diff --git a/flake.lock b/flake.lock index 97013e3..a624a18 100644 --- a/flake.lock +++ b/flake.lock @@ -27,11 +27,11 @@ ] }, "locked": { - "lastModified": 1710717205, - "narHash": "sha256-Wf3gHh5uV6W1TV/A8X8QJf99a5ypDSugY4sNtdJDe0A=", + "lastModified": 1711763326, + "narHash": "sha256-sXcesZWKXFlEQ8oyGHnfk4xc9f2Ip0X/+YZOq3sKviI=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "bcc8afd06e237df060c85bad6af7128e05fd61a3", + "rev": "36524adc31566655f2f4d55ad6b875fb5c1a4083", "type": "github" }, "original": { @@ -268,11 +268,11 @@ ] }, "locked": { - "lastModified": 1711554349, - "narHash": "sha256-RypwcWEIFePBI0Hubfj4chanbM/G2yzJzC6wgz+dmS4=", + "lastModified": 1711625603, + "narHash": "sha256-W+9dfqA9bqUIBV5u7jaIARAzMe3kTq/Hp2SpSVXKRQw=", "owner": "nix-community", "repo": "home-manager", - "rev": "179f6acaf7c068c7870542cdae72afec9427a5b0", + "rev": "c0ef0dab55611c676ad7539bf4e41b3ec6fa87d2", "type": "github" }, "original": { @@ -289,11 +289,11 @@ ] }, "locked": { - "lastModified": 1711133180, - "narHash": "sha256-WJOahf+6115+GMl3wUfURu8fszuNeJLv9qAWFQl3Vmo=", + "lastModified": 1711604890, + "narHash": "sha256-vbI/gxRTq/gHW1Q8z6D/7JG/qGNl3JTimUDX+MwnC3A=", "owner": "nix-community", "repo": "home-manager", - "rev": "1c2c5e4cabba4c43504ef0f8cc3f3dfa284e2dbb", + "rev": "3142bdcc470e1e291e1fbe942fd69e06bd00c5df", "type": "github" }, "original": { @@ -322,6 +322,29 @@ "url": "https://iceshrimp.dev/iceshrimp/packaging" } }, + "iceshrimp-withdrawal": { + "inputs": { + "iceshrimp": [ + "iceshrimp" + ], + "nixpkgs": [ + "nixpkgs-unstable" + ] + }, + "locked": { + "lastModified": 1711776244, + "narHash": "sha256-8YWE9ddqJkHeX7UkLl+bv133j+RRJHtPHTJ1Lg0er9Q=", + "ref": "refs/heads/main", + "rev": "fe2d3a93aa71a7f1f7fdbe4af42fddbd4065881c", + "revCount": 38, + "type": "git", + "url": "https://iceshrimp.dev/noe/withdrawal" + }, + "original": { + "type": "git", + "url": "https://iceshrimp.dev/noe/withdrawal" + } + }, "nix-darwin": { "inputs": { "nixpkgs": [ @@ -330,11 +353,11 @@ ] }, "locked": { - "lastModified": 1710717205, - "narHash": "sha256-Wf3gHh5uV6W1TV/A8X8QJf99a5ypDSugY4sNtdJDe0A=", + "lastModified": 1711591334, + "narHash": "sha256-9d5ilxxq4CXw44eFw8VFrRneAKex7D8xjn95mwZjgf4=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "bcc8afd06e237df060c85bad6af7128e05fd61a3", + "rev": "f0dd0838c3558b59dc3b726d8ab89f5b5e35c297", "type": "github" }, "original": { @@ -364,11 +387,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1711586832, - "narHash": "sha256-qyizrMmDvLjL6oQaBeFQl3PqzTN9vkYkQIVzfiQvMrM=", + "lastModified": 1711626141, + "narHash": "sha256-0qV1pHeIyUZ18cp8ijQnMf7uV+Uk4+UqTCC6yGSGWvk=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "38beb364db84d00d2f0f48595511028aedca415c", + "rev": "63194fceafbfe583a9eb7d16ab499adc0a6c0bc2", "type": "github" }, "original": { @@ -449,11 +472,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1711460390, - "narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=", + "lastModified": 1711668574, + "narHash": "sha256-u1dfs0ASQIEr1icTVrsKwg2xToIpn7ZXxW3RHfHxshg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "44733514b72e732bd49f5511bd0203dea9b9a434", + "rev": "219951b495fc2eac67b1456824cc1ec1fd2ee659", "type": "github" }, "original": { @@ -481,11 +504,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1711333969, - "narHash": "sha256-5PiWGn10DQjMZee5NXzeA6ccsv60iLu+Xtw+mfvkUAs=", + "lastModified": 1711703276, + "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "57e6b3a9e4ebec5aa121188301f04a6b8c354c9b", + "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089", "type": "github" }, "original": { @@ -513,11 +536,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1711333969, - "narHash": "sha256-5PiWGn10DQjMZee5NXzeA6ccsv60iLu+Xtw+mfvkUAs=", + "lastModified": 1711703276, + "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "57e6b3a9e4ebec5aa121188301f04a6b8c354c9b", + "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089", "type": "github" }, "original": { @@ -556,11 +579,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1711572924, - "narHash": "sha256-JLDnh9TJXJ8iLRd3dNtS48pqU6LraWUntK8Z7M0W184=", + "lastModified": 1711745924, + "narHash": "sha256-ZYVrOg12pWNbY1hx1lOu3cwER6xalEHUUIXnfbkCtUY=", "owner": "nix-community", "repo": "nixvim", - "rev": "5fb9f0bb86edf08043ebf1cc3d16388469390c0a", + "rev": "4f83bcf2906c1c933316396221024f3482a7b086", "type": "github" }, "original": { @@ -605,11 +628,11 @@ ] }, "locked": { - "lastModified": 1711409088, - "narHash": "sha256-+rTCra8TY4vuSNTtQ0tcex1syCRPoKyb8vyHmoxkga4=", + "lastModified": 1711519547, + "narHash": "sha256-Q7YmSCUJmDl71fJv/zD9lrOCJ1/SE/okZ2DsrmRjzhY=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "db656fc3e34907000df26e8bc5cc3c94fb27f353", + "rev": "7d47a32e5cd1ea481fab33c516356ce27c8cef4a", "type": "github" }, "original": { @@ -625,6 +648,7 @@ "doll-repair": "doll-repair", "home-manager": "home-manager", "iceshrimp": "iceshrimp", + "iceshrimp-withdrawal": "iceshrimp-withdrawal", "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs_3", "nixpkgs-stable": "nixpkgs-stable", diff --git a/flake.nix b/flake.nix index 315185a..9fbfbb3 100644 --- a/flake.nix +++ b/flake.nix @@ -39,6 +39,11 @@ url = "git+https://iceshrimp.dev/iceshrimp/packaging"; inputs.nixpkgs.follows = "nixpkgs-unstable"; }; + iceshrimp-withdrawal = { + url = "git+https://iceshrimp.dev/noe/withdrawal"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; + inputs.iceshrimp.follows = "iceshrimp"; + }; # Self noe-sh = { diff --git a/nixos/hosts/porcelain-doll-repair/default.nix b/nixos/hosts/porcelain-doll-repair/default.nix index f421e13..563bb58 100644 --- a/nixos/hosts/porcelain-doll-repair/default.nix +++ b/nixos/hosts/porcelain-doll-repair/default.nix @@ -2,8 +2,7 @@ imports = [ ../../templates/proxmox-lxc.nix ../../server.nix - #../../features/dns-cache.nix - #../../features/telemetry + ../../features/dns-cache.nix inputs.iceshrimp.nixosModules.iceshrimp {} ]; @@ -18,13 +17,27 @@ mode = "0444"; }; + sops.templates."secrets.yaml" = { + content = (builtins.toJSON { + db = { + pass = config.sops.placeholder.db_password; + }; + }); + owner = config.services.iceshrimp.user; + group = config.services.iceshrimp.group; + }; + + services.iceshrimp = { enable = true; + package = inputs.iceshrimp-withdrawal.packages.${pkgs.system}.iceshrimp.withdrawal; settings.url = "https://porcelain.doll.repair"; dbPasswordFile = config.sops.secrets.db_password.path; createDb = true; configureNginx.enable = false; + secretConfig = config.sops.templates."secrets.yaml".path; }; + services.postgresql.package = pkgs.postgresql_15; services.redis.servers.iceshrimp.logfile = "stdout"; }