Compare commits

..

No commits in common. "9f1ad06daad7a5556048d7826dd827dfe256b24b" and "116af76c57d293afa2ee0701dfbce2ea51edb318" have entirely different histories.

13 changed files with 119 additions and 106 deletions

View file

@ -208,17 +208,19 @@
};
};
defaults.imports = [
./nixos/profiles/core
];
"lightsail-tokyo" = {
imports = [./hosts/lightsail-tokyo];
imports = [
./nixos/profiles/core
./hosts/lightsail-tokyo
];
deployment.targetHost = "tyo0.ny4.dev";
};
"blacksteel" = {
imports = [./hosts/blacksteel];
imports = [
./nixos/profiles/core
./hosts/blacksteel
];
deployment.targetHost = "blacksteel"; # thru tailscale
};
};

View file

@ -2,6 +2,13 @@
### home-manager
home-manager.users.guanranwang = import ./home;
# xserver
services.xserver = {
enable = true;
excludePackages = with pkgs; [xterm];
displayManager.startx.enable = true;
};
# gnome keyring
programs.seahorse.enable = true;

View file

@ -2,6 +2,7 @@
imports = [
inputs.nixpkgs.nixosModules.notDetected
inputs.nixos-hardware.nixosModules.lenovo-legion-y530-15ich
inputs.nixos-sensible.nixosModules.zram
];
services.hdapsd.enable = false;

View file

@ -11,6 +11,7 @@
inputs.nixos-hardware.nixosModules.common-hidpi
inputs.nixos-hardware.nixosModules.common-pc-laptop
inputs.nixos-hardware.nixosModules.common-pc-laptop-ssd
inputs.nixos-sensible.nixosModules.zram
];
services.thermald.enable = true;

View file

@ -87,6 +87,11 @@ pixiv.ny4.dev {
reverse_proxy unix//run/pixivfe/pixiv.sock
}
syncv3.ny4.dev {
import default
reverse_proxy localhost:8700
}
id.ny4.dev {
import default
reverse_proxy localhost:8800
@ -102,8 +107,3 @@ git.ny4.dev {
import default
reverse_proxy unix//run/forgejo/forgejo.sock
}
rss.ny4.dev {
import default
reverse_proxy localhost:9300
}

View file

@ -1,13 +1,14 @@
{
modulesPath,
lib,
config,
inputs,
modulesPath,
pkgs,
...
}: {
imports = [
"${modulesPath}/virtualisation/amazon-image.nix"
inputs.nixos-sensible.nixosModules.zram
../../nixos/profiles/server
./anti-feature.nix
];
@ -38,9 +39,6 @@
"searx/environment" = {
restartUnits = ["searx.service"];
};
"miniflux/credentials" = {
restartUnits = ["miniflux.service"];
};
};
};
@ -199,58 +197,80 @@
services = let
getDesc = pkg: pkg.meta.description;
mapAttrsToList' = lib.mapAttrsToList (name: value: {"${name}" = value;}); # also sorts the thing alphabetically
in
mapAttrsToList' {
"Services" = mapAttrsToList' {
in [
{
"Services" = [
{
"SearXNG" = {
description = getDesc pkgs.searxng;
href = "https://searx.ny4.dev/";
href = "https://searx.ny4.dev";
};
}
{
"Wastebin" = {
description = getDesc pkgs.wastebin;
href = "https://pb.ny4.dev/";
href = "https://pb.ny4.dev";
};
}
{
"Ntfy" = {
description = getDesc pkgs.ntfy;
href = "https://ntfy.ny4.dev/";
};
}
{
"Mumble" = {
description = "${getDesc pkgs.mumble} (Connect with tyo0.ny4.dev:64738)";
};
};
"Private stuff" = mapAttrsToList' {
}
];
}
{
"Private stuff" = [
{
"Mastodon" = rec {
description = getDesc pkgs.mastodon;
href = "https://mastodon.ny4.dev/";
widget.type = "mastodon";
widget.url = href;
};
}
{
"Matrix" = {
description = getDesc pkgs.element-web;
href = "https://element.ny4.dev/";
};
}
{
"PixivFE" = {
description = getDesc inputs.self.packages.${pkgs.stdenv.hostPlatform.system}.pixivfe;
description = "A privacy respecting frontend for Pixiv.";
href = "https://pixiv.ny4.dev";
};
}
{
"Uptime Kuma" = {
description = getDesc pkgs.uptime-kuma;
href = "https://uptime.ny4.dev/";
};
}
{
"Forgejo" = {
description = getDesc pkgs.forgejo;
href = "https://git.ny4.dev/";
};
};
"Links" = mapAttrsToList' {
"Blog".href = "https://blog.ny4.dev/";
"Forgejo".href = "https://git.ny4.dev/nyancat";
"GitHub".href = "https://github.com/Guanran928";
"Mastodon".herf = "https://mastodon.ny4.dev/@nyancat";
"Matrix".href = "https://matrix.to/#/@nyancat:ny4.dev";
};
};
}
];
}
{
"Links" = [
{"Blog".href = "https://blog.ny4.dev/";}
{"GitHub".href = "https://github.com/Guanran928";}
{"Mastodon".herf = "https://mastodon.ny4.dev/@nyancat";}
{"Matrix".href = "https://matrix.to/#/@root:ny4.dev";}
{"Forgejo".href = "https://git.ny4.dev/nyancat";}
];
}
];
};
services.forgejo = {
@ -258,6 +278,7 @@
database.type = "postgres";
settings = {
server = {
# TODO: whats the difference between this and fcgi+unix
DOMAIN = "git.ny4.dev";
PROTOCOL = "http+unix";
ROOT_URL = "https://git.ny4.dev/";
@ -269,15 +290,6 @@
};
};
services.miniflux = {
enable = true;
adminCredentialsFile = config.sops.secrets."miniflux/credentials".path;
config = {
LISTEN_ADDR = "127.0.0.1:9300";
BASE_URL = "https://rss.ny4.dev";
};
};
### Prevents me from bankrupt
# https://fmk.im/p/shutdown-aws/
services.vnstat.enable = true;

View file

@ -4,8 +4,6 @@ searx:
environment: ENC[AES256_GCM,data:Chtb7yhooCMU+Hfnqdgwpd1w5gI2LZm4cz8d3YRgznjveO/4HOZ54XMdQVDoiC6ukojHfEUxl+3qIG1wi/s29rhxJekHLtWgJ++OUQKW,iv:viGQRoWbaSlRoovBV01Vl/d17eRVeM8CQUHYRWrflNQ=,tag:2QMYVCXON129pRpW3oOQXg==,type:str]
pixivfe:
environment: ENC[AES256_GCM,data:/Q/rShBXlXkWOOP+7OhKtKTSrp2zNizMaAOyKfWbKgJMHTjNfmMtRuGKRez9KXM5MDIMIF9iJSQ=,iv:whIAkaWiZcZT4HfmJw4qA+fbQ9zHFp+kTuHxQDE3XoU=,tag:FroLTMtNwGlvZw3osftj3A==,type:str]
miniflux:
credentials: ENC[AES256_GCM,data:vYd964LCV4NCZxbuIhdXznsl7n6jMPIFjWvo0tTTm4V3la93MN4DYLUPy4U=,iv:gqBCf7uqigTxdLs8oSd/KkNb56luUDrtrAOxxUuJgUE=,tag:LzniGyWeZxHrpQAaEOQP8A==,type:str]
sops:
kms: []
gcp_kms: []
@ -30,8 +28,8 @@ sops:
R1ZMMG1jWnljNWl5Nk5MU3RCMlFPYjgKL1ScxzF0D1R18H+oe6dlxUGlL9myHEr3
3HBPoapKCSQ/cT7Xma4bsWD1AVJIf1Ak+MeCs9ItGwKAcnd9JYZ9KA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-10T17:25:33Z"
mac: ENC[AES256_GCM,data:R8V7uckbpDjzukq7W0Tjj3yYCTynU4Ih0C8HiKIf1RQjS0XscJ/3dU5fhalJuODdBNi3aAar0qiX4MJsNexanQxltjJGj01pcHNrM1KUnOPoxmYR8oK64fecQDp8sWahXWfqFFurCsVg1ZHTJM1tMNgbjGDIcTSxZcto/1N3Zwc=,iv:eQge+cAxipyd7kFY7elVATHsymg/JFh9CCYItkkPn0I=,tag:LBR9nNW6RqekGqnLxfyB9w==,type:str]
lastmodified: "2024-07-09T11:50:11Z"
mac: ENC[AES256_GCM,data:kzxia2Bygi0YR24/dJfKZR3jF99IhIGGIZFJnIo5kp7/PZfQE2EbgD5yTFrSX9+Ur5u8a169UVEtveJ+uR59bX3DsjZDPRSWRMmWJodLcZifx+oSSGmhYufC61D3pVa+Jv2mwKf8UTKdb2oQtk/8bNrMuonedX8hPz+wZJQyMD0=,iv:VxBeb5QTaF5snKNtc51XFtwAdydnOyX8CGhxBjyBTQ0=,tag:vQEJJubHv3dRazmr1bAcnQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0

View file

@ -18,22 +18,18 @@ buildGoModule rec {
vendorHash = "sha256-QapDR964Tn+RxXdkGqCQXacdmlSapF841Y84n4d/6VI=";
ldflags = [
"-s"
"-w"
];
ldflags = ["-s" "-w"];
nativeBuildInputs = [makeBinaryWrapper];
# PixivFE require files from source code
postInstall = ''
mkdir -p $out/share/pixivfe
cp -r ./views/ $out/share/pixivfe/views
wrapProgram $out/bin/pixivfe \
--chdir $out/share/pixivfe
--chdir ${src}
'';
meta = {
description = "Privacy respecting frontend for Pixiv";
description = "A privacy respecting frontend for Pixiv";
homepage = "https://codeberg.org/VnPower/PixivFE";
license = lib.licenses.agpl3Only;
mainProgram = "pixivfe";

View file

@ -1,8 +1,7 @@
{
lib,
config,
inputs,
pkgs,
config,
lib,
...
}: let
cfg = config.services.pixivfe;
@ -10,7 +9,10 @@ in {
options.services.pixivfe = {
enable = lib.mkEnableOption "PixivFE, a privacy respecting frontend for Pixiv";
package = lib.mkPackageOption inputs.self.packages.${pkgs.stdenv.hostPlatform.system} "pixivfe" {};
# package = lib.mkPackageOption pkgs "pixivfe" {};
package = lib.mkOption {
default = pkgs.callPackage ./pixivfe-pkg.nix {};
};
openFirewall = lib.mkEnableOption "open ports in the firewall needed for the daemon to function";

View file

@ -19,7 +19,6 @@
impermanence.nixosModules.impermanence
lanzaboote.nixosModules.lanzaboote
nixos-sensible.nixosModules.default
nixos-sensible.nixosModules.zram
nur.nixosModules.nur
self.nixosModules.default
sops-nix.nixosModules.sops

View file

@ -1,7 +1,7 @@
{lib, ...}: {
sops.secrets = builtins.mapAttrs (_name: value: value // {sopsFile = ./secrets.yaml;}) {
"wireless/wangxiaobo".path = "/var/lib/iwd/wangxiaobo.psk";
"wireless/ImmortalWrt".path = "/var/lib/iwd/ImmortalWrt.psk";
"wireless/OpenWrt".path = "/var/lib/iwd/OpenWrt.psk";
};
networking.wireless.iwd.enable = lib.mkDefault true;

View file

@ -1,6 +1,6 @@
wireless:
wangxiaobo: ENC[AES256_GCM,data:D9m+JRZ2Tw1a4mukW+WU3QLYIRiTiRkGz1ddD7zvkctbuYg+BZXtRgDR0FOIn586t0DsgA1wBDEN/WWiLRTrArgWTHiv7OsOa1NI7+BuL1cFb1TNbk04zbtc6cCOpDBH8qivx0jdZIqrJ5JzIaeZ9T78tj1jMmp3pyt3RiEcZLqxjnPiJhJVaZ8iUNDTvuX3DpsmqybYiLO+Hz7qvIHwM1euc/vyraZ2SR/y5DjTjwVK1jiAs3glPy2oYayVhv+RPs/AHVDnslbtPxGrPhRXxZT3t9LnBw+I0VgrdKUl39ym38PurGnVoBJ7EUVWl3SUPQjnDfQI/XQiDyI3DZ8uA5MGwlR9mny5N/ojs+q7J/k4YiSThCasA5tA24SNRZQWI9lFevoortU+is9FTTGkfzgrrcuURDs6E3ShbbHgn4tvHPhB87J1mP9D7UMIFFfVyvqp5fRgBMHcrEA8xln2xvvQdRDDj/JJYIj3ex8PpTqvAi1EwnAFWhBgqIchcHRFcfQRWOsR7h8M1UQpnge85UZfePMropq5zJ3TSF4AKa2A4UqhgkvLm8qrMI1lvsEnH4TMoyV5Z59T4sPd4Eb3FV26wey6DTdw6cCuywh0AQ==,iv:nbD9EcQYaAf4XwvTLKRy+IjTkV7aHsHK+gBD/Ooc/l8=,tag:VHD3X0ONH4YTp/BTcnpLDQ==,type:str]
ImmortalWrt: ENC[AES256_GCM,data:xMQtz/XklFZnT9HzD464f6Hh4Yz6LnfEV2A9xQzXgbKygKX8MZd1DN1+axtg0SBWEFevEYJ8hZJJjYbUd1LM2m7p51w8tBb+NeaunI2gl1DGcd7jyacH/Z3sTOFr0Lh9zfPSo8XAc3rP1tRyEDClc6AAjH72adGfBR83ZFvBlq80/uIbBULm53H+MqBm+ak9bRPiom3mv8e4CdwTcAHzfA2iYYGwOr3J/vRBeRaenhz01wXnmVDIOh50/wP4ttw5iEAsqjJnVG2G4oMbVFbHumNNC97/FAiZ1SSES5MVjLl9i4RYlTnS/ypuUci0qQUvi0PBDC1cYrkHtfP1OUnRopqPcKIFk5tCbOOgxSLI6GOoPT8+98M4xRI5WA9v3DKlTEzsqOAlhSOcRTiQFc+YVAo75jMBi3dsOUVYM2NvYNIw7aKuNcWuvgFsMadO+GELLiix94wecupV/Ruve+fJTxIiJsiTbZdqTCkb257VApVA4P/eMSgbHIu1MnYCRzccfQiEpEXq7SGLy9WHXfulqKSXMuZB/ai756cuV1jf1+h/ZniA+A/K8c5n6QzFWTa6pgRcIR2NP2IvldpF49aSbVCZZWD8lmnhrQmxgIxarHJW,iv:Pj9se0zKfvtoAM5FcWa99/DJ4VCFAJjDhEN8wfW51gU=,tag:fM+IBDGY56LVSZhBnHqoYA==,type:str]
OpenWrt: ENC[AES256_GCM,data:KaRLfzoXPTyAscYjJ9mpMAKtsP29PjNvm1G89ne/7N3MtgO9/GfO2JHrmeU2KZBLCJEllovbw82TFsfG7q0ID0sGTVHEZ52yQdOD5wUiuKaiCoN4jaSsU/VsOfOF7ZGt9lWjl+JrGLLWfqAfvN6Jy85jb8XnaOT4jxqjHtTcMDU/ZkL3IJPdTB1RwuIua/UYFYW96kyOyKh5CKloFV9yZTdAmvI3f5Wjm7f7yHMchRI/G0Jk5QLCLSWeXyD2o2iy+vU2a9/0X3hNgoHhzEsB96PHLjtOdSDvWLl598aHelzqKP7GOy71KMTM7cW5i7eyWLNe7+4f3wTl1JQPIGx8T+/Y1G1T+BGWzhWxLHC5V1JQcSHysDfO7Q2ITdQC9jScNKROFlphvinMqItrBWDgWz/ESHViCVqW3qeCqDFFTMhKTTfBnwaOhSb+M99Rd+nCzmyLQrDgq/CSHzXhVtkQJV5MugZ1+wCUl59ylxroFsIS9csy2uRWGiWQh5Q59zc6kUbjPKDx53b2DXC8WuGhgD4XgT1fkSN2SOXxYiyPullF9T9ljCX4Qny9AQ3X6tvk+2MviKS40vlevdFLS4xFkf3BxzP+oAyB+X+py7kpD+RoH+jrSEC3lBPNwPd65J4TSDa4ZpFJeNX7Us7R6bIc8kesW+IWu9+vZjcD0Gji1xbQ5FtL/5YzdrO7hzEWVQbkl6kuRtvZ1AwWjeM+nT34RWal7XcdcFzeV0NPwNQ=,iv:IbLwzWe6vis4hH/4T5tzaVJflYFXZFjSlzYeBAqcaZs=,tag:WTYuVWCsrzSvNrCuGaXsRA==,type:str]
sops:
kms: []
gcp_kms: []
@ -34,8 +34,8 @@ sops:
dEN1cEJFZU82bVFRVlVqcTIzckRHQjgKHgRyq4UOcZyiFnK9fq1NLtxRktFCs3V8
EQhl+CPWTRZTZkttJ5MclGlvTNbiH3Iy9syKns6qvOw75wqtXIdIWQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-10T08:37:51Z"
mac: ENC[AES256_GCM,data:M892yzbmOSiDdifD1kRreBR/+JwMneIZjvCXC90osBogFEmUtf9W6M3xeYmbTobgE/chy9O9yn6CVDt9OucU+sT7o2oUpbOHVulJnwstBuUJGQAEwhyolQP5YRiGRxQzdPG6dqLUkKlsi44pm4dNtDLHFPE0j1wA0PD1fhrH4Y0=,iv:P+ne5UD5F62NW0xYndCDEzR0e7qo0COwDY0iNb2bKUo=,tag:uZfOsrZuSMYdY2zqFhqiyw==,type:str]
lastmodified: "2024-07-09T22:04:02Z"
mac: ENC[AES256_GCM,data:m3EXpaGra4uT0m2w9B8D6p03PBXeYWn4AiStPtdN15/JwvTRsJvYeOE4CirZvDT3nq7ne/8j/62Z7sCkb7t8W48MfjrnvAYRFJvKT2hSmJnzqXH6446Srel88BfVmiMdcts4OvAea3Dg4oTMMIn5d2L+rIT8zuPY208tqo4vCPY=,iv:LI5WRb46DZLSL9rndXDo/xzDzXUArRANBqrEx8bmGIc=,tag:2K3vKFmb88Zjru1miwR7Dw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0

View file

@ -1,18 +1,13 @@
# NOTE: 301: All packages are migrated to `github:Guanran928/nur-packages`,
# only keeping some packages that only fits for personal use.
pkgs: let
inherit (pkgs) lib callPackage;
inherit (pkgs) lib;
in {
# https://github.com/NixOS/nixpkgs/pull/308720
pixivfe = callPackage ./pixivfe.nix {};
scripts = lib.makeScope pkgs.newScope (self: let
inherit (self) callPackage;
in {
scripts = lib.makeScope pkgs.newScope (self: {
# util
makeScript = callPackage ./scripts/makeScript.nix {};
makeScript = self.callPackage ./scripts/makeScript.nix {};
# scripts
lofi = callPackage ./scripts/lofi.nix {};
lofi = self.callPackage ./scripts/lofi.nix {};
});
}