa66218ed
10 changed files with 233 additions and 22 deletions
3
.helix/languages.toml
Normal file
3
.helix/languages.toml
Normal file
|
@ -0,0 +1,3 @@
|
|||
[[language]]
|
||||
name = "nix"
|
||||
formatter = { command = "alejandra", args = ["--quiet"] }
|
130
flake.lock
130
flake.lock
|
@ -1,5 +1,28 @@
|
|||
{
|
||||
"nodes": {
|
||||
"aagl": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
"flake-compat"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1721560199,
|
||||
"narHash": "sha256-XQVh+i9/m2J2AfwuqJcKpm3GM67Top8mHKgaJ7lL1l0=",
|
||||
"owner": "ezKEa",
|
||||
"repo": "aagl-gtk-on-nix",
|
||||
"rev": "cdb74c540af1d365ea799ba5d2200df707e31090",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "ezKEa",
|
||||
"repo": "aagl-gtk-on-nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"crane": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -234,6 +257,32 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-formatter-pack": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"nmd": [
|
||||
"nmd"
|
||||
],
|
||||
"nmt": [
|
||||
"nmt"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1715807870,
|
||||
"narHash": "sha256-lutvG1LFGSpXsGA7U4TWfdfq6p71WdSlhw3vM4W/Opk=",
|
||||
"owner": "Gerschtli",
|
||||
"repo": "nix-formatter-pack",
|
||||
"rev": "ab5feb867e5d074918852de6134500a82a09dc48",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "Gerschtli",
|
||||
"repo": "nix-formatter-pack",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1722114937,
|
||||
|
@ -280,6 +329,61 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1720535198,
|
||||
"narHash": "sha256-zwVvxrdIzralnSbcpghA92tWu2DV2lwv89xZc8MTrbg=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "205fd4226592cc83fd4c0885a3e4c9c400efabb5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-23.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nmd": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"scss-reset": [
|
||||
"scss-reset"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1705050560,
|
||||
"narHash": "sha256-x3zzcdvhJpodsmdjqB4t5mkVW22V3wqHLOun0KRBzUI=",
|
||||
"owner": "~rycee",
|
||||
"repo": "nmd",
|
||||
"rev": "66d9334933119c36f91a78d565c152a4fdc8d3d3",
|
||||
"type": "sourcehut"
|
||||
},
|
||||
"original": {
|
||||
"owner": "~rycee",
|
||||
"repo": "nmd",
|
||||
"type": "sourcehut"
|
||||
}
|
||||
},
|
||||
"nmt": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1705307515,
|
||||
"narHash": "sha256-krVKx3/u1mDo8qe5qylYgmwAmlAPHa1BSPDzxq09FmI=",
|
||||
"owner": "~rycee",
|
||||
"repo": "nmt",
|
||||
"rev": "1562940b7765a32f1987bd9a3ee6a4fa034c9429",
|
||||
"type": "sourcehut"
|
||||
},
|
||||
"original": {
|
||||
"owner": "~rycee",
|
||||
"repo": "nmt",
|
||||
"type": "sourcehut"
|
||||
}
|
||||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1722176547,
|
||||
|
@ -307,7 +411,7 @@
|
|||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs-stable": [
|
||||
"nixpkgs"
|
||||
"nixpkgs-stable"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
|
@ -326,6 +430,7 @@
|
|||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"aagl": "aagl",
|
||||
"crane": "crane",
|
||||
"disko": "disko",
|
||||
"flake-compat": "flake-compat",
|
||||
|
@ -337,12 +442,17 @@
|
|||
"lanzaboote": "lanzaboote",
|
||||
"neovim": "neovim",
|
||||
"nix-darwin": "nix-darwin",
|
||||
"nix-formatter-pack": "nix-formatter-pack",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixos-sensible": "nixos-sensible",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-stable": "nixpkgs-stable",
|
||||
"nmd": "nmd",
|
||||
"nmt": "nmt",
|
||||
"nur": "nur",
|
||||
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
||||
"rust-overlay": "rust-overlay",
|
||||
"scss-reset": "scss-reset",
|
||||
"sops-nix": "sops-nix",
|
||||
"srvos": "srvos",
|
||||
"systems": "systems",
|
||||
|
@ -369,13 +479,29 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"scss-reset": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1683906868,
|
||||
"narHash": "sha256-cif5Sx8Ca5vxdw/mNAgpulLH15TwmzyJFNM7JURpoaE=",
|
||||
"owner": "andreymatin",
|
||||
"repo": "scss-reset",
|
||||
"rev": "5a7bd491ac82441e6283fb0d5d54644b913b30c7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "andreymatin",
|
||||
"repo": "scss-reset",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"sops-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs-stable": [
|
||||
"nixpkgs"
|
||||
"nixpkgs-stable"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
|
|
29
flake.nix
29
flake.nix
|
@ -8,7 +8,13 @@
|
|||
#
|
||||
# REFERENCE: https://discourse.nixos.org/t/differences-between-nix-channels/13998/5
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
||||
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.11";
|
||||
|
||||
aagl = {
|
||||
url = "github:ezKEa/aagl-gtk-on-nix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.flake-compat.follows = "flake-compat";
|
||||
};
|
||||
disko = {
|
||||
url = "github:nix-community/disko";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
@ -56,7 +62,7 @@
|
|||
sops-nix = {
|
||||
url = "github:Mic92/sops-nix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.nixpkgs-stable.follows = "nixpkgs";
|
||||
inputs.nixpkgs-stable.follows = "nixpkgs-stable";
|
||||
};
|
||||
srvos = {
|
||||
url = "github:nix-community/srvos";
|
||||
|
@ -84,10 +90,25 @@
|
|||
url = "github:hercules-ci/gitignore.nix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
nix-formatter-pack = {
|
||||
url = "github:Gerschtli/nix-formatter-pack";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.nmd.follows = "nmd";
|
||||
inputs.nmt.follows = "nmt";
|
||||
};
|
||||
nmd = {
|
||||
url = "sourcehut:~rycee/nmd";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.scss-reset.follows = "scss-reset";
|
||||
};
|
||||
nmt = {
|
||||
url = "sourcehut:~rycee/nmt";
|
||||
flake = false;
|
||||
};
|
||||
pre-commit-hooks-nix = {
|
||||
url = "github:cachix/pre-commit-hooks.nix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.nixpkgs-stable.follows = "nixpkgs";
|
||||
inputs.nixpkgs-stable.follows = "nixpkgs-stable";
|
||||
inputs.flake-compat.follows = "flake-compat";
|
||||
inputs.gitignore.follows = "gitignore";
|
||||
};
|
||||
|
@ -95,6 +116,10 @@
|
|||
url = "github:oxalica/rust-overlay";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
scss-reset = {
|
||||
url = "github:andreymatin/scss-reset";
|
||||
flake = false;
|
||||
};
|
||||
};
|
||||
|
||||
outputs = inputs:
|
||||
|
|
|
@ -7,8 +7,7 @@
|
|||
}: {
|
||||
home = {
|
||||
username = "guanranwang";
|
||||
homeDirectory =
|
||||
if pkgs.stdenv.hostPlatform.isDarwin
|
||||
homeDirectory = if pkgs.stdenv.hostPlatform.isDarwin
|
||||
then "/Users/${config.home.username}"
|
||||
else "/home/${config.home.username}";
|
||||
|
||||
|
@ -57,6 +56,11 @@
|
|||
trashy
|
||||
]);
|
||||
|
||||
home.shellAliases = {
|
||||
".." = "cd ..";
|
||||
"farsee" = "curl -F 'c=@-' 'https://fars.ee/'"; # pb
|
||||
};
|
||||
|
||||
programs.fish.functions = let
|
||||
jq = lib.getExe pkgs.jq;
|
||||
nix = lib.getExe pkgs.nix;
|
||||
|
|
|
@ -88,12 +88,6 @@ element.ny4.dev {
|
|||
file_server
|
||||
}
|
||||
|
||||
cinny.ny4.dev {
|
||||
import default
|
||||
root * @cinny@
|
||||
file_server
|
||||
}
|
||||
|
||||
git.ny4.dev {
|
||||
import default
|
||||
reverse_proxy unix//run/forgejo/forgejo.sock
|
||||
|
|
|
@ -64,12 +64,12 @@
|
|||
|
||||
"element" = pkgs.element-web.override {
|
||||
element-web-unwrapped = pkgs.element-web-unwrapped.overrideAttrs (oldAttrs: {
|
||||
version = "1.11.72";
|
||||
version = "1.11.72-rc.0";
|
||||
src = oldAttrs.src.overrideAttrs {
|
||||
outputHash = "sha256-ZLSCbt00R3azFz2lOuj8yqaLFyobnmGmQKYOYLHCA1w=";
|
||||
outputHash = "sha256-IftQCQ3m7w2F9/q0n2W9JMIouu79cYkwVRLjWY1CQGg=";
|
||||
};
|
||||
offlineCache = oldAttrs.offlineCache.overrideAttrs {
|
||||
outputHash = "sha256-7NXXjv7xNEBVRmWawpdfZBFV51hAspdP1oAURGaRg48=";
|
||||
outputHash = "sha256-xBpwEbHeJSVKsEvmH2SNZOtEZkPRgPIiChbTkmjJQa4=";
|
||||
};
|
||||
});
|
||||
|
||||
|
@ -79,13 +79,6 @@
|
|||
};
|
||||
};
|
||||
|
||||
"cinny" = pkgs.cinny.override {
|
||||
conf = {
|
||||
defaultHomeserver = 0;
|
||||
homeserverList = ["ny4.dev"];
|
||||
};
|
||||
};
|
||||
|
||||
"mastodon" = pkgs.mastodon;
|
||||
};
|
||||
};
|
||||
|
|
|
@ -2,5 +2,6 @@
|
|||
imports = [
|
||||
./services/hysteria.nix
|
||||
./services/pixivfe.nix
|
||||
./services/rathole.nix
|
||||
];
|
||||
}
|
||||
|
|
50
nixos/modules/services/rathole.nix
Normal file
50
nixos/modules/services/rathole.nix
Normal file
|
@ -0,0 +1,50 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
cfg = config.services.rathole;
|
||||
in {
|
||||
options.services.rathole = {
|
||||
enable = lib.mkEnableOption "Rathole, a lightweight and high-performance reverse proxy for NAT traversal";
|
||||
|
||||
package = lib.mkPackageOption pkgs "rathole" {};
|
||||
|
||||
configFile = lib.mkOption {
|
||||
default = null;
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = "Configuration file to use.";
|
||||
};
|
||||
|
||||
credentials = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [];
|
||||
example = lib.literalExpression ''
|
||||
[
|
||||
"cert:/tmp/certificate.crt"
|
||||
"key:/tmp/private-key.key"
|
||||
];
|
||||
'';
|
||||
description = ''
|
||||
Extra credentials loaded by systemd, you can access them by `/run/credentials/rathole.service/foobar`.
|
||||
|
||||
See `systemd.exec(5)` for more information.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.services.rathole = {
|
||||
description = "Rathole daemon, a lightweight and high-performance reverse proxy for NAT traversal.";
|
||||
wantedBy = ["multi-user.target"];
|
||||
after = ["network-online.target"];
|
||||
wants = ["network-online.target"];
|
||||
serviceConfig = {
|
||||
ExecStart = "${lib.getExe cfg.package} $\{CREDENTIALS_DIRECTORY}/rathole.toml";
|
||||
LoadCredential = ["rathole.toml:${cfg.configFile}"] ++ cfg.credentials;
|
||||
DynamicUser = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -13,6 +13,7 @@
|
|||
"${inputs.srvos}/nixos/common/well-known-hosts.nix"
|
||||
]
|
||||
++ (with inputs; [
|
||||
aagl.nixosModules.default
|
||||
disko.nixosModules.disko
|
||||
home-manager.nixosModules.home-manager
|
||||
impermanence.nixosModules.impermanence
|
||||
|
|
14
treefmt.nix
14
treefmt.nix
|
@ -6,6 +6,20 @@
|
|||
programs.statix.enable = true;
|
||||
programs.alejandra.enable = true;
|
||||
|
||||
### shell
|
||||
programs.shfmt.enable = true;
|
||||
settings.formatter.shfmt.options = ["-i" "2" "-sr"];
|
||||
programs.shellcheck.enable = true;
|
||||
settings.formatter.shellcheck.options = [
|
||||
"-s"
|
||||
"bash"
|
||||
"-e"
|
||||
"SC2016" # shfmt kept doing it, didn't find a toggle to turn it off
|
||||
];
|
||||
|
||||
### toml
|
||||
programs.taplo.enable = true;
|
||||
|
||||
### misc
|
||||
programs.prettier.enable = true;
|
||||
settings.formatter.prettier.excludes = [
|
||||
|
|
Loading…
Reference in a new issue