Compare commits
5 Commits
5eb047a218
...
a888ddfc8f
Author | SHA1 | Date |
---|---|---|
Harsh Shandilya | a888ddfc8f | |
Harsh Shandilya | 23852d1b42 | |
Harsh Shandilya | 73f02e4bbb | |
Harsh Shandilya | 2874866b5e | |
Harsh Shandilya | ef68754cb5 |
|
@ -1,5 +1,35 @@
|
|||
{
|
||||
"nodes": {
|
||||
"attic": {
|
||||
"inputs": {
|
||||
"crane": "crane",
|
||||
"flake-compat": [
|
||||
"flake-compat"
|
||||
],
|
||||
"flake-utils": [
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs-stable": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1711742460,
|
||||
"narHash": "sha256-0O4v6e4a1toxXZ2gf5INhg4WPE5C5T+SVvsBt+45Mcc=",
|
||||
"owner": "zhaofengli",
|
||||
"repo": "attic",
|
||||
"rev": "4dbdbee45728d8ce5788db6461aaaa89d98081f0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "zhaofengli",
|
||||
"repo": "attic",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"base16": {
|
||||
"inputs": {
|
||||
"fromYaml": "fromYaml"
|
||||
|
@ -147,6 +177,27 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"crane": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"attic",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1702918879,
|
||||
"narHash": "sha256-tWJqzajIvYcaRWxn+cLUB9L9Pv4dQ3Bfit/YjU5ze3g=",
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"rev": "7195c00c272fdd92fc74e7d5a0a2844b9fadb2fb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"darwin": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -691,6 +742,7 @@
|
|||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"attic": "attic",
|
||||
"darwin": "darwin",
|
||||
"deploy-rs": "deploy-rs",
|
||||
"devshell": "devshell",
|
||||
|
|
|
@ -39,6 +39,7 @@
|
|||
srvos.nixosModules.desktop
|
||||
];
|
||||
systems.hosts.wailord.modules = with inputs; [
|
||||
attic.nixosModules.atticd
|
||||
disko.nixosModules.disko
|
||||
srvos.nixosModules.server
|
||||
];
|
||||
|
@ -119,6 +120,12 @@
|
|||
|
||||
systems.url = "github:msfjarvis/flake-systems";
|
||||
|
||||
attic.url = "github:zhaofengli/attic";
|
||||
attic.inputs.nixpkgs.follows = "nixpkgs";
|
||||
attic.inputs.nixpkgs-stable.follows = "nixpkgs";
|
||||
attic.inputs.flake-utils.follows = "flake-utils";
|
||||
attic.inputs.flake-compat.follows = "flake-compat";
|
||||
|
||||
darwin.url = "github:LnL7/nix-darwin/master";
|
||||
darwin.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
|
|
|
@ -37,10 +37,6 @@ in {
|
|||
sops.gnupg.sshKeyPaths = lib.mkForce [];
|
||||
sops.defaultSopsFile = ./../../../../secrets/tailscale.yaml;
|
||||
sops.secrets.tsauthkey = {};
|
||||
sops.secrets.yarr-auth = {
|
||||
owner = config.services.yarr.user;
|
||||
inherit (config.services.yarr) group;
|
||||
};
|
||||
|
||||
# Automatically log into my user account
|
||||
services.getty.autologinUser = lib.mkForce "msfjarvis";
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
_: _final: prev: {
|
||||
{inputs, ...}: _final: prev: {
|
||||
attic = inputs.attic.packages.${prev.system}.attic-client;
|
||||
# Force the use of the JDK we're using everywhere else
|
||||
jdk = prev.openjdk21;
|
||||
jdk_headless = prev.openjdk21_headless;
|
||||
|
|
|
@ -45,3 +45,11 @@ function nixdiff() {
|
|||
function nixb() {
|
||||
nix flake update --commit-lock-file
|
||||
}
|
||||
|
||||
function cache() {
|
||||
local CACHE_PATHS ARCH KERNEL
|
||||
CACHE_PATHS="${1}"
|
||||
ARCH="$(uname -m)"
|
||||
KERNEL="$(uname --kernel-name | tr '[:upper:]' '[:lower:]')"
|
||||
attic push "${ARCH}-${KERNEL}" "${CACHE_PATHS:?}"
|
||||
}
|
||||
|
|
|
@ -0,0 +1,39 @@
|
|||
atticd: ENC[AES256_GCM,data:ZkGv4muspssESRbEF8MiZQ2E9+jpZ91bUtRZgOZ75KTZk+Wl9J7vwPoGQWG8dgXwC7UcpQlL7G1TMBfX6w4paRodE9TYOdZuDEkFahEeyXaxGyMHVLulOwRr3kONwsumidIYBGsLecxMDaleRq3olxSgGSYt18ihhAuEl6Nr8w==,iv:/8T2K7Tpsfyp68i+RAE90uZpuxCI0Dn2gnI/9RKqmag=,tag:vFPEsPRYMdvubGNMkdpyWA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1y7arunqzyjjdyspx46z20x6qadxpxfu5z59qe74tn4re375ctg7qtj48p3
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmQ0JaMkJzMjhVcnovc2pv
|
||||
WHZQM0hiYndjL0d2K205TjQ3SDE1WS9wR0dBClBFSk91SFdIaUdXRnhsSFAvL2pt
|
||||
MUUwcnNYd2NhczlTYnFhM08yL1hhSTgKLS0tIDBTR2thZnRSRmNSZzhPTHd0L2Rw
|
||||
c3JlWHFDZ0RsdHREcXAxSzQzekVQWEUKqPE64wGtzcnD+8EH5hsIDcEa0LhrPeRC
|
||||
+0blkwgQYjCeZYTlG54/qFJt7g8balUE0y/bJExtX1GiCpThaJNoXA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1dvrymsl5xk26pkznk5kljqssnkvae2ftsawx96n4r43p3cfzyv4qtr67qj
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVaEJwLzMxMkpoVmcwbVhN
|
||||
a1JFMVowZGZvRENmY0ZYUG9pZFc1ZW5HdjJVCmIwcHQ4V0grRWRiWkFoLzZXaGdu
|
||||
aUUzdURGUW1kSitRWit4NENFajQ2TkEKLS0tIGI0Yk9FRlJodklLRU81WkZ3NE50
|
||||
cUZsdmFrOEFrSSsrVSsxYm1ObkVrd1kKjyq2UPf4ceU+JiZeIuLidb4FV1rjIsic
|
||||
czVq/jUbXZj54kHenFXbdQNu1NNK0/M+hqBX/wA9U0Y5kEKiu3lpTA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age10fy49p7faufe5533rxgshwjn9kr3aqcxjyqk6ty26j99w50dkswsvn2maq
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpMHEwTVZzRmpYUnJMWjRN
|
||||
ZCtTU0lMNVMyclBYak1LTmRzTVIvdmErWFVFCnlzTjhXSEliaUpjSHhnak1sS3dE
|
||||
YnNzZm9sSTZOZ2FSck1FMk0yYWZBd2sKLS0tIGZscjRadDl3L3FibVlKdllPMTdR
|
||||
THhaYnZCRk9nYmdUTkZnd2RwQmE0V2cKy8/US26LGDNOrophTN1Ek2SqewiwjLvb
|
||||
d631PVwThF7FvsS9cYCmcTTQhuGiiIb0S5vXVFz3WFSbPw/DL7isug==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-04-25T16:08:01Z"
|
||||
mac: ENC[AES256_GCM,data:FzFsko6dZi/fUMlPSCCO/aacLo+w3nSz1ifwujuFaRWohzfkUryhrtCCeM6T7o/Mp6cTLD+KiQHRm3lcWUvirZ7bUvhCTX54I4LbWs91L4UO+VfehHoNF5fpfmpRoDnri8FBeIyEc/v161e3fRTnVXzQzFlflOvNv0Xb1dO5RZU=,iv:yB9fH1X9URts95zGt1T3upgMQHYUEaaFPMx2Fh/0Wrk=,tag:Tc/Pm/gB3PMMpvFswp3MfQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
|
@ -56,6 +56,24 @@
|
|||
micro
|
||||
];
|
||||
|
||||
sops.secrets.atticd = {
|
||||
sopsFile = ./../../../secrets/atticd.yaml;
|
||||
};
|
||||
services.atticd = {
|
||||
enable = true;
|
||||
credentialsFile = config.sops.secrets.atticd.path;
|
||||
|
||||
settings = {
|
||||
listen = "[::]:8081";
|
||||
chunking = {
|
||||
nar-size-threshold = 64 * 1024; # 64 KiB
|
||||
min-size = 16 * 1024; # 16 KiB
|
||||
avg-size = 64 * 1024; # 64 KiB
|
||||
max-size = 256 * 1024; # 256 KiB
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.atuin = {
|
||||
enable = true;
|
||||
openRegistration = true;
|
||||
|
@ -69,15 +87,20 @@
|
|||
services.caddy = {
|
||||
enable = true;
|
||||
virtualHosts = {
|
||||
"https://cache.msfjarvis.dev" = {
|
||||
extraConfig = ''
|
||||
reverse_proxy ${config.services.atticd.settings.listen}
|
||||
'';
|
||||
};
|
||||
"https://git.msfjarvis.dev" = {
|
||||
extraConfig = ''
|
||||
reverse_proxy :${toString config.services.gitea.settings.server.HTTP_PORT}
|
||||
'';
|
||||
};
|
||||
"https://wailord.tiger-shark.ts.net" = {
|
||||
"https://news.msfjarvis.dev" = {
|
||||
extraConfig = ''
|
||||
root * /var/lib/file_share_internal
|
||||
file_server browse
|
||||
root * ${inputs.nixpkgs-news.packages.${pkgs.system}.nixpkgs-news}
|
||||
file_server
|
||||
'';
|
||||
};
|
||||
"https://read.msfjarvis.dev" = {
|
||||
|
@ -85,18 +108,12 @@
|
|||
reverse_proxy ${toString config.services.yarr.addr}
|
||||
'';
|
||||
};
|
||||
"https://til.msfjarvis.dev" = {
|
||||
"https://wailord.tiger-shark.ts.net" = {
|
||||
extraConfig = ''
|
||||
root * /var/lib/file_share
|
||||
root * /var/lib/file_share_internal
|
||||
file_server browse
|
||||
'';
|
||||
};
|
||||
"https://toot.msfjarvis.dev" = {
|
||||
extraConfig = ''
|
||||
root * ${inputs.nixpkgs-news.packages.${pkgs.system}.nixpkgs-news}
|
||||
file_server
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -112,6 +129,10 @@
|
|||
};
|
||||
};
|
||||
|
||||
sops.secrets.yarr-auth = {
|
||||
owner = config.services.yarr.user;
|
||||
inherit (config.services.yarr) group;
|
||||
};
|
||||
services.yarr = {
|
||||
enable = true;
|
||||
addr = "127.0.0.1:8889";
|
||||
|
|
|
@ -55,6 +55,7 @@
|
|||
extraGroups = ["networkmanager" "wheel"];
|
||||
packages = with pkgs; [
|
||||
age
|
||||
attic
|
||||
jarvis.boop-gtk
|
||||
discord
|
||||
fclones
|
||||
|
|
Loading…
Reference in New Issue