Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-04-04 03:01:05 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'main' of github.com:JulienMalka/nix-config

Browse source
This commit is contained in:
Julien Malka 2021-12-26 18:19:00 +01:00
commit a68f0b93f0
No known key found for this signature in database
GPG key ID: 3C68E13964FEA07F
12 changed files with 117 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
base.nix
View file

@ -30,6 +30,7 @@
rxvt_unicode rxvt_unicode
xorg.xbacklight xorg.xbacklight
neovim neovim
tinystatus
]; ];
environment.variables.EDITOR = "nvim"; environment.variables.EDITOR = "nvim";

48
flake.lock generated
View file

@ -92,7 +92,9 @@
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
"neovim-flake": "neovim-flake", "neovim-flake": "neovim-flake",
"nixpkgs": "nixpkgs_2" "nixpkgs": [
"unstable"
]
}, },
"locked": { "locked": {
"lastModified": 1640420040, "lastModified": 1640420040,
@ -125,22 +127,6 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1640319671,
"narHash": "sha256-ZkKmakwaOaLiZOpIZWbeJZwap5CzJ30s4UJTfydYIYc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "eac07edbd20ed4908b98790ba299250b5527ecdf",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1640350772, "lastModified": 1640350772,
"narHash": "sha256-8Ug1fj5CLjyECT1Jw1VjeJ7+dmgO5grsXoXre3PywO4=", "narHash": "sha256-8Ug1fj5CLjyECT1Jw1VjeJ7+dmgO5grsXoXre3PywO4=",
@ -156,29 +142,13 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_4": {
"locked": {
"lastModified": 1638097282,
"narHash": "sha256-EXCzj9b8X/lqDPJapxZThIOKL5ASbpsJZ+8L1LnY1ig=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "78cb77b29d37a9663e05b61abb4fa09465da4b70",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1640428145, "lastModified": 1640463732,
"narHash": "sha256-GTzu4NxMGiBrfPE6uWycHojqCUmhCWwOrdS0Y0/JU60=", "narHash": "sha256-9xakgOvzBvR/e9MX6LJJg5D35RjvWCY6E41k6yUo/Lg=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "a3425a69ea42ce9360d728246f298ddb905f342c", "rev": "767df3ef1bb4e2820c2bf8eca1ab89b69d754549",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -191,7 +161,7 @@
"home-manager": "home-manager", "home-manager": "home-manager",
"homepage": "homepage", "homepage": "homepage",
"neovim-nightly-overlay": "neovim-nightly-overlay", "neovim-nightly-overlay": "neovim-nightly-overlay",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_2",
"nur": "nur", "nur": "nur",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"unstable": "unstable" "unstable": "unstable"
@ -199,7 +169,9 @@
}, },
"sops-nix": { "sops-nix": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_4" "nixpkgs": [
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1638821683, "lastModified": 1638821683,

4
flake.nix
View file

@ -10,6 +10,7 @@
neovim-nightly-overlay = { neovim-nightly-overlay = {
url = "github:nix-community/neovim-nightly-overlay"; url = "github:nix-community/neovim-nightly-overlay";
inputs.nixpkgs.follows = "unstable";
}; };
homepage = { homepage = {
url = "github:JulienMalka/homepage"; url = "github:JulienMalka/homepage";
@ -22,6 +23,7 @@
sops-nix = { sops-nix = {
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
@ -29,6 +31,7 @@
outputs = { self, home-manager, nixpkgs, unstable, sops-nix, neovim-nightly-overlay, nur, ... }@inputs: outputs = { self, home-manager, nixpkgs, unstable, sops-nix, neovim-nightly-overlay, nur, ... }@inputs:
let let
utils = import ./utils.nix { inherit nixpkgs sops-nix home-manager inputs; nixpkgs-unstable = unstable; }; utils = import ./utils.nix { inherit nixpkgs sops-nix home-manager inputs; nixpkgs-unstable = unstable; };
pkgs = import nixpkgs { system = "x86_64-linux"; };
in in
with utils; with utils;
{ {
@ -40,5 +43,6 @@
(builtins.attrNames (builtins.readDir ./modules))); (builtins.attrNames (builtins.readDir ./modules)));
nixosConfigurations = builtins.mapAttrs (name: value: (mkMachine name value self.nixosModules)) (importConfig ./machines); nixosConfigurations = builtins.mapAttrs (name: value: (mkMachine name value self.nixosModules)) (importConfig ./machines);
packages."x86_64-linux".tinystatus = import ./packages/tinystatus { inherit pkgs; };
}; };
} }

15
machines/lisa/default.nix
View file

@ -25,18 +25,23 @@
subdomain = "ci"; subdomain = "ci";
}; };
}; };
status = {
enable = true;
nginx = {
enable = true;
subdomain = "status";
};
};
}; };
nix.maxJobs = lib.mkDefault 8; nix.maxJobs = lib.mkDefault 4;
networking.hostName = "lisa"; # Define your hostname. networking.hostName = "lisa";
networking.interfaces.ens18.useDHCP = true; networking.interfaces.ens18.useDHCP = true;
networking.interfaces.ens19.useDHCP = false; networking.interfaces.ens19.useDHCP = false;
networking.interfaces.ens19.ipv6.addresses = [{ networking.interfaces.ens19.ipv6.addresses = [{
address = "2a01:e0a:5f9:9681:5880:c9ff:fe9f:3dfb"; address = "2a01:e0a:5f9:9681:5880:c9ff:fe9f:3dfb";
prefixLength = 120; prefixLength = 120;
}]; }];
networking.firewall.allowedTCPPorts = [ 80 443 8096 8920 ]; system.stateVersion = "20.09";
networking.firewall.allowedUDPPorts = [ 80 443 1900 7359 ];
system.stateVersion = "20.09"; # Did you read the comment?
} }

2
machines/macintosh/default.nix
View file

@ -10,7 +10,7 @@
]; ];
networking.hostName = "macintosh"; # Define your hostname. networking.hostName = "macintosh";
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
networking.firewall.enable = true; networking.firewall.enable = true;

7
machines/newton/default.nix
View file

@ -18,18 +18,15 @@ in
programs.gnupg.agent.enable = true; programs.gnupg.agent.enable = true;
networking.hostName = hostName; # Define your hostname. networking.hostName = hostName;
networking.hostId = "f7cdfbc9"; networking.hostId = "f7cdfbc9";
networking.interfaces.enp2s0f0.useDHCP = true; networking.interfaces.enp2s0f0.useDHCP = true;
networking.interfaces.enp2s0f1.useDHCP = true; networking.interfaces.enp2s0f1.useDHCP = true;
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = [ 80 443 ];
services.zfs.autoSnapshot.enable = true; services.zfs.autoSnapshot.enable = true;
services.zfs.autoScrub.enable = true; services.zfs.autoScrub.enable = true;
system.stateVersion = "21.05"; # Did you read the comment? system.stateVersion = "21.05";
} }

1
modules/homepage/default.nix
View file

@ -15,7 +15,6 @@ in
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
root = inputs.homepage; root = inputs.homepage;
default = true;
}; };
services.nginx.virtualHosts."www.julienmalka.me" = { services.nginx.virtualHosts."www.julienmalka.me" = {

1
modules/nginx/default.nix
View file

@ -13,6 +13,7 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [ 80 443 ];
security.acme.email = "${cfg.email}"; security.acme.email = "${cfg.email}";
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
users.groups.nginx = { name = "nginx"; }; users.groups.nginx = { name = "nginx"; };

10
modules/status/checks.csv Normal file
View file

@ -0,0 +1,10 @@
http, 200, Lisa, https://google.com
http, 200, Homepage, https://julienmalka.me
http, 200, CI, https://ci.julienmalka.me
http, 200, Jellyfin, https://tv.julienmalka.me
http, 200, Transmission, https://downloads.julienmalka.me
http, 200, Sonarr, https://series.julienmalka.me
http, 200, Radarr, https://films.julienmalka.me
http, 200, Jackett, https://jackett.julienmalka.me/UI/Dashboard
port, 0, Newton, newton.julienmalka.me 45
http, 200, Cloud, cloud.julienmalka.me
1 http 200 Lisa https://google.com
2 http 200 Homepage https://julienmalka.me
3 http 200 CI https://ci.julienmalka.me
4 http 200 Jellyfin https://tv.julienmalka.me
5 http 200 Transmission https://downloads.julienmalka.me
6 http 200 Sonarr https://series.julienmalka.me
7 http 200 Radarr https://films.julienmalka.me
8 http 200 Jackett https://jackett.julienmalka.me/UI/Dashboard
9 port 0 Newton newton.julienmalka.me 45
10 http 200 Cloud cloud.julienmalka.me

52
modules/status/default.nix Normal file
View file

@ -0,0 +1,52 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.luj.status;
in
{
options.luj.status = {
enable = mkEnableOption "activate status page";
nginx.enable = mkEnableOption "activate nginx";
nginx.subdomain = mkOption {
type = types.str;
};
};
config = mkIf cfg.enable (
mkMerge [{
systemd = {
timers.tinystatus = {
wantedBy = [ "timers.target" ];
partOf = [ "tinystatus.service" ];
timerConfig.OnCalendar = "*-*-* *:05,10,15,20,25,30,35,40,45,50,55:00";
timerConfig.Unit = "tinystatus.service";
};
services.tinystatus = {
serviceConfig.Type = "oneshot";
path = [ pkgs.gawk pkgs.gnused pkgs.curl pkgs.netcat pkgs.unixtools.ping ];
script = ''
mkdir -p /var/www/status
${pkgs.tinystatus}/bin/tinystatus ${./checks.csv} > /var/www/status/index.html
${pkgs.gnused}/bin/sed -i 's/tinystatus/Services status/g' /var/www/status/index.html
${pkgs.gnused}/bin/sed -i 's/80%/60%/g' /var/www/status/index.html
'';
};
};
}
(mkIf cfg.nginx.enable {
luj.nginx.enable = true;
services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = {
enableACME = true;
forceSSL = true;
root = "/var/www/status/";
};
})]);
}

25
packages/tinystatus/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ pkgs, ... }:
with pkgs;
stdenv.mkDerivation rec {
pname = "tinystatus";
version = "1.0.0";
src = fetchFromGitHub{
owner = "bderenzo";
repo = "tinystatus";
rev="fc128adf240261ac99ea3e3be8d65a92eda52a73";
sha256= "FvQwibm6F10l9/U3RnNTGu+C2JjHOwbv62VxXAfI7/s=";
};
postPatch = ''
patchShebangs .
'';
installPhase = ''
mkdir -p $out/bin/
mv tinystatus $out/bin/
'';
}

1
utils.nix
View file

@ -25,6 +25,7 @@ in
overlay-unstable overlay-unstable
(final: prev: (final: prev:
{ {
tinystatus = prev.pkgs.callPackage ./packages/tinystatus {};
mosh = prev.mosh.overrideAttrs (old: { mosh = prev.mosh.overrideAttrs (old: {
patches = (prev.lib.take 1 old.patches) ++ (prev.lib.sublist 4 4 old.patches); patches = (prev.lib.take 1 old.patches) ++ (prev.lib.sublist 4 4 old.patches);
postPatch = ''''; postPatch = '''';