noe/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

saerro sync

Browse source
This commit is contained in:
41666 2024-11-25 17:39:22 -08:00
parent 86f11dc3e7
commit 88a73fb421
9 changed files with 79 additions and 135 deletions
Download patch file Download diff file Expand all files Collapse all files

3
Justfile
View file

@ -61,6 +61,9 @@ gc generations="5d":
sudo nix-store --gc
sudo nix-collect-garbage -d --delete-older-than {{generations}}
repair:
sudo nix-store --repair --verify --check-contents
# Add a machine's age key for SOPS
sops-add machine_name target:
bun tools/onboard-machine.js {{machine_name}} {{target}}

134
flake.lock generated
View file

@ -20,26 +20,6 @@
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1730070491,
"narHash": "sha256-+RYCbdU6l4E4pr40++lrdhdE3gNC/BR54AL7xWG/YRU=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "5c0c6aaa797d6ccbb6cdab14de0248135735709d",
"type": "github"
},
"original": {
"owner": "lnl7",
"repo": "nix-darwin",
"type": "github"
}
},
"devshell": {
"inputs": {
"nixpkgs": [
@ -175,11 +155,11 @@
]
},
"locked": {
"lastModified": 1727826117,
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"type": "github"
},
"original": {
@ -310,11 +290,11 @@
]
},
"locked": {
"lastModified": 1729104314,
"narHash": "sha256-pZRZsq5oCdJt3upZIU4aslS9XwFJ+/nVtALHIciX/BI=",
"lastModified": 1730302582,
"narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "3c3e88f0f544d6bb54329832616af7eb971b6be6",
"rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf",
"type": "github"
},
"original": {
@ -352,11 +332,11 @@
]
},
"locked": {
"lastModified": 1730016908,
"narHash": "sha256-bFCxJco7d8IgmjfNExNz9knP8wvwbXU4s/d53KOK6U0=",
"lastModified": 1730633670,
"narHash": "sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo+GYdmEPaYi1bZB6uf0=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e83414058edd339148dc142a8437edb9450574c8",
"rev": "8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661",
"type": "github"
},
"original": {
@ -373,11 +353,11 @@
]
},
"locked": {
"lastModified": 1730016908,
"narHash": "sha256-bFCxJco7d8IgmjfNExNz9knP8wvwbXU4s/d53KOK6U0=",
"lastModified": 1730490306,
"narHash": "sha256-AvCVDswOUM9D368HxYD25RsSKp+5o0L0/JHADjLoD38=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e83414058edd339148dc142a8437edb9450574c8",
"rev": "1743615b61c7285976f85b303a36cdf88a556503",
"type": "github"
},
"original": {
@ -393,15 +373,17 @@
]
},
"locked": {
"lastModified": 1718289195,
"narHash": "sha256-xmkExjsTztXW4/AYb3d3Er6Wwg4r7AVwq7rv9E93+Ec=",
"dir": "iceshrimp-js",
"lastModified": 1730406937,
"narHash": "sha256-y7qpPNAUi9IcncP8U9S/ywmqpIUQxeTQk9Px1NeGyC8=",
"ref": "refs/heads/dev",
"rev": "746c6319d3425ccfacc906535c67951e161996d9",
"revCount": 47,
"rev": "e17f981d379d63abd2ed85463ca712496dd44eda",
"revCount": 49,
"type": "git",
"url": "https://iceshrimp.dev/iceshrimp/packaging"
},
"original": {
"dir": "iceshrimp-js",
"type": "git",
"url": "https://iceshrimp.dev/iceshrimp/packaging"
}
@ -541,11 +523,11 @@
]
},
"locked": {
"lastModified": 1729982130,
"narHash": "sha256-HmLLQbX07rYD0RXPxbf3kJtUo66XvEIX9Y+N5QHQ9aY=",
"lastModified": 1730448474,
"narHash": "sha256-qE/cYKBhzxHMtKtLK3hlSR3uzO1pWPGLrBuQK7r0CHc=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "2eb472230a5400c81d9008014888b4bff23bcf44",
"rev": "683d0c4cd1102dcccfa3f835565378c7f3cbe05e",
"type": "github"
},
"original": {
@ -652,22 +634,6 @@
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1730084548,
"narHash": "sha256-kKupAepQ12lu7nf3PLixumVJsJFTT8K3TnF2ECV2pAQ=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4b0b590fa39550751323db7e0e099439b569cb2a",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1720535198,
@ -686,11 +652,11 @@
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1729973466,
"narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=",
"lastModified": 1730602179,
"narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "cd3e8833d70618c4eea8df06f95b364b016d4950",
"rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c",
"type": "github"
},
"original": {
@ -702,11 +668,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1729880355,
"narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=",
"lastModified": 1730531603,
"narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "18536bf04cd71abd345f9579158841376fdd0c5a",
"rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d",
"type": "github"
},
"original": {
@ -750,11 +716,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1729880355,
"narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=",
"lastModified": 1730531603,
"narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "18536bf04cd71abd345f9579158841376fdd0c5a",
"rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d",
"type": "github"
},
"original": {
@ -766,11 +732,11 @@
},
"nixpkgs_5": {
"locked": {
"lastModified": 1729951556,
"narHash": "sha256-bpb6r3GjzhNW8l+mWtRtLNg5PhJIae041sPyqcFNGb4=",
"lastModified": 1730272153,
"narHash": "sha256-B5WRZYsRlJgwVHIV6DvidFN7VX7Fg9uuwkRW9Ha8z+w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4e0eec54db79d4d0909f45a88037210ff8eaffee",
"rev": "2d2a9ddbe3f2c00747398f3dc9b05f7f2ebb0f53",
"type": "github"
},
"original": {
@ -795,11 +761,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1730058276,
"narHash": "sha256-t4fyRWIiDBJiDBnqqnxnk9nfT1SDTZN+koJLiuKkIT8=",
"lastModified": 1730569492,
"narHash": "sha256-NByr7l7JetL9kIrdCOcRqBu+lAkruYXETp1DMiDHNQs=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "a20fbbc4b9665ec215e7bea061a1d64f6fd652ce",
"rev": "6f210158b03b01a1fd44bf3968165e6da80635ce",
"type": "github"
},
"original": {
@ -816,11 +782,11 @@
]
},
"locked": {
"lastModified": 1729316601,
"narHash": "sha256-sn/xeOAkY0vJbea0uxtmsiOlWatEApgyy3T1M2frgf8=",
"lastModified": 1730648040,
"narHash": "sha256-ndWfCUK1LZIbNAl/IHesD0zAe09tkKqENmmlYfMIofQ=",
"ref": "refs/heads/main",
"rev": "095cf7f9b70c8d1006f28342537a9d58c8f1b241",
"revCount": 89,
"rev": "2eb28b339ac9d3d81b3e98f000887bedef02f435",
"revCount": 91,
"type": "git",
"url": "https://git.sapphic.engineer/noe/noe.sh"
},
@ -839,11 +805,11 @@
]
},
"locked": {
"lastModified": 1730044642,
"narHash": "sha256-DbyV9l3hkrSWcN34S6d9M4kAFss0gEHGtjqqMdG9eAs=",
"lastModified": 1730515563,
"narHash": "sha256-8lklUZRV7nwkPLF3roxzi4C2oyLydDXyAzAnDvjkOms=",
"owner": "NuschtOS",
"repo": "search",
"rev": "e373332c1f8237fc1263901745b0fe747228c8ba",
"rev": "9e22bd742480916ff5d0ab20ca2522eaa3fa061e",
"type": "github"
},
"original": {
@ -902,7 +868,6 @@
"root": {
"inputs": {
"apple-silicon": "apple-silicon",
"darwin": "darwin",
"doll-repair": "doll-repair",
"fedi-emotes": "fedi-emotes",
"flake-utils": "flake-utils",
@ -914,7 +879,6 @@
"lix-module": "lix-module",
"nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_4",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-unstable": "nixpkgs-unstable",
"nixvim": "nixvim",
@ -947,11 +911,11 @@
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1729999681,
"narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=",
"lastModified": 1730605784,
"narHash": "sha256-1NveNAMLHbxOg0BpBMSVuZ2yW2PpDnZLbZ25wV50PMc=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56",
"rev": "e9b5eef9b51cdf966c76143e13a9476725b2f760",
"type": "github"
},
"original": {
@ -1033,11 +997,11 @@
]
},
"locked": {
"lastModified": 1730025913,
"narHash": "sha256-Y9NtFmP8ciLyRsopcCx1tyoaaStKeq+EndwtGCgww7I=",
"lastModified": 1730321837,
"narHash": "sha256-vK+a09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/+maI=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "bae131e525cc8718da22fbeb8d8c7c43c4ea502a",
"rev": "746901bb8dba96d154b66492a29f5db0693dbfcc",
"type": "github"
},
"original": {

23
flake.nix
View file

@ -11,7 +11,6 @@
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-master.url = "github:nixos/nixpkgs/master";
# Home manageKr
home-manager = {
@ -20,10 +19,6 @@
};
# Darwin & Apple Silicon tools
darwin = {
url = "github:lnl7/nix-darwin";
inputs.nixpkgs.follows = "nixpkgs";
};
apple-silicon.url = "github:tpwrules/nixos-apple-silicon";
# Secrets
@ -42,7 +37,7 @@
# Iceshrimpy
iceshrimp = {
url = "git+https://iceshrimp.dev/iceshrimp/packaging";
url = "git+https://iceshrimp.dev/iceshrimp/packaging?dir=iceshrimp-js";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
iceshrimp-withdrawal = {
@ -109,8 +104,6 @@
"aarch64-linux"
"i686-linux"
"x86_64-linux"
"aarch64-darwin"
"x86_64-darwin"
];
mkNixos = modules: nixpkgs.lib.nixosSystem {
@ -118,11 +111,6 @@
specialArgs = { inherit inputs outputs; };
};
mkDarwin = system: modules: inputs.darwin.lib.darwinSystem {
inherit modules system inputs;
specialArgs = { inherit inputs outputs; };
};
mkHome = modules: pkgs: home-manager.lib.homeManagerConfiguration {
inherit modules pkgs;
extraSpecialArgs = { inherit inputs outputs; };
@ -162,10 +150,6 @@
# These are usually stuff you would upstream into home-manager
homeManagerModules = import ./modules/home-manager;
# Reusable nix-darwin packages you might want to export
# These are usually hacks!
darwinModules = import ./modules/darwin;
# NixOS configuration entrypoint
# Available through 'nixos-rebuild --flake .#your-hostname'
nixosConfigurations = {
@ -190,11 +174,6 @@
ts3 = mkNixos [ ./nixos/hosts/ts3 ]; # Teamspeak-san
};
darwinConfigurations = {
# in asahi => noe-air = mkDarwin "aarch64-darwin" [ ./darwin/hosts/noe-air ];
AMERMACC02G65A8MD6T = mkDarwin "x86_64-darwin" [ ./darwin/hosts/work-mac ];
};
# Standalone home-manager configuration entrypoint
# Available through 'home-manager --flake .#your-username@your-hostname'
homeConfigurations = {

3
home-manager/noe/hosts/aerial.nix
View file

@ -30,7 +30,8 @@
gimp
krita
senpai
master.pokemmo-installer
# master.pokemmo-installer
jq
];
programs.vscode = {

3
nixos/features/podman.nix
View file

@ -8,8 +8,7 @@
dockerCompat = true;
defaultNetwork.settings = {
dns_enabled = true;
ipv6_enabled = true;
subnets = [{ gateway = "10.88.0.1"; subnet = "10.88.0.0/16"; } { gateway = "100.69.0.1"; subnet = "100.69.0.0/16"; }];
ipv6_enabled = false;
};
};
};

3
nixos/hosts/dis-sociat-ing/default.nix
View file

@ -34,6 +34,7 @@
settings = {
url = "https://dis.sociat.ing";
enableMetrics = true;
maxNoteLength = 100000;
};
dbPasswordFile = config.sops.secrets.db_password.path;
createDb = true;
@ -43,5 +44,5 @@
services.postgresql.package = pkgs.postgresql_15;
services.redis.servers.iceshrimp.logfile = "stdout";
boot.kernel.sysctl."net.ipv6.conf.eth0.disable_ipv6" = true;
# boot.kernel.sysctl."net.ipv6.conf.eth0.disable_ipv6" = true;
}

3
nixos/hosts/git/default.nix
View file

@ -1,4 +1,4 @@
{ ... }: {
{ pkgs, ... }: {
imports = [
../../templates/proxmox-lxc.nix
../../server.nix
@ -12,6 +12,7 @@
services.forgejo = {
enable = true;
package = pkgs.forgejo;
lfs = {
enable = true;
};

40
nixos/stacks/ps2.live/saerro.nix
View file

@ -1,4 +1,4 @@
{ config, pkgs, ... }: let
{ config, pkgs, inputs, ... }: let
image = name: "ghcr.io/genudine/saerro/${name}:latest";
port = n: builtins.toString (8100 + n);
containerGenerics = {
@ -7,7 +7,6 @@
];
extraOptions = [
"--pod=saerro"
#"--pull=always"
];
autoStart = true;
};
@ -25,26 +24,27 @@ in {
PORT = port 1;
WEBSOCKET_HEALTHCHECK = "http://127.0.0.1:${port 2}/healthz";
};
dependsOn = [ "saerro_maint" "saerro_postgres" ];
} // containerGenerics;
saerro_ws = {
image = image "websocket";
environment = {
PORT = port 2;
WORLDS = "all";
};
dependsOn = [ "saerro_maint" "saerro_postgres" ];
} // containerGenerics;
saerro_maint = {
image = image "tasks";
cmd = [ "auto-maintenance" ];
dependsOn = [ "saerro_postgres" ];
} // containerGenerics;
saerro_ws = {
image = "ps2live/saerro:latest";
imageFile = inputs.saerro.packages.${pkgs.system}.container;
environment = {
PORT = port 2;
};
dependsOn = [ "saerro_postgres" ];
} // containerGenerics;
saerro_maint = {
image = "ps2live/saerro/pruner:latest";
imageFile = inputs.saerro.packages.${pkgs.system}.pruner;
dependsOn = [ "saerro_postgres" ];
} // containerGenerics;
saerro_postgres = {
image = "docker.io/timescale/timescaledb:latest-pg15";
image = "docker.io/library/postgres:17";
volumes = [
"saerrodb:/var/lib/postgresql/data"
];
@ -63,13 +63,9 @@ in {
systemd.services.restart-upgrade-saerro = {
serviceConfig.Type = "oneshot";
script = ''
${pkgs.podman}/bin/podman pull ${config.virtualisation.oci-containers.containers.saerro_ws.image}
${pkgs.podman}/bin/podman pull ${config.virtualisation.oci-containers.containers.saerro_api.image}
${pkgs.podman}/bin/podman pull ${config.virtualisation.oci-containers.containers.saerro_maint.image}
systemctl restart podman-saerro_ws
systemctl restart podman-saerro_api
systemctl restart podman-saerro_maint
'';
};

2
overlays/default.nix
View file

@ -27,7 +27,7 @@
config.allowUnfree = true;
};
master = import inputs.nixpkgs-master {
master = import inputs.nixpkgs-unstable {
system = final.system;
config.allowUnfree = true;
};