nix
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Various changes.

This commit is contained in:
niten 2022-08-22 11:30:18 -07:00
parent d46a301f68
commit 7ee1392e6e
15 changed files with 180 additions and 187 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
config/hardware/legatus.nix
View File

@ -3,10 +3,7 @@
with lib; { with lib; {
boot = { boot = {
initrd = { initrd = {
availableKernelModules = [ availableKernelModules = [ "ahci" "usbhid" ];
"ahci"
"usbhid"
];
kernelModules = [ "dm-snapshot" ]; kernelModules = [ "dm-snapshot" ];
}; };
kernelModules = [ ]; kernelModules = [ ];
@ -20,6 +17,8 @@ with lib; {
supportedFilesystems = [ "btrfs" ]; supportedFilesystems = [ "btrfs" ];
}; };
system.stateVersion = "22.05";
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "root-tmpfs"; device = "root-tmpfs";
@ -28,43 +27,46 @@ with lib; {
}; };
"/boot" = { "/boot" = {
device = "/dev/disk/by-label/boot"; device = "/dev/disk/by-label/legatus-boot";
fsType = "ext4"; fsType = "ext4";
options = [ "noexec" "noatime" "nodiratime" ]; options = [ "noexec" "noatime" "nodiratime" ];
}; };
"/nix" = { "/nix" = {
device = "/dev/disk/by-label/system"; device = "/dev/disk/by-label/legatus-data";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@nix" "compress=zstd" "noatime" "nodiratime" ]; options = [ "subvol=@nix" "compress=zstd" "noatime" "nodiratime" ];
}; };
"/var/log" = { "/var/log" = {
device = "/dev/disk/by-label/system"; device = "/dev/disk/by-label/legatus-data";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@logs" "compress=zstd" "noatime" "nodiratime" "noexec" ]; options =
[ "subvol=@log" "compress=zstd" "noatime" "nodiratime" "noexec" ];
neededForBoot = true; neededForBoot = true;
}; };
"/state" = { "/state" = {
device = "/dev/disk/by-label/system"; device = "/dev/disk/by-label/legatus-data";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@state" "compress=zstd" "noatime" "nodiratime" "noexec" ]; options =
[ "subvol=@state" "compress=zstd" "noatime" "nodiratime" "noexec" ];
}; };
"/var/lib/acme" = { # "/var/lib/acme" = {
device = "/dev/disk/by-label/system"; # device = "/dev/disk/by-label/system";
fsType = "btrfs"; # fsType = "btrfs";
options = [ "subvol=@acme" "compress=zstd" "noatime" "nodiratime" "noexec" ]; # options =
}; # [ "subvol=@acme" "compress=zstd" "noatime" "nodiratime" "noexec" ];
# };
}; };
swapDevices = [{ device = "/dev/disk/by-label/swap"; }]; swapDevices = [{ device = "/dev/disk/by-label/legatus-swap"; }];
networking = { networking = {
macvlans = { macvlans = {
extif0 = { extif0 = {
interface = "eno2"; interface = "eno1";
mode = "bridge"; mode = "bridge";
}; };
}; };
@ -73,8 +75,7 @@ with lib; {
interfaces = { interfaces = {
extif0 = { extif0 = {
macAddress = macAddress = pkgs.lib.network.generate-mac-address "legatus" "extif0";
pkgs.lib.network.generate-mac-address "legatus" "extif0";
}; };
}; };
}; };

32
config/hardware/nutboy3.nix
View File

@ -3,14 +3,8 @@
with lib; { with lib; {
boot = { boot = {
initrd = { initrd = {
availableKernelModules = [ availableKernelModules =
"ehci_pci" [ "ehci_pci" "ahci" "isci" "usbhid" "usb_storage" "sd_mod" ];
"ahci"
"isci"
"usbhid"
"usb_storage"
"sd_mod"
];
kernelModules = [ "dm-snapshot" ]; kernelModules = [ "dm-snapshot" ];
}; };
kernelModules = [ "kvm-intel" ]; kernelModules = [ "kvm-intel" ];
@ -24,6 +18,8 @@ with lib; {
supportedFilesystems = [ "btrfs" ]; supportedFilesystems = [ "btrfs" ];
}; };
system.stateVersion = "21.11";
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "root-tmpfs"; device = "root-tmpfs";
@ -46,26 +42,35 @@ with lib; {
"/var/log" = { "/var/log" = {
device = "/dev/disk/by-label/data"; device = "/dev/disk/by-label/data";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@logs" "compress=zstd" "noatime" "nodiratime" "noexec" ]; options =
[ "subvol=@logs" "compress=zstd" "noatime" "nodiratime" "noexec" ];
neededForBoot = true; neededForBoot = true;
}; };
"/state" = { "/state" = {
device = "/dev/disk/by-label/data"; device = "/dev/disk/by-label/data";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@state" "compress=zstd" "noatime" "nodiratime" "noexec" ]; options =
[ "subvol=@state" "compress=zstd" "noatime" "nodiratime" "noexec" ];
}; };
"/var/lib/acme" = { "/var/lib/acme" = {
device = "/dev/disk/by-label/data"; device = "/dev/disk/by-label/data";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@acme" "compress=zstd" "noatime" "nodiratime" "noexec" ]; options =
[ "subvol=@acme" "compress=zstd" "noatime" "nodiratime" "noexec" ];
}; };
"/var/lib/prometheus" = { "/var/lib/prometheus" = {
device = "/dev/disk/by-label/data"; device = "/dev/disk/by-label/data";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@prometheus" "compress=zstd" "noatime" "nodiratime" "noexec" ]; options = [
"subvol=@prometheus"
"compress=zstd"
"noatime"
"nodiratime"
"noexec"
];
}; };
}; };
@ -84,7 +89,8 @@ with lib; {
interfaces = { interfaces = {
extif0 = { extif0 = {
macAddress = macAddress =
pkgs.lib.network.generate-mac-address config.instance.hostname "extif0"; pkgs.lib.network.generate-mac-address config.instance.hostname
"extif0";
}; };
}; };
}; };

7
config/hardware/wormhole0.nix
View File

@ -59,6 +59,13 @@ with lib; {
options = options =
[ "subvol=@state" "compress=zstd" "noatime" "nodiratime" "noexec" ]; [ "subvol=@state" "compress=zstd" "noatime" "nodiratime" "noexec" ];
}; };
"/var/lib" = {
device = "/dev/disk/by-label/wormhole0-data";
fsType = "btrfs";
options =
[ "subvol=@var" "compress=zstd" "noatime" "nodiratime" "noexec" ];
};
}; };
swapDevices = [{ device = "/dev/disk/by-label/wormhole0-swap"; }]; swapDevices = [{ device = "/dev/disk/by-label/wormhole0-swap"; }];

71
config/host-config/lambda.nix
View File

@ -1,20 +1,14 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
shinobi-port = "7080";
shinobi-od-port = "7082";
state-dir = "/state"; # This must be a string! state-dir = "/state"; # This must be a string!
home-assistant-port = 8123;
parent-config = config;
generate-mac = pkgs.lib.network.generate-mac-address; generate-mac = pkgs.lib.network.generate-mac-address;
in { in {
boot = { boot = {
loader.grub.copyKernels = true; loader.grub.copyKernels = true;
kernelModules = [ "rpcsec_gss_krb5" ]; #kernelModules = [ "rpcsec_gss_krb5" ];
}; };
networking = { networking = {
@ -74,7 +68,6 @@ in {
mode = "0444"; mode = "0444";
}; };
nixos.source = "/etc/nixos-live"; nixos.source = "/etc/nixos-live";
"host-config.nix".source = "/state/host/host-config.nix";
adjtime.source = "/state/host/adjtime"; adjtime.source = "/state/host/adjtime";
NIXOS.source = "/state/host/NIXOS"; NIXOS.source = "/state/host/NIXOS";
}; };
@ -83,66 +76,4 @@ in {
# Due to rollback, sudo will lecture after every reboot # Due to rollback, sudo will lecture after every reboot
Defaults lecture = never Defaults lecture = never
''; '';
# services.nginx = {
# enable = true;
# recommendedOptimisation = true;
# recommendedProxySettings = true;
# recommendedGzipSettings = true;
# virtualHosts."home.sea.fudo.org" = {
# locations."/" = {
# proxyPass = "http://localhost:${toString home-assistant-port}";
# proxyWebsockets = true;
# };
# };
# };
# virtualisation = {
# docker = {
# enable = true;
# enableOnBoot = true;
# autoPrune = { enable = true; };
# };
# oci-containers = {
# backend = "docker";
# containers = {
# home-assistant = {
# image = "homeassistant/home-assistant:stable";
# autoStart = true;
# environment.TZ = config.time.timeZone;
# # ports = [ "${toString home-assistant-port}:8123" ];
# volumes = [ "/state/services/home-assistant:/config" ];
# extraOptions = [ "--network=host" "--device=/dev/ttyACM0" ];
# };
# # shinobi = {
# # image = "shinobisystems/shinobi:latest";
# # ports = [ "${shinobi-port}:8080" ];
# # volumes = [
# # "/state/shinobi/plugins:/home/Shinobi/plugins"
# # "/state/shinobi/config:/home/Shinobi/config"
# # "/state/shinobi/videos:/home/Shinobi/videos"
# # "/state/shinobi/db-data:/var/lib/mysql"
# # "/etc/localtime:/etc/localtime:ro"
# # ];
# # };
# # shinobi-od = {
# # image = "shinobisystems/shinobi-tensorflow:latest";
# # volumes =
# # [ "/srv/shinobi/od-config:/home/Shinobi/docker-plugins/tensorflow" ];
# # ports = [ "${shinobi-od-port}:8082" ];
# # environment = {
# # PLUGIN_HOST = "panopticon.sea.fudo.org";
# # PLUGIN_PORT = shinobi-port;
# # PLUGIN_KEY = "30sWllylOxsDcE4vQXEPaXNfe5DiB3";
# # };
# # };
# # photoprism = { image = "photoprism/photoprism"; };
# };
# };
# };
} }

14
config/host-config/legatus.nix
View File

@ -3,7 +3,7 @@
with lib; with lib;
let let
hostname = "legatus"; hostname = "legatus";
host-ipv4 = "91.229.23.204"; host-ipv4 = "190.2.136.47";
domain-name = config.fudo.hosts.${hostname}.domain; domain-name = config.fudo.hosts.${hostname}.domain;
domain = config.fudo.domains.${domain-name}; domain = config.fudo.domains.${domain-name};
site-name = config.fudo.hosts.${hostname}.site; site-name = config.fudo.hosts.${hostname}.site;
@ -29,7 +29,7 @@ in {
}]; }];
}; };
security.acme.email = "admin@legatus.fudo.org"; security.acme.defaults.email = "admin@legatus.fudo.org";
systemd.tmpfiles.rules = [ "L /etc/adjtime - - - - /state/etc/adjtime" ]; systemd.tmpfiles.rules = [ "L /etc/adjtime - - - - /state/etc/adjtime" ];
@ -76,11 +76,11 @@ in {
secrets.host-secrets.legatus = let files = config.fudo.secrets.files; secrets.host-secrets.legatus = let files = config.fudo.secrets.files;
in { in {
# postgres-keytab = { postgres-keytab = {
# source-file = files.service-keytabs.procul.postgres; source-file = files.service-keytabs.procul.postgres;
# target-file = "/srv/postgres/secure/postgres.keytab"; target-file = "/srv/postgres/secure/postgres.keytab";
# user = "root"; user = "root";
# }; };
# gitea-database-password = { # gitea-database-password = {
# source-file = files.service-passwords.procul.gitea-database; # source-file = files.service-passwords.procul.gitea-database;

20
config/host-config/limina.nix
View File

@ -49,6 +49,26 @@ in {
# externalInterface = "enp1s0"; # externalInterface = "enp1s0";
# internalInterfaces = [ "intif0" "intif1" "intif2" ]; # internalInterfaces = [ "intif0" "intif1" "intif2" ];
# }; # };
nat.forwardPorts = [
# Minecraft
{
destination = "10.0.0.10:25565";
proto = "tcp";
sourcePort = "25565";
}
{
destination = "10.0.0.10:25565";
proto = "udp";
sourcePort = "25565";
}
# Factorio
{
destination = "10.0.0.10:34197";
proto = "udp";
sourcePort = "34197";
}
];
}; };
fudo = { fudo = {

2
config/host-config/nostromo.nix
View File

@ -138,6 +138,8 @@ in {
}; };
}; };
imports = [ ./nostromo/factorio.nix ./nostromo/minecraft.nix ];
## Until I can figure out how to use one common host API, forget this ## Until I can figure out how to use one common host API, forget this
# fudo.ipfs = { # fudo.ipfs = {
# enable = true; # enable = true;

16
config/host-config/nutboy3.nix
View File

@ -58,7 +58,7 @@ in {
environment = { systemPackages = local-packages; }; environment = { systemPackages = local-packages; };
security.acme.email = "admin@fudo.org"; security.acme.defaults.email = "admin@fudo.org";
fudo = { fudo = {
hosts.${hostname}.external-interfaces = [ "extif0" ]; hosts.${hostname}.external-interfaces = [ "extif0" ];
@ -244,5 +244,19 @@ in {
# }; # };
# }; # };
}; };
# services.factorio = {
# enable = true;
# public = false;
# port = 34197;
# lan = false;
# description = "Fudo Factorio Server";
# bind = host-ipv4;
# admins = [ "niten" ];
# openFirewall = true;
# autosave-interval = 10;
# loadLatestSave = true;
# package = pkgs.factorio-headless-experimental;
# };
}; };
} }

4
config/profile-config/common-ui.nix
View File

@ -13,6 +13,8 @@ in {
tmpOnTmpfs = true; tmpOnTmpfs = true;
}; };
environment.systemPackages = with pkgs; [ adoptopenjdk-jre-openj9-bin-16 ];
services = { services = {
xserver = mkIf enable-gui { xserver = mkIf enable-gui {
enable = true; enable = true;
@ -85,5 +87,5 @@ in {
services.flatpak.enable = enable-gui; services.flatpak.enable = enable-gui;
fonts = mkIf enable-gui { fontDir.enable = true; }; fonts.fontDir.enable = enable-gui;
} }

46
config/service/backplane.nix
View File

@ -19,26 +19,28 @@ let
database-name = "backplane_dns"; database-name = "backplane_dns";
make-passwd-file = hostname: let make-passwd-file = hostname:
name = "backplane-host-${hostname}-client-passwd"; let
seed = "${name}-${config.instance.build-seed}"; name = "backplane-host-${hostname}-client-passwd";
in pkgs.lib.passwd.stablerandom-passwd-file name seed; seed = "${name}-${config.instance.build-seed}";
in pkgs.lib.passwd.stablerandom-passwd-file name seed;
host-secrets = config.fudo.secrets.host-secrets.${hostname}; host-secrets = config.fudo.secrets.host-secrets.${hostname};
host-password-files = mapAttrs (hostname: hostOpts: host-password-files =
make-passwd-file hostname) config.fudo.hosts; mapAttrs (hostname: hostOpts: make-passwd-file hostname) config.fudo.hosts;
backplane-user = "backplane_dns"; backplane-user = "backplane_dns";
database-backplane-user = "backplane_dns"; database-backplane-user = "backplane_dns";
database-powerdns-user = "backplane_powerdns_dns"; database-powerdns-user = "backplane_powerdns_dns";
backplane-host-domain = config.fudo.hosts.${domain.backplane.dns-service}.domain; backplane-host-domain =
backplane-server = head config.fudo.domains.${backplane-host-domain}.xmpp-servers; config.fudo.hosts.${domain.backplane.dns-service}.domain;
backplane-server =
head config.fudo.domains.${backplane-host-domain}.xmpp-servers;
backplane-host-fqdn = "${backplane-server}.${backplane-host-domain}"; backplane-host-fqdn = "${backplane-server}.${backplane-host-domain}";
backplane-fqdn = "backplane.${backplane-host-domain}"; backplane-fqdn = "backplane.${backplane-host-domain}";
in { in {
config = mkIf backplaneEnabled { config = mkIf backplaneEnabled {
@ -101,9 +103,7 @@ in {
}; };
zones.${zone-name} = { zones.${zone-name} = {
aliases = { aliases = { backplane = "${backplane-host-fqdn}."; };
backplane = "${backplane-host-fqdn}.";
};
}; };
postgresql = mkIf isDatabase { postgresql = mkIf isDatabase {
@ -143,7 +143,8 @@ in {
}) config.fudo.hosts; }) config.fudo.hosts;
services = { services = {
dns.password-file = host-secrets.ejabberd-backplane-passwd.source-file; dns.password-file =
host-secrets.ejabberd-backplane-passwd.source-file;
}; };
backplane-hostname = backplane-fqdn; backplane-hostname = backplane-fqdn;
@ -165,17 +166,14 @@ in {
powerdns = mkIf (isNameserver) { powerdns = mkIf (isNameserver) {
enable = true; enable = true;
domains = let domains = let served-domain = domain.backplane.domain;
served-domain = domain.backplane.domain; in { ${served-domain}.admin = domain.admin-email; };
in { listen-v4-addresses =
${served-domain}.admin = domain.admin-email; let ipv4-addr = pkgs.lib.network.host-ipv4 config hostname;
}; in [ ipv4-addr ];
listen-v4-addresses = let listen-v6-addresses =
ipv4-addr = pkgs.lib.network.host-ipv4 config hostname; let ipv6-addr = pkgs.lib.network.host-ipv6 config hostname;
in [ ipv4-addr ]; in optional (ipv6-addr != null) ipv6-addr;
listen-v6-addresses = let
ipv6-addr = pkgs.lib.network.host-ipv6 config hostname;
in optional (ipv6-addr != null) ipv6-addr;
database = { database = {
host = pkgs.lib.network.host-ipv4 config postgresql-server; host = pkgs.lib.network.host-ipv4 config postgresql-server;
database = database-name; database = database-name;

44
config/service/mail-server.nix
View File

@ -18,7 +18,7 @@ let
isLocalMailserver = domain-name == mailserver-domain-name; isLocalMailserver = domain-name == mailserver-domain-name;
metricsEnabled = mailserver-domain.prometheus-hosts != []; metricsEnabled = mailserver-domain.prometheus-hosts != [ ];
host-certs = config.fudo.acme.host-domains.${hostname}; host-certs = config.fudo.acme.host-domains.${hostname};
@ -42,25 +42,32 @@ in {
trusted-networks = config.instance.local-networks; trusted-networks = config.instance.local-networks;
trustedNetworkString = optionalString (length trusted-networks > 0) trustedNetworkString = optionalString (length trusted-networks > 0)
(concatStringsSep "\n" (concatStringsSep "\n"
(map (network: "allow ${network};") (map (network: "allow ${network};") trusted-networks)) + ''
trusted-networks)) + "\n\ndeny all;";
deny all;'';
in { in {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations = let locations = let monitor-cfg = config.fudo.mail-server.monitoring;
monitor-cfg = config.fudo.mail-server.monitoring;
in { in {
"/metrics/dovecot" = { "/metrics/dovecot" = {
proxyPass = "http://127.0.0.1:${toString monitor-cfg.dovecot-listen-port}/metrics"; proxyPass = "http://127.0.0.1:${
toString monitor-cfg.dovecot-listen-port
}/metrics";
extraConfig = trustedNetworkString; extraConfig = trustedNetworkString;
}; };
"/metrics/postfix" = { "/metrics/postfix" = {
proxyPass = "http://127.0.0.1:${toString monitor-cfg.postfix-listen-port}/metrics"; proxyPass = "http://127.0.0.1:${
toString monitor-cfg.postfix-listen-port
}/metrics";
extraConfig = trustedNetworkString; extraConfig = trustedNetworkString;
}; };
"/metrics/rspamd" = { "/metrics/rspamd" = {
proxyPass = "http://127.0.0.1:${toString monitor-cfg.rspamd-listen-port}/metrics"; proxyPass = "http://127.0.0.1:${
toString monitor-cfg.rspamd-listen-port
}/metrics";
extraConfig = trustedNetworkString; extraConfig = trustedNetworkString;
}; };
}; };
@ -74,14 +81,14 @@ in {
admin-email = "admin@${mailserver-domain-name}"; admin-email = "admin@${mailserver-domain-name}";
local-copies.dovecot = { local-copies.dovecot = {
user = config.services.dovecot2.user; user = config.services.dovecot2.user;
dependent-services = [ "dovecot2.services" ]; dependent-services = [ "dovecot2.service" ];
}; };
}; };
"smtp.${mailserver-domain-name}" = { "smtp.${mailserver-domain-name}" = {
admin-email = "admin@${mailserver-domain-name}"; admin-email = "admin@${mailserver-domain-name}";
local-copies.postfix = { local-copies.postfix = {
user = config.services.postfix.user; user = config.services.postfix.user;
dependent-services = [ "postfix.services" ]; dependent-services = [ "postfix.service" ];
}; };
}; };
}; };
@ -101,14 +108,14 @@ in {
hosts = genAttrs [ "imap" "smtp" ] (alias: { hosts = genAttrs [ "imap" "smtp" ] (alias: {
ipv4-address = server-ipv4; ipv4-address = server-ipv4;
ipv6-address = server-ipv6; ipv6-address = server-ipv6;
description = "Primary ${toUpper alias} server for ${mailserver-domain-name}."; description =
"Primary ${toUpper alias} server for ${mailserver-domain-name}.";
}); });
mx = [ "smtp.${mailserver-domain-name}" ]; mx = [ "smtp.${mailserver-domain-name}" ];
aliases = mkIf metricsEnabled { aliases =
mail-stats = "${mailserver-host-fqdn}."; mkIf metricsEnabled { mail-stats = "${mailserver-host-fqdn}."; };
};
srv-records.tcp = { srv-records.tcp = {
pop3 = srv-record "imap" 110; pop3 = srv-record "imap" 110;
@ -145,20 +152,23 @@ in {
dkim.signing = true; dkim.signing = true;
dovecot = let dovecot = let
cert-copy = host-certs."imap.${mailserver-domain-name}".local-copies.dovecot; cert-copy =
host-certs."imap.${mailserver-domain-name}".local-copies.dovecot;
in { in {
ssl-certificate = cert-copy.full-certificate; ssl-certificate = cert-copy.full-certificate;
ssl-private-key = cert-copy.private-key; ssl-private-key = cert-copy.private-key;
}; };
postfix = let postfix = let
cert-copy = host-certs."smtp.${mailserver-domain-name}".local-copies.postfix; cert-copy =
host-certs."smtp.${mailserver-domain-name}".local-copies.postfix;
in { in {
ssl-certificate = cert-copy.full-certificate; ssl-certificate = cert-copy.full-certificate;
ssl-private-key = cert-copy.private-key; ssl-private-key = cert-copy.private-key;
}; };
local-domains = [ mailserver-host-fqdn "smtp.${mailserver-domain-name}" ]; local-domains =
[ mailserver-host-fqdn "smtp.${mailserver-domain-name}" ];
mail-directory = "${cfg.state-directory}/mail"; mail-directory = "${cfg.state-directory}/mail";
state-directory = "${cfg.state-directory}/state"; state-directory = "${cfg.state-directory}/state";

2
config/service/wallfly-presence.nix
View File

@ -59,7 +59,7 @@ in {
}) user-cfg)); }) user-cfg));
zones."${domain-name}" = { zones."${domain-name}" = {
aliases.mqtt = "${mqtt-broker}.${domain-name}"; aliases.mqtt = "${mqtt-broker}.${domain-name}.";
}; };
wallfly = { wallfly = {

6
config/users.nix
View File

@ -512,9 +512,11 @@
uid = 10116; uid = 10116;
primary-group = "selby"; primary-group = "selby";
common-name = "Jasper"; common-name = "Jasper";
# login-hashed-passwd = "$6$ggREeoA2HUmXDDbh$zPEyroAAiSPKseTb.qt4ByLaYBhV08x0hqOz4dnt4wEqcaWtOpBt3UoTpHxyDc2/inMzkRggBwfr.Zm0vI7mp1";
# ldap-hashed-passwd = "{SSHA}5OCmPaKrkEG3Q4DOWibsPweuBShsMAz2";
login-hashed-passwd = login-hashed-passwd =
"$6$ggREeoA2HUmXDDbh$zPEyroAAiSPKseTb.qt4ByLaYBhV08x0hqOz4dnt4wEqcaWtOpBt3UoTpHxyDc2/inMzkRggBwfr.Zm0vI7mp1"; "$6$odSNyA1T5bQRIXUd$LsCeR8rjC5pyNxesSR9eGVoa9wy1jwaPDyjOlB9ZQl3fzpRP6biNieXbjRWAfew8FgAImtB5beVCmXIc1085g.";
ldap-hashed-passwd = "{SSHA}5OCmPaKrkEG3Q4DOWibsPweuBShsMAz2"; ldap-hashed-passwd = "{SSHA}mok5LrQtJ4pny2QTaN3sMmOZx6X0eg5R";
email = "jasper@selby.ca"; email = "jasper@selby.ca";
}; };
}; };

62
flake.lock
View File

@ -579,11 +579,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1656710569, "lastModified": 1660764393,
"narHash": "sha256-xplQN3I4sB86TNHC8rS223FXwxGtRSxtsrhXRGYoKwY=", "narHash": "sha256-CX5FT8wzgXhy42EdkDzyZpuWATtJ3l3UzlJzuWuzb/I=",
"ref": "master", "ref": "master",
"rev": "ea7c227e9eb86cb90b6118be88e714dd9836c59e", "rev": "f0dc6216744338a53d196b07812a54c38cc5b729",
"revCount": 96, "revCount": 104,
"type": "git", "type": "git",
"url": "https://git.fudo.org/fudo-nix/entities.git" "url": "https://git.fudo.org/fudo-nix/entities.git"
}, },
@ -603,11 +603,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1657421846, "lastModified": 1660588007,
"narHash": "sha256-82y9RNubMYSJPw13IQaj3tTPQuEX2VuMLryxJTDkAyc=", "narHash": "sha256-k5berFrNMPPEOHdOCPFSfHuCyvKAkTiFNohPZWE6Sio=",
"ref": "master", "ref": "master",
"rev": "188ac6891bbd18213ffdab122f484da849c2eb3e", "rev": "0d1f7cfb5850544cd1bc2b2c877f2c8b461cef25",
"revCount": 208, "revCount": 209,
"type": "git", "type": "git",
"url": "https://git.fudo.org/fudo-nix/home.git" "url": "https://git.fudo.org/fudo-nix/home.git"
}, },
@ -633,8 +633,8 @@
}, },
"fudo-lib_2": { "fudo-lib_2": {
"locked": { "locked": {
"lastModified": 1657510985, "lastModified": 1661186654,
"narHash": "sha256-6QKfcmobaEfgsW6s2nU6piOgFg0iSPJAoXzFvCqwF5I=", "narHash": "sha256-c7eFfTIWl36og96mHwUY6jQ2aY11sSOafqa3FRoDZtY=",
"path": "/state/fudo-lib", "path": "/state/fudo-lib",
"type": "path" "type": "path"
}, },
@ -660,11 +660,11 @@
}, },
"fudo-pkgs_2": { "fudo-pkgs_2": {
"locked": { "locked": {
"lastModified": 1655577860, "lastModified": 1660763786,
"narHash": "sha256-6OlBGH8TXCuPBakj/hB+o5turzroOysbb+Z1rJYuM3w=", "narHash": "sha256-/7cfxh5dgIe6DLcTpSAXhZgN3A57k6oH+19TijH9Ebw=",
"ref": "master", "ref": "master",
"rev": "445d96e405308f19d0d1021f11b55fd2d6b35e0f", "rev": "8c2cf13b06e3f3142b5133b4bffa4a7768685b8a",
"revCount": 55, "revCount": 57,
"type": "git", "type": "git",
"url": "https://git.fudo.org/fudo-nix/pkgs.git" "url": "https://git.fudo.org/fudo-nix/pkgs.git"
}, },
@ -824,11 +824,11 @@
}, },
"nixpkgs2111": { "nixpkgs2111": {
"locked": { "locked": {
"lastModified": 1656782578, "lastModified": 1659446231,
"narHash": "sha256-1eMCBEqJplPotTo/SZ/t5HU6Sf2I8qKlZi9MX7jv9fw=", "narHash": "sha256-hekabNdTdgR/iLsgce5TGWmfIDZ86qjPhxDg/8TlzhE=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "573603b7fdb9feb0eb8efc16ee18a015c667ab1b", "rev": "eabc38219184cc3e04a974fe31857d8e0eac098d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -839,11 +839,11 @@
}, },
"nixpkgsUnstable": { "nixpkgsUnstable": {
"locked": { "locked": {
"lastModified": 1657447684, "lastModified": 1661088761,
"narHash": "sha256-FCP9AuU1q6PE3vOeM5SFf58f/UKPBAsoSGDUGamNBbo=", "narHash": "sha256-5DGKX81wIPAAiLwUmUYECpA3vop94AHHR7WmGXSsQok=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5f43d8b088d3771274bcfb69d3c7435b1121ac88", "rev": "a7855f2235a1876f97473a76151fec2afa02b287",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -899,11 +899,11 @@
}, },
"nixpkgs_5": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1657296039, "lastModified": 1661094678,
"narHash": "sha256-Ghh39+aS+pw5sTP/ZO8VIKE6sBhMadDaQZtf+3yu4Vc=", "narHash": "sha256-RtaVb6SqfrgCi20gdju1ogS3u1ocyLnhsgolazrCwL0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "71d7a4c037dc4f3e98d5c4a81b941933cf5bf675", "rev": "23534df34c1c499a6c82ce690df06d8c6e4e759d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -914,16 +914,16 @@
}, },
"nixpkgs_6": { "nixpkgs_6": {
"locked": { "locked": {
"lastModified": 1655278232, "lastModified": 1659446231,
"narHash": "sha256-H6s7tnHYiDKFCcLADS4sl1sUq0dDJuRQXCieguk/6SA=", "narHash": "sha256-hekabNdTdgR/iLsgce5TGWmfIDZ86qjPhxDg/8TlzhE=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "8b538fcb329a7bc3d153962f17c509ee49166973", "rev": "eabc38219184cc3e04a974fe31857d8e0eac098d",
"type": "github" "type": "github"
}, },
"original": { "original": {
"id": "nixpkgs", "id": "nixpkgs",
"ref": "nixos-22.05", "ref": "nixos-21.11",
"type": "indirect" "type": "indirect"
} }
}, },
@ -1045,11 +1045,11 @@
"utils": "utils_5" "utils": "utils_5"
}, },
"locked": { "locked": {
"lastModified": 1655855322, "lastModified": 1661185834,
"narHash": "sha256-LuGiBNRnv6te1rrhoxiAECHXEK5GJLHdkdnqRCZiCdI=", "narHash": "sha256-VhfI2Jw6PFjTKbLUzIid8YK29j7mPYJ7u9GaSbwwLX4=",
"ref": "master", "ref": "master",
"rev": "72d36139708f3947c050d6659c4a2eac2c0d3b64", "rev": "903d1b81d11f7181943b46a6685add810716e2be",
"revCount": 38, "revCount": 39,
"type": "git", "type": "git",
"url": "https://git.fudo.org/fudo-public/pricebot.git" "url": "https://git.fudo.org/fudo-public/pricebot.git"
}, },

2
flake.nix
View File

@ -97,7 +97,7 @@
fudo-secrets.nixosModule fudo-secrets.nixosModule
fudo-lib.nixosModule fudo-lib.nixosModule
fudo-entities.nixosModule fudo-entities.nixosModule
pricebot.nixosModule pricebot.nixosModules.default
wallfly.nixosModule wallfly.nixosModule
./config ./config