Compare commits
No commits in common. "9f1ad06daad7a5556048d7826dd827dfe256b24b" and "116af76c57d293afa2ee0701dfbce2ea51edb318" have entirely different histories.
9f1ad06daa
...
116af76c57
13 changed files with 119 additions and 106 deletions
14
flake.nix
14
flake.nix
|
@ -208,17 +208,19 @@
|
|||
};
|
||||
};
|
||||
|
||||
defaults.imports = [
|
||||
./nixos/profiles/core
|
||||
];
|
||||
|
||||
"lightsail-tokyo" = {
|
||||
imports = [./hosts/lightsail-tokyo];
|
||||
imports = [
|
||||
./nixos/profiles/core
|
||||
./hosts/lightsail-tokyo
|
||||
];
|
||||
deployment.targetHost = "tyo0.ny4.dev";
|
||||
};
|
||||
|
||||
"blacksteel" = {
|
||||
imports = [./hosts/blacksteel];
|
||||
imports = [
|
||||
./nixos/profiles/core
|
||||
./hosts/blacksteel
|
||||
];
|
||||
deployment.targetHost = "blacksteel"; # thru tailscale
|
||||
};
|
||||
};
|
||||
|
|
|
@ -2,6 +2,13 @@
|
|||
### home-manager
|
||||
home-manager.users.guanranwang = import ./home;
|
||||
|
||||
# xserver
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
excludePackages = with pkgs; [xterm];
|
||||
displayManager.startx.enable = true;
|
||||
};
|
||||
|
||||
# gnome keyring
|
||||
programs.seahorse.enable = true;
|
||||
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
imports = [
|
||||
inputs.nixpkgs.nixosModules.notDetected
|
||||
inputs.nixos-hardware.nixosModules.lenovo-legion-y530-15ich
|
||||
inputs.nixos-sensible.nixosModules.zram
|
||||
];
|
||||
|
||||
services.hdapsd.enable = false;
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
inputs.nixos-hardware.nixosModules.common-hidpi
|
||||
inputs.nixos-hardware.nixosModules.common-pc-laptop
|
||||
inputs.nixos-hardware.nixosModules.common-pc-laptop-ssd
|
||||
inputs.nixos-sensible.nixosModules.zram
|
||||
];
|
||||
|
||||
services.thermald.enable = true;
|
||||
|
|
|
@ -87,6 +87,11 @@ pixiv.ny4.dev {
|
|||
reverse_proxy unix//run/pixivfe/pixiv.sock
|
||||
}
|
||||
|
||||
syncv3.ny4.dev {
|
||||
import default
|
||||
reverse_proxy localhost:8700
|
||||
}
|
||||
|
||||
id.ny4.dev {
|
||||
import default
|
||||
reverse_proxy localhost:8800
|
||||
|
@ -102,8 +107,3 @@ git.ny4.dev {
|
|||
import default
|
||||
reverse_proxy unix//run/forgejo/forgejo.sock
|
||||
}
|
||||
|
||||
rss.ny4.dev {
|
||||
import default
|
||||
reverse_proxy localhost:9300
|
||||
}
|
||||
|
|
|
@ -1,13 +1,14 @@
|
|||
{
|
||||
modulesPath,
|
||||
lib,
|
||||
config,
|
||||
inputs,
|
||||
modulesPath,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
"${modulesPath}/virtualisation/amazon-image.nix"
|
||||
inputs.nixos-sensible.nixosModules.zram
|
||||
../../nixos/profiles/server
|
||||
./anti-feature.nix
|
||||
];
|
||||
|
@ -38,9 +39,6 @@
|
|||
"searx/environment" = {
|
||||
restartUnits = ["searx.service"];
|
||||
};
|
||||
"miniflux/credentials" = {
|
||||
restartUnits = ["miniflux.service"];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -199,58 +197,80 @@
|
|||
|
||||
services = let
|
||||
getDesc = pkg: pkg.meta.description;
|
||||
mapAttrsToList' = lib.mapAttrsToList (name: value: {"${name}" = value;}); # also sorts the thing alphabetically
|
||||
in
|
||||
mapAttrsToList' {
|
||||
"Services" = mapAttrsToList' {
|
||||
in [
|
||||
{
|
||||
"Services" = [
|
||||
{
|
||||
"SearXNG" = {
|
||||
description = getDesc pkgs.searxng;
|
||||
href = "https://searx.ny4.dev/";
|
||||
href = "https://searx.ny4.dev";
|
||||
};
|
||||
}
|
||||
{
|
||||
"Wastebin" = {
|
||||
description = getDesc pkgs.wastebin;
|
||||
href = "https://pb.ny4.dev/";
|
||||
href = "https://pb.ny4.dev";
|
||||
};
|
||||
}
|
||||
{
|
||||
"Ntfy" = {
|
||||
description = getDesc pkgs.ntfy;
|
||||
href = "https://ntfy.ny4.dev/";
|
||||
};
|
||||
}
|
||||
{
|
||||
"Mumble" = {
|
||||
description = "${getDesc pkgs.mumble} (Connect with tyo0.ny4.dev:64738)";
|
||||
};
|
||||
};
|
||||
"Private stuff" = mapAttrsToList' {
|
||||
}
|
||||
];
|
||||
}
|
||||
{
|
||||
"Private stuff" = [
|
||||
{
|
||||
"Mastodon" = rec {
|
||||
description = getDesc pkgs.mastodon;
|
||||
href = "https://mastodon.ny4.dev/";
|
||||
widget.type = "mastodon";
|
||||
widget.url = href;
|
||||
};
|
||||
}
|
||||
{
|
||||
"Matrix" = {
|
||||
description = getDesc pkgs.element-web;
|
||||
href = "https://element.ny4.dev/";
|
||||
};
|
||||
}
|
||||
{
|
||||
"PixivFE" = {
|
||||
description = getDesc inputs.self.packages.${pkgs.stdenv.hostPlatform.system}.pixivfe;
|
||||
description = "A privacy respecting frontend for Pixiv.";
|
||||
href = "https://pixiv.ny4.dev";
|
||||
};
|
||||
}
|
||||
{
|
||||
"Uptime Kuma" = {
|
||||
description = getDesc pkgs.uptime-kuma;
|
||||
href = "https://uptime.ny4.dev/";
|
||||
};
|
||||
}
|
||||
{
|
||||
"Forgejo" = {
|
||||
description = getDesc pkgs.forgejo;
|
||||
href = "https://git.ny4.dev/";
|
||||
};
|
||||
};
|
||||
"Links" = mapAttrsToList' {
|
||||
"Blog".href = "https://blog.ny4.dev/";
|
||||
"Forgejo".href = "https://git.ny4.dev/nyancat";
|
||||
"GitHub".href = "https://github.com/Guanran928";
|
||||
"Mastodon".herf = "https://mastodon.ny4.dev/@nyancat";
|
||||
"Matrix".href = "https://matrix.to/#/@nyancat:ny4.dev";
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
}
|
||||
{
|
||||
"Links" = [
|
||||
{"Blog".href = "https://blog.ny4.dev/";}
|
||||
{"GitHub".href = "https://github.com/Guanran928";}
|
||||
{"Mastodon".herf = "https://mastodon.ny4.dev/@nyancat";}
|
||||
{"Matrix".href = "https://matrix.to/#/@root:ny4.dev";}
|
||||
{"Forgejo".href = "https://git.ny4.dev/nyancat";}
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
services.forgejo = {
|
||||
|
@ -258,6 +278,7 @@
|
|||
database.type = "postgres";
|
||||
settings = {
|
||||
server = {
|
||||
# TODO: whats the difference between this and fcgi+unix
|
||||
DOMAIN = "git.ny4.dev";
|
||||
PROTOCOL = "http+unix";
|
||||
ROOT_URL = "https://git.ny4.dev/";
|
||||
|
@ -269,15 +290,6 @@
|
|||
};
|
||||
};
|
||||
|
||||
services.miniflux = {
|
||||
enable = true;
|
||||
adminCredentialsFile = config.sops.secrets."miniflux/credentials".path;
|
||||
config = {
|
||||
LISTEN_ADDR = "127.0.0.1:9300";
|
||||
BASE_URL = "https://rss.ny4.dev";
|
||||
};
|
||||
};
|
||||
|
||||
### Prevents me from bankrupt
|
||||
# https://fmk.im/p/shutdown-aws/
|
||||
services.vnstat.enable = true;
|
||||
|
|
|
@ -4,8 +4,6 @@ searx:
|
|||
environment: ENC[AES256_GCM,data:Chtb7yhooCMU+Hfnqdgwpd1w5gI2LZm4cz8d3YRgznjveO/4HOZ54XMdQVDoiC6ukojHfEUxl+3qIG1wi/s29rhxJekHLtWgJ++OUQKW,iv:viGQRoWbaSlRoovBV01Vl/d17eRVeM8CQUHYRWrflNQ=,tag:2QMYVCXON129pRpW3oOQXg==,type:str]
|
||||
pixivfe:
|
||||
environment: ENC[AES256_GCM,data:/Q/rShBXlXkWOOP+7OhKtKTSrp2zNizMaAOyKfWbKgJMHTjNfmMtRuGKRez9KXM5MDIMIF9iJSQ=,iv:whIAkaWiZcZT4HfmJw4qA+fbQ9zHFp+kTuHxQDE3XoU=,tag:FroLTMtNwGlvZw3osftj3A==,type:str]
|
||||
miniflux:
|
||||
credentials: ENC[AES256_GCM,data:vYd964LCV4NCZxbuIhdXznsl7n6jMPIFjWvo0tTTm4V3la93MN4DYLUPy4U=,iv:gqBCf7uqigTxdLs8oSd/KkNb56luUDrtrAOxxUuJgUE=,tag:LzniGyWeZxHrpQAaEOQP8A==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -30,8 +28,8 @@ sops:
|
|||
R1ZMMG1jWnljNWl5Nk5MU3RCMlFPYjgKL1ScxzF0D1R18H+oe6dlxUGlL9myHEr3
|
||||
3HBPoapKCSQ/cT7Xma4bsWD1AVJIf1Ak+MeCs9ItGwKAcnd9JYZ9KA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-07-10T17:25:33Z"
|
||||
mac: ENC[AES256_GCM,data:R8V7uckbpDjzukq7W0Tjj3yYCTynU4Ih0C8HiKIf1RQjS0XscJ/3dU5fhalJuODdBNi3aAar0qiX4MJsNexanQxltjJGj01pcHNrM1KUnOPoxmYR8oK64fecQDp8sWahXWfqFFurCsVg1ZHTJM1tMNgbjGDIcTSxZcto/1N3Zwc=,iv:eQge+cAxipyd7kFY7elVATHsymg/JFh9CCYItkkPn0I=,tag:LBR9nNW6RqekGqnLxfyB9w==,type:str]
|
||||
lastmodified: "2024-07-09T11:50:11Z"
|
||||
mac: ENC[AES256_GCM,data:kzxia2Bygi0YR24/dJfKZR3jF99IhIGGIZFJnIo5kp7/PZfQE2EbgD5yTFrSX9+Ur5u8a169UVEtveJ+uR59bX3DsjZDPRSWRMmWJodLcZifx+oSSGmhYufC61D3pVa+Jv2mwKf8UTKdb2oQtk/8bNrMuonedX8hPz+wZJQyMD0=,iv:VxBeb5QTaF5snKNtc51XFtwAdydnOyX8CGhxBjyBTQ0=,tag:vQEJJubHv3dRazmr1bAcnQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.0
|
||||
|
|
|
@ -18,22 +18,18 @@ buildGoModule rec {
|
|||
|
||||
vendorHash = "sha256-QapDR964Tn+RxXdkGqCQXacdmlSapF841Y84n4d/6VI=";
|
||||
|
||||
ldflags = [
|
||||
"-s"
|
||||
"-w"
|
||||
];
|
||||
ldflags = ["-s" "-w"];
|
||||
|
||||
nativeBuildInputs = [makeBinaryWrapper];
|
||||
|
||||
# PixivFE require files from source code
|
||||
postInstall = ''
|
||||
mkdir -p $out/share/pixivfe
|
||||
cp -r ./views/ $out/share/pixivfe/views
|
||||
wrapProgram $out/bin/pixivfe \
|
||||
--chdir $out/share/pixivfe
|
||||
--chdir ${src}
|
||||
'';
|
||||
|
||||
meta = {
|
||||
description = "Privacy respecting frontend for Pixiv";
|
||||
description = "A privacy respecting frontend for Pixiv";
|
||||
homepage = "https://codeberg.org/VnPower/PixivFE";
|
||||
license = lib.licenses.agpl3Only;
|
||||
mainProgram = "pixivfe";
|
|
@ -1,8 +1,7 @@
|
|||
{
|
||||
lib,
|
||||
config,
|
||||
inputs,
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
cfg = config.services.pixivfe;
|
||||
|
@ -10,7 +9,10 @@ in {
|
|||
options.services.pixivfe = {
|
||||
enable = lib.mkEnableOption "PixivFE, a privacy respecting frontend for Pixiv";
|
||||
|
||||
package = lib.mkPackageOption inputs.self.packages.${pkgs.stdenv.hostPlatform.system} "pixivfe" {};
|
||||
# package = lib.mkPackageOption pkgs "pixivfe" {};
|
||||
package = lib.mkOption {
|
||||
default = pkgs.callPackage ./pixivfe-pkg.nix {};
|
||||
};
|
||||
|
||||
openFirewall = lib.mkEnableOption "open ports in the firewall needed for the daemon to function";
|
||||
|
||||
|
|
|
@ -19,7 +19,6 @@
|
|||
impermanence.nixosModules.impermanence
|
||||
lanzaboote.nixosModules.lanzaboote
|
||||
nixos-sensible.nixosModules.default
|
||||
nixos-sensible.nixosModules.zram
|
||||
nur.nixosModules.nur
|
||||
self.nixosModules.default
|
||||
sops-nix.nixosModules.sops
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{lib, ...}: {
|
||||
sops.secrets = builtins.mapAttrs (_name: value: value // {sopsFile = ./secrets.yaml;}) {
|
||||
"wireless/wangxiaobo".path = "/var/lib/iwd/wangxiaobo.psk";
|
||||
"wireless/ImmortalWrt".path = "/var/lib/iwd/ImmortalWrt.psk";
|
||||
"wireless/OpenWrt".path = "/var/lib/iwd/OpenWrt.psk";
|
||||
};
|
||||
|
||||
networking.wireless.iwd.enable = lib.mkDefault true;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
wireless:
|
||||
wangxiaobo: ENC[AES256_GCM,data:D9m+JRZ2Tw1a4mukW+WU3QLYIRiTiRkGz1ddD7zvkctbuYg+BZXtRgDR0FOIn586t0DsgA1wBDEN/WWiLRTrArgWTHiv7OsOa1NI7+BuL1cFb1TNbk04zbtc6cCOpDBH8qivx0jdZIqrJ5JzIaeZ9T78tj1jMmp3pyt3RiEcZLqxjnPiJhJVaZ8iUNDTvuX3DpsmqybYiLO+Hz7qvIHwM1euc/vyraZ2SR/y5DjTjwVK1jiAs3glPy2oYayVhv+RPs/AHVDnslbtPxGrPhRXxZT3t9LnBw+I0VgrdKUl39ym38PurGnVoBJ7EUVWl3SUPQjnDfQI/XQiDyI3DZ8uA5MGwlR9mny5N/ojs+q7J/k4YiSThCasA5tA24SNRZQWI9lFevoortU+is9FTTGkfzgrrcuURDs6E3ShbbHgn4tvHPhB87J1mP9D7UMIFFfVyvqp5fRgBMHcrEA8xln2xvvQdRDDj/JJYIj3ex8PpTqvAi1EwnAFWhBgqIchcHRFcfQRWOsR7h8M1UQpnge85UZfePMropq5zJ3TSF4AKa2A4UqhgkvLm8qrMI1lvsEnH4TMoyV5Z59T4sPd4Eb3FV26wey6DTdw6cCuywh0AQ==,iv:nbD9EcQYaAf4XwvTLKRy+IjTkV7aHsHK+gBD/Ooc/l8=,tag:VHD3X0ONH4YTp/BTcnpLDQ==,type:str]
|
||||
ImmortalWrt: ENC[AES256_GCM,data:xMQtz/XklFZnT9HzD464f6Hh4Yz6LnfEV2A9xQzXgbKygKX8MZd1DN1+axtg0SBWEFevEYJ8hZJJjYbUd1LM2m7p51w8tBb+NeaunI2gl1DGcd7jyacH/Z3sTOFr0Lh9zfPSo8XAc3rP1tRyEDClc6AAjH72adGfBR83ZFvBlq80/uIbBULm53H+MqBm+ak9bRPiom3mv8e4CdwTcAHzfA2iYYGwOr3J/vRBeRaenhz01wXnmVDIOh50/wP4ttw5iEAsqjJnVG2G4oMbVFbHumNNC97/FAiZ1SSES5MVjLl9i4RYlTnS/ypuUci0qQUvi0PBDC1cYrkHtfP1OUnRopqPcKIFk5tCbOOgxSLI6GOoPT8+98M4xRI5WA9v3DKlTEzsqOAlhSOcRTiQFc+YVAo75jMBi3dsOUVYM2NvYNIw7aKuNcWuvgFsMadO+GELLiix94wecupV/Ruve+fJTxIiJsiTbZdqTCkb257VApVA4P/eMSgbHIu1MnYCRzccfQiEpEXq7SGLy9WHXfulqKSXMuZB/ai756cuV1jf1+h/ZniA+A/K8c5n6QzFWTa6pgRcIR2NP2IvldpF49aSbVCZZWD8lmnhrQmxgIxarHJW,iv:Pj9se0zKfvtoAM5FcWa99/DJ4VCFAJjDhEN8wfW51gU=,tag:fM+IBDGY56LVSZhBnHqoYA==,type:str]
|
||||
OpenWrt: ENC[AES256_GCM,data:KaRLfzoXPTyAscYjJ9mpMAKtsP29PjNvm1G89ne/7N3MtgO9/GfO2JHrmeU2KZBLCJEllovbw82TFsfG7q0ID0sGTVHEZ52yQdOD5wUiuKaiCoN4jaSsU/VsOfOF7ZGt9lWjl+JrGLLWfqAfvN6Jy85jb8XnaOT4jxqjHtTcMDU/ZkL3IJPdTB1RwuIua/UYFYW96kyOyKh5CKloFV9yZTdAmvI3f5Wjm7f7yHMchRI/G0Jk5QLCLSWeXyD2o2iy+vU2a9/0X3hNgoHhzEsB96PHLjtOdSDvWLl598aHelzqKP7GOy71KMTM7cW5i7eyWLNe7+4f3wTl1JQPIGx8T+/Y1G1T+BGWzhWxLHC5V1JQcSHysDfO7Q2ITdQC9jScNKROFlphvinMqItrBWDgWz/ESHViCVqW3qeCqDFFTMhKTTfBnwaOhSb+M99Rd+nCzmyLQrDgq/CSHzXhVtkQJV5MugZ1+wCUl59ylxroFsIS9csy2uRWGiWQh5Q59zc6kUbjPKDx53b2DXC8WuGhgD4XgT1fkSN2SOXxYiyPullF9T9ljCX4Qny9AQ3X6tvk+2MviKS40vlevdFLS4xFkf3BxzP+oAyB+X+py7kpD+RoH+jrSEC3lBPNwPd65J4TSDa4ZpFJeNX7Us7R6bIc8kesW+IWu9+vZjcD0Gji1xbQ5FtL/5YzdrO7hzEWVQbkl6kuRtvZ1AwWjeM+nT34RWal7XcdcFzeV0NPwNQ=,iv:IbLwzWe6vis4hH/4T5tzaVJflYFXZFjSlzYeBAqcaZs=,tag:WTYuVWCsrzSvNrCuGaXsRA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -34,8 +34,8 @@ sops:
|
|||
dEN1cEJFZU82bVFRVlVqcTIzckRHQjgKHgRyq4UOcZyiFnK9fq1NLtxRktFCs3V8
|
||||
EQhl+CPWTRZTZkttJ5MclGlvTNbiH3Iy9syKns6qvOw75wqtXIdIWQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-07-10T08:37:51Z"
|
||||
mac: ENC[AES256_GCM,data:M892yzbmOSiDdifD1kRreBR/+JwMneIZjvCXC90osBogFEmUtf9W6M3xeYmbTobgE/chy9O9yn6CVDt9OucU+sT7o2oUpbOHVulJnwstBuUJGQAEwhyolQP5YRiGRxQzdPG6dqLUkKlsi44pm4dNtDLHFPE0j1wA0PD1fhrH4Y0=,iv:P+ne5UD5F62NW0xYndCDEzR0e7qo0COwDY0iNb2bKUo=,tag:uZfOsrZuSMYdY2zqFhqiyw==,type:str]
|
||||
lastmodified: "2024-07-09T22:04:02Z"
|
||||
mac: ENC[AES256_GCM,data:m3EXpaGra4uT0m2w9B8D6p03PBXeYWn4AiStPtdN15/JwvTRsJvYeOE4CirZvDT3nq7ne/8j/62Z7sCkb7t8W48MfjrnvAYRFJvKT2hSmJnzqXH6446Srel88BfVmiMdcts4OvAea3Dg4oTMMIn5d2L+rIT8zuPY208tqo4vCPY=,iv:LI5WRb46DZLSL9rndXDo/xzDzXUArRANBqrEx8bmGIc=,tag:2K3vKFmb88Zjru1miwR7Dw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.0
|
||||
|
|
|
@ -1,18 +1,13 @@
|
|||
# NOTE: 301: All packages are migrated to `github:Guanran928/nur-packages`,
|
||||
# only keeping some packages that only fits for personal use.
|
||||
pkgs: let
|
||||
inherit (pkgs) lib callPackage;
|
||||
inherit (pkgs) lib;
|
||||
in {
|
||||
# https://github.com/NixOS/nixpkgs/pull/308720
|
||||
pixivfe = callPackage ./pixivfe.nix {};
|
||||
|
||||
scripts = lib.makeScope pkgs.newScope (self: let
|
||||
inherit (self) callPackage;
|
||||
in {
|
||||
scripts = lib.makeScope pkgs.newScope (self: {
|
||||
# util
|
||||
makeScript = callPackage ./scripts/makeScript.nix {};
|
||||
makeScript = self.callPackage ./scripts/makeScript.nix {};
|
||||
|
||||
# scripts
|
||||
lofi = callPackage ./scripts/lofi.nix {};
|
||||
lofi = self.callPackage ./scripts/lofi.nix {};
|
||||
});
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue