nix
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated flake.lock

This commit is contained in:
niten 2022-01-05 12:09:56 -08:00
parent f5a6b93395
commit 101a6afcd8
9 changed files with 157 additions and 197 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/default.nix
View File

@ -15,6 +15,7 @@
./user-config.nix
./wireless-networks.nix
./service/chute.nix
./service/dns.nix
./service/fudo-auth.nix
./service/jabber.nix

3
config/hardware/zbox.nix
View File

@ -77,6 +77,9 @@
enableRedistributableFirmware = true;
enableAllFirmware = true;
# Required with Wayland?
nvidia.modesetting.enable = true;
};
networking = {

118
config/host-config/nutboy3.nix
View File

@ -24,6 +24,7 @@ let
in {
imports = [
./nutboy3/cashew.nix
./nutboy3/forum_selby_ca.nix
];
@ -96,6 +97,7 @@ in {
services = {
jabber = {
enable = true;
domain = "jabber.fudo.org";
hostname = "jabber.fudo.org";
ldap.servers = [ "nutboy3.fudo.org" ];
state-directory = "/state/ejabberd";
@ -185,121 +187,5 @@ in {
# };
# };
};
containers.cashew = let
local-packages = with pkgs; [
bind
emacs-nox
mtr
vim
];
in {
autoStart = true;
bindMounts = {
"/state" = {
hostPath = "/state/cashew";
isReadOnly = false;
};
"/etc/bind" = {
hostPath = "/state/cashew/bind";
isReadOnly = false;
};
"/var/log" = {
hostPath = "/state/cashew/logs";
isReadOnly = false;
};
"/home" = {
hostPath = "/state/cashew/home";
isReadOnly = false;
};
"/etc/dns-root-data" = {
hostPath = "${pkgs.dns-root-data}/";
isReadOnly = true;
};
};
interfaces = [ "eno2" ];
config = { ... }: {
nixpkgs.pkgs = pkgs;
environment.systemPackages = local-packages;
users = {
users = {
niten = config.users.users.niten;
reaper = config.users.users.reaper // {
openssh.authorizedKeys.keys = [
"ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBADtR1gMK7JnIOht8yZNPROr+0VHgt5eWrGFPscVPk1crVuEvIv1MF544Qk1IHi+2OA2xUvI1BTgmXp3TLvCjEn4lQF4Uc5hcUGENS6TNMPByHx69rAeXVMtmjW0sL4Tbhqd0iNh85STdtzXNZUY31+A6ugrJSnvnSt5wv9ZpMz0SFIE1Q=="
];
};
root.openssh.authorizedKeys.keys = [
"ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBADtR1gMK7JnIOht8yZNPROr+0VHgt5eWrGFPscVPk1crVuEvIv1MF544Qk1IHi+2OA2xUvI1BTgmXp3TLvCjEn4lQF4Uc5hcUGENS6TNMPByHx69rAeXVMtmjW0sL4Tbhqd0iNh85STdtzXNZUY31+A6ugrJSnvnSt5wv9ZpMz0SFIE1Q=="
];
};
groups = {
wheel.members = [
"niten"
"reaper"
];
dns = {
members = [
"niten"
"reaper"
"named"
];
};
};
};
networking = {
defaultGateway = {
address = "208.81.4.81";
interface = "eno2";
};
interfaces.eno2 = {
ipv4.addresses = [
{
address = "208.81.4.82";
prefixLength = 29;
}
{
address = "208.81.1.141";
prefixLength = 32;
}
];
};
firewall.enable = false;
};
services = {
bind = {
enable = true;
configFile = "/etc/bind/named.conf";
};
openssh = {
enable = true;
startWhenNeeded = true;
useDns = true;
permitRootLogin = "prohibit-password";
hostKeys = [
{
path = "/state/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
{
path = "/state/ssh/ssh_host_rsa_key";
type = "rsa";
bits = 4096;
}
];
};
};
};
};
};
}

15
config/host-config/procul.nix
View File

@ -84,16 +84,15 @@ in {
};
};
chute = {
services.chute = let
secret-files = config.fudo.secrets.files.service-secrets.procul;
in {
enable = true;
stages = {
jabber-user = "niten@jabber.fudo.org";
staging = {
package = pkgs.chuteUnstable;
credential-file = host-secrets.chute-staging-credentials.target-file;
currencies = {
btc.stop-percentile = 98;
};
};
secret-file = secret-files."chute-staging.secret";
passphrase-file = secret-files."chute-staging.passphrase";
key-file = secret-files."chute-staging.key";
};
};
};

5
config/host-config/system3.nix
View File

@ -6,7 +6,10 @@ in {
environment.systemPackages = with pkgs; [ opencv-java ];
networking.interfaces.intif0.useDHCP = true;
networking = {
interfaces.intif0.useDHCP = true;
firewall.enable = false;
};
systemd.tmpfiles.rules = [
"L /root/.gnupg - - - - ${state-dir}/user/root/gnupg"

8
config/service/jabber.nix
View File

@ -28,6 +28,11 @@ in {
default = "jabber.fudo.org";
};
domain = mkOption {
type = str;
description = "Jabber domain.";
};
ldap = {
user = mkOption {
type = str;
@ -70,7 +75,8 @@ in {
};
sites = {
${cfg.hostname} = {
${cfg.domain} = {
hostname = cfg.hostname;
site-config = {
auth_method = "ldap";
ldap_servers = cfg.ldap.servers;

12
config/site-config/seattle.nix
View File

@ -44,17 +44,17 @@ in {
"/net/documents" = {
device = "nostromo.sea.fudo.org:/export/documents";
fsType = "nfs4";
options = [ "comment=systemd.automount" "sec=krb5p" ];
options = [ "comment=systemd.automount" "sec=krb5p" "nfsvers=4" ];
};
"/net/downloads" = {
device = "nostromo.sea.fudo.org:/export/downloads";
fsType = "nfs4";
options = [ "comment=systemd.automount" "sec=krb5i" ];
options = [ "comment=systemd.automount" "sec=krb5i" "nfsvers=4" ];
};
"/net/projects" = {
device = "nostromo.sea.fudo.org:/export/projects";
fsType = "nfs4";
options = [ "comment=systemd.automount" "sec=krb5p" ];
options = [ "comment=systemd.automount" "sec=krb5p" "nfsvers=4" ];
};
};
@ -68,21 +68,21 @@ in {
# mounts = [
# {
# what = "sea-store.sea.fudo.org:/export/documents";
# what = "nostromo.sea.fudo.org:/export/documents";
# where = "/net/documents";
# type = "nfs4";
# options = "sec=krb5p";
# description = "sea-store documents on encrypted filesysem.";
# }
# {
# what = "sea-store.sea.fudo.org:/export/downloads";
# what = "nostromo.sea.fudo.org:/export/downloads";
# where = "/net/downloads";
# type = "nfs4";
# options = "sec=krb5i";
# description = "sea-store downloads on encrypted filesysem.";
# }
# {
# what = "sea-store.sea.fudo.org:/export/projects";
# what = "nostromo.sea.fudo.org:/export/projects";
# where = "/net/projects";
# type = "nfs4";
# options = "sec=krb5p";

7
config/users.nix
View File

@ -107,9 +107,9 @@
uid = 10035;
primary-group = "selby";
common-name = "Ken Selby";
ldap-hashed-passwd = "{SSHA}YvtkEpqsReXcMdrzlui/ZmhIUKN42YO1";
ldap-hashed-passwd = "{SSHA}ohRfhWED/qq5NIH8pqgHMQlbpPWVkH/m";
login-hashed-passwd =
"$6$EwK9fpbH8$gYVzYY1IYw2/G0wCeUxXrZZqvjWCkCZbBqCOhxowbMuYtC5G0vp.AoYhVKWOJcHJM2c7TdPmAdnhLIe2KYStf.";
"$6$f/0esIm0sxh36VCa$XJ1xFAquJTRW02W1GKqNDT0H.ufjx0yK2tiywhkW.QBi7P0AvShCDPVCFN59pQvYH7C5Q4ixX9VWLnufIU/9B1";
email-aliases = [ "kselby@selby.ca" ];
};
@ -329,7 +329,8 @@
uid = 10086;
primary-group = "selby";
common-name = "Helen Selby";
ldap-hashed-passwd = "{SSHA}uckUXX09MjYq9++sF3f9b2IY8a9UBIxm";
ldap-hashed-passwd = "{SSHA}G/qhBqHiCRSi+LdwyUesMH7StM5J6wZI";
# ldap-hashed-passwd = "{SSHA}uckUXX09MjYq9++sF3f9b2IY8a9UBIxm";
};
vee = {

183
flake.lock
View File

@ -66,11 +66,11 @@
"utils": "utils_4"
},
"locked": {
"lastModified": 1639617108,
"narHash": "sha256-8lwF4kcf/pigrNIrR4JXdTTFTCxgKyVGsYppVEt1rII=",
"lastModified": 1641048770,
"narHash": "sha256-8rzyOw029lbQC/UzzROwr+k9tnYKPgLIBLxMne6abo4=",
"ref": "master",
"rev": "0845e2e7eb44aefe38e3ae80ac237fd851733737",
"revCount": 6,
"rev": "88a8dbfe38d164351afeeca32c9e725d825e362d",
"revCount": 17,
"type": "git",
"url": "https://git.fudo.org/chute/chute.git"
},
@ -142,7 +142,7 @@
"evil-org-mode": "evil-org-mode",
"evil-quick-diff": "evil-quick-diff",
"explain-pause-mode": "explain-pause-mode",
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils",
"nix-straight": "nix-straight",
"nixpkgs": "nixpkgs_5",
"nose": "nose",
@ -342,21 +342,6 @@
}
},
"flake-utils": {
"locked": {
"lastModified": 1638122382,
"narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1623875721,
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
@ -373,18 +358,17 @@
},
"fudo-entities": {
"inputs": {
"flake-utils": "flake-utils",
"fudo-lib": "fudo-lib",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1639518935,
"narHash": "sha256-I3+jWNiGo6q3BtQHNgWK5aZ7K22L6YzNjQ5ZOfKgYwQ=",
"lastModified": 1639927391,
"narHash": "sha256-fptxLDQu9dKzOz8XVtw/tGEsua1XHUF7pzYpzZ4igjU=",
"ref": "master",
"rev": "ee5bede8e9766bbdf7b9f093d8eb3d1c2eb27caa",
"revCount": 24,
"rev": "e29d67c9ea522672e3fcf2e8d48edc61ba72ff0d",
"revCount": 25,
"type": "git",
"url": "https://git.fudo.org/fudo-nix/entities.git"
},
@ -396,18 +380,17 @@
"fudo-home": {
"inputs": {
"doom-emacs": "doom-emacs",
"fudo-pkgs": "fudo-pkgs",
"home-manager": "home-manager",
"niten-doom-config": "niten-doom-config",
"nixpkgs": [
"nixpkgs"
]
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1639926329,
"narHash": "sha256-GhNfhleCMoZ9+f7rh5YVPQIfoYV6Ehzgvku0DYcqf84=",
"lastModified": 1641413339,
"narHash": "sha256-31N7ovrwD6IagxFRGVDFNKq162h7s7wpBKAt+7bEhV0=",
"ref": "master",
"rev": "902966263e785d1b36d55f917ba34680ae854a14",
"revCount": 60,
"rev": "3d18a37c6ef9815428d4a8babafa83cfbdafea57",
"revCount": 75,
"type": "git",
"url": "https://git.fudo.org/fudo-nix/home.git"
},
@ -433,7 +416,7 @@
},
"fudo-lib_2": {
"locked": {
"narHash": "sha256-UAFFqr8Dln9AtMu1mJDHGFhNQgAezZjU8yywX/yaihs=",
"narHash": "sha256-hlQ7nQYuIH7AfRu7O3yr8Xf8Ppqbf7lIU2QNQvnOAbU=",
"path": "/state/fudo-lib",
"type": "path"
},
@ -443,12 +426,33 @@
}
},
"fudo-pkgs": {
"inputs": {
"unstableNixpkgs": "unstableNixpkgs"
},
"locked": {
"lastModified": 1639072539,
"narHash": "sha256-ezF6GF5JaJgQ7C4ZbzK4VWXl8DrDRO1gsvv/SOckmZ8=",
"lastModified": 1641413309,
"narHash": "sha256-FPLBuS9714BxkU6uLJSoRL7VQUj3yvTK4xkl7+RSzaM=",
"ref": "master",
"rev": "99319e33c6e17476225c1d939e656c6ae6c8152f",
"revCount": 18,
"rev": "042aa2f4cea9ad8acdf93b4b54196aefd94c0408",
"revCount": 22,
"type": "git",
"url": "https://git.fudo.org/fudo-nix/pkgs.git"
},
"original": {
"type": "git",
"url": "https://git.fudo.org/fudo-nix/pkgs.git"
}
},
"fudo-pkgs_2": {
"inputs": {
"unstableNixpkgs": "unstableNixpkgs_2"
},
"locked": {
"lastModified": 1641413309,
"narHash": "sha256-FPLBuS9714BxkU6uLJSoRL7VQUj3yvTK4xkl7+RSzaM=",
"ref": "master",
"rev": "042aa2f4cea9ad8acdf93b4b54196aefd94c0408",
"revCount": 22,
"type": "git",
"url": "https://git.fudo.org/fudo-nix/pkgs.git"
},
@ -472,7 +476,7 @@
"ssh-keypairs": "ssh-keypairs"
},
"locked": {
"narHash": "sha256-22lvxSaUkKdp33P19eXif1PieGty0cJw4P2R6LJFL30=",
"narHash": "sha256-ZiSCZ5783ghtNZ6geFR+avU+qnn0nhisbAB4P2yziGY=",
"path": "/state/secrets",
"type": "path"
},
@ -525,17 +529,14 @@
},
"home-manager": {
"inputs": {
"nixpkgs": [
"fudo-home",
"nixpkgs"
]
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1638553958,
"narHash": "sha256-leETjYMtD9y37CvfRSQhIGibcIl4dNVlFkY/8QgqmAM=",
"lastModified": 1639871969,
"narHash": "sha256-6feWUnMygRzA9tzkrfAzpA5/NBYg75bkFxnqb1DtD7E=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "6ce1d64073f48b9bc9425218803b1b607454c1e7",
"rev": "697cc8c68ed6a606296efbbe9614c32537078756",
"type": "github"
},
"original": {
@ -560,11 +561,11 @@
"niten-doom-config": {
"flake": false,
"locked": {
"lastModified": 1639608722,
"narHash": "sha256-Ao+J7h/zE0X+G3frfxCkoY4hK7T1oNpTpwwv7n7pGaA=",
"lastModified": 1640017877,
"narHash": "sha256-9twZfDxSjX87NHzuEQXkm1Q037YS98jPQv3Hw4Uktiw=",
"ref": "master",
"rev": "8be77a42d7669fa71287c58ebaf210159f198b50",
"revCount": 36,
"rev": "3d990cdf82fc7d5a6c8fd033e8bcf460fb27df1b",
"revCount": 37,
"type": "git",
"url": "https://git.fudo.org/niten/doom-emacs.git"
},
@ -637,11 +638,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1638196344,
"narHash": "sha256-fkOqSkfOkl8tqxDd+zJU4kAgyLXp/ouaP+U9gpjEZZs=",
"lastModified": 1640653651,
"narHash": "sha256-fByFYXYoE/6TqwKGbT7XBCOAlSsFzOXm4ZsRLoO70m8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2553aee74fed8c2205a4aeb3ffd206ca14ede60f",
"rev": "7bca80140fc7732c7357b26002db3d87b3ba4c61",
"type": "github"
},
"original": {
@ -652,11 +653,11 @@
},
"nixpkgs_5": {
"locked": {
"lastModified": 1626852498,
"narHash": "sha256-lOXUJvi0FJUXHTVSiC5qsMRtEUgqM4mGZpMESLuGhmo=",
"lastModified": 1638407071,
"narHash": "sha256-xbveILjgtBVh6B5F6i2k3T0IrE8lZp1vsqfDY+Df/cg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "16105403bdd843540cbef9c63fc0f16c1c6eaa70",
"rev": "971b383a28f4baee8ea3931af4840fa221929fd6",
"type": "github"
},
"original": {
@ -667,11 +668,41 @@
},
"nixpkgs_6": {
"locked": {
"lastModified": 1639611175,
"narHash": "sha256-13B6tgKXygEBWxwj9+vIjuWyzwNF1XPLjJiFAvE7A88=",
"lastModified": 1638407071,
"narHash": "sha256-xbveILjgtBVh6B5F6i2k3T0IrE8lZp1vsqfDY+Df/cg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6d684ea3adef590a2174f2723134e1ea377272d2",
"rev": "971b383a28f4baee8ea3931af4840fa221929fd6",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1638407071,
"narHash": "sha256-xbveILjgtBVh6B5F6i2k3T0IrE8lZp1vsqfDY+Df/cg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "971b383a28f4baee8ea3931af4840fa221929fd6",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "971b383a28f4baee8ea3931af4840fa221929fd6",
"type": "github"
}
},
"nixpkgs_8": {
"locked": {
"lastModified": 1641229786,
"narHash": "sha256-WPPcLNbVu6ryj772GooUpF285LOvRHdOo/UNJgPnFYI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "88579effa7e88c25087faf6de6388d0cd1738dc0",
"type": "github"
},
"original": {
@ -811,9 +842,9 @@
"fudo-entities": "fudo-entities",
"fudo-home": "fudo-home",
"fudo-lib": "fudo-lib_2",
"fudo-pkgs": "fudo-pkgs",
"fudo-pkgs": "fudo-pkgs_2",
"fudo-secrets": "fudo-secrets",
"nixpkgs": "nixpkgs_6"
"nixpkgs": "nixpkgs_8"
}
},
"rotate-text": {
@ -859,7 +890,7 @@
"service-secrets": {
"flake": false,
"locked": {
"narHash": "sha256-IfG9fX6qr+EKMfG6l/nzhrNYYXfKBtaNHHhiW6eCcGk=",
"narHash": "sha256-vXL26U+o23E5tTG4Hb/RZrfra3I8Zw/wdZnT9PKwdks=",
"path": "/state/secrets/service-secrets",
"type": "path"
},
@ -880,6 +911,36 @@
"type": "path"
}
},
"unstableNixpkgs": {
"locked": {
"lastModified": 1641230035,
"narHash": "sha256-hFyqihERaTbLxCOlugy/rpp22VLtLh8SPRnA2uu3F/8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "78cd22c1b8604de423546cd49bfe264b786eca13",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"unstableNixpkgs_2": {
"locked": {
"lastModified": 1641230035,
"narHash": "sha256-hFyqihERaTbLxCOlugy/rpp22VLtLh8SPRnA2uu3F/8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "78cd22c1b8604de423546cd49bfe264b786eca13",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"utils": {
"locked": {
"lastModified": 1637014545,