commit d5ada7decc410d158e049930a13c1c12361ac9ba · aylac.top/nixcfg-own-knot

+1 -177

flake.lock

···

       351
       351
        
               "type": "github"

     

       352
       352
        
             }

     

       353
       353
        
           },

     

       354
       354
       -
           "flake-utils": {

     

       355
       355
       -
             "inputs": {

     

       356
       356
       -
               "systems": "systems_2"

     

       357
       357
       -
             },

     

       358
       358
       -
             "locked": {

     

       359
       359
       -
               "lastModified": 1694529238,

     

       360
       360
       -
               "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",

     

       361
       361
       -
               "owner": "numtide",

     

       362
       362
       -
               "repo": "flake-utils",

     

       363
       363
       -
               "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",

     

       364
       364
       -
               "type": "github"

     

       365
       365
       -
             },

     

       366
       366
       -
             "original": {

     

       367
       367
       -
               "owner": "numtide",

     

       368
       368
       -
               "repo": "flake-utils",

     

       369
       369
       -
               "type": "github"

     

       370
       370
       -
             }

     

       371
       371
       -
           },

     

       372
       354
        
           "fontix": {

     

       373
       355
        
             "inputs": {

     

       374
       356
        
               "actions-nix": "actions-nix_2",

     
···

       553
       535
        
               "type": "github"

     

       554
       536
        
             }

     

       555
       537
        
           },

     

       556
       556
       -
           "gomod2nix": {

     

       557
       557
       -
             "inputs": {

     

       558
       558
       -
               "flake-utils": "flake-utils",

     

       559
       559
       -
               "nixpkgs": [

     

       560
       560
       -
                 "tangled-core",

     

       561
       561
       -
                 "nixpkgs"

     

       562
       562
       -
               ]

     

       563
       563
       -
             },

     

       564
       564
       -
             "locked": {

     

       565
       565
       -
               "lastModified": 1754078208,

     

       566
       566
       -
               "narHash": "sha256-YVoIFDCDpYuU3riaDEJ3xiGdPOtsx4sR5eTzHTytPV8=",

     

       567
       567
       -
               "owner": "nix-community",

     

       568
       568
       -
               "repo": "gomod2nix",

     

       569
       569
       -
               "rev": "7f963246a71626c7fc70b431a315c4388a0c95cf",

     

       570
       570
       -
               "type": "github"

     

       571
       571
       -
             },

     

       572
       572
       -
             "original": {

     

       573
       573
       -
               "owner": "nix-community",

     

       574
       574
       -
               "repo": "gomod2nix",

     

       575
       575
       -
               "type": "github"

     

       576
       576
       -
             }

     

       577
       577
       -
           },

     

       578
       538
        
           "home-manager": {

     

       579
       539
        
             "inputs": {

     

       580
       540
        
               "nixpkgs": [

     
···

       639
       599
        
               "type": "github"

     

       640
       600
        
             }

     

       641
       601
        
           },

     

       642
       642
       -
           "htmx-src": {

     

       643
       643
       -
             "flake": false,

     

       644
       644
       -
             "locked": {

     

       645
       645
       -
               "narHash": "sha256-nm6avZuEBg67SSyyZUhjpXVNstHHgUxrtBHqJgowU08=",

     

       646
       646
       -
               "type": "file",

     

       647
       647
       -
               "url": "https://unpkg.com/htmx.org@2.0.4/dist/htmx.min.js"

     

       648
       648
       -
             },

     

       649
       649
       -
             "original": {

     

       650
       650
       -
               "type": "file",

     

       651
       651
       -
               "url": "https://unpkg.com/htmx.org@2.0.4/dist/htmx.min.js"

     

       652
       652
       -
             }

     

       653
       653
       -
           },

     

       654
       654
       -
           "htmx-ws-src": {

     

       655
       655
       -
             "flake": false,

     

       656
       656
       -
             "locked": {

     

       657
       657
       -
               "narHash": "sha256-2fg6KyEJoO24q0fQqbz9RMaYNPQrMwpZh29tkSqdqGY=",

     

       658
       658
       -
               "type": "file",

     

       659
       659
       -
               "url": "https://cdn.jsdelivr.net/npm/htmx-ext-ws@2.0.2"

     

       660
       660
       -
             },

     

       661
       661
       -
             "original": {

     

       662
       662
       -
               "type": "file",

     

       663
       663
       -
               "url": "https://cdn.jsdelivr.net/npm/htmx-ext-ws@2.0.2"

     

       664
       664
       -
             }

     

       665
       665
       -
           },

     

       666
       666
       -
           "ibm-plex-mono-src": {

     

       667
       667
       -
             "flake": false,

     

       668
       668
       -
             "locked": {

     

       669
       669
       -
               "lastModified": 1731402384,

     

       670
       670
       -
               "narHash": "sha256-OwUmrPfEehLDz0fl2ChYLK8FQM2p0G1+EMrGsYEq+6g=",

     

       671
       671
       -
               "type": "tarball",

     

       672
       672
       -
               "url": "https://github.com/IBM/plex/releases/download/@ibm/plex-mono@1.1.0/ibm-plex-mono.zip"

     

       673
       673
       -
             },

     

       674
       674
       -
             "original": {

     

       675
       675
       -
               "type": "tarball",

     

       676
       676
       -
               "url": "https://github.com/IBM/plex/releases/download/@ibm/plex-mono@1.1.0/ibm-plex-mono.zip"

     

       677
       677
       -
             }

     

       678
       678
       -
           },

     

       679
       679
       -
           "indigo": {

     

       680
       680
       -
             "flake": false,

     

       681
       681
       -
             "locked": {

     

       682
       682
       -
               "lastModified": 1753693716,

     

       683
       683
       -
               "narHash": "sha256-DMIKnCJRODQXEHUxA+7mLzRALmnZhkkbHlFT2rCQYrE=",

     

       684
       684
       -
               "owner": "oppiliappan",

     

       685
       685
       -
               "repo": "indigo",

     

       686
       686
       -
               "rev": "5f170569da9360f57add450a278d73538092d8ca",

     

       687
       687
       -
               "type": "github"

     

       688
       688
       -
             },

     

       689
       689
       -
             "original": {

     

       690
       690
       -
               "owner": "oppiliappan",

     

       691
       691
       -
               "repo": "indigo",

     

       692
       692
       -
               "type": "github"

     

       693
       693
       -
             }

     

       694
       694
       -
           },

     

       695
       695
       -
           "inter-fonts-src": {

     

       696
       696
       -
             "flake": false,

     

       697
       697
       -
             "locked": {

     

       698
       698
       -
               "lastModified": 1731687360,

     

       699
       699
       -
               "narHash": "sha256-5vdKKvHAeZi6igrfpbOdhZlDX2/5+UvzlnCQV6DdqoQ=",

     

       700
       700
       -
               "type": "tarball",

     

       701
       701
       -
               "url": "https://github.com/rsms/inter/releases/download/v4.1/Inter-4.1.zip"

     

       702
       702
       -
             },

     

       703
       703
       -
             "original": {

     

       704
       704
       -
               "type": "tarball",

     

       705
       705
       -
               "url": "https://github.com/rsms/inter/releases/download/v4.1/Inter-4.1.zip"

     

       706
       706
       -
             }

     

       707
       707
       -
           },

     

       708
       602
        
           "lanzaboote": {

     

       709
       603
        
             "inputs": {

     

       710
       604
        
               "crane": "crane",

     
···

       729
       623
        
               "ref": "v0.4.2",

     

       730
       624
        
               "repo": "lanzaboote",

     

       731
       625
        
               "type": "github"

     

       732
       732
       -
             }

     

       733
       733
       -
           },

     

       734
       734
       -
           "lucide-src": {

     

       735
       735
       -
             "flake": false,

     

       736
       736
       -
             "locked": {

     

       737
       737
       -
               "lastModified": 1754044466,

     

       738
       738
       -
               "narHash": "sha256-+exBR2OToB1iv7ZQI2S4B0lXA/QRvC9n6U99UxGpJGs=",

     

       739
       739
       -
               "type": "tarball",

     

       740
       740
       -
               "url": "https://github.com/lucide-icons/lucide/releases/download/0.536.0/lucide-icons-0.536.0.zip"

     

       741
       741
       -
             },

     

       742
       742
       -
             "original": {

     

       743
       743
       -
               "type": "tarball",

     

       744
       744
       -
               "url": "https://github.com/lucide-icons/lucide/releases/download/0.536.0/lucide-icons-0.536.0.zip"

     

       745
       626
        
             }

     

       746
       627
        
           },

     

       747
       628
        
           "nix-darwin": {

     
···

       937
       818
        
               "nixpkgs": "nixpkgs_2",

     

       938
       819
        
               "nixpkgs-unstable": "nixpkgs-unstable",

     

       939
       820
        
               "nur": "nur",

     

       940
       940
       -
               "secrets": "secrets",

     

       941
       941
       -
               "tangled-core": "tangled-core"

     

       821
       821
       +
               "secrets": "secrets"

     

       942
       822
        
             }

     

       943
       823
        
           },

     

       944
       824
        
           "rust-overlay": {

     
···

       978
       858
        
               "type": "github"

     

       979
       859
        
             }

     

       980
       860
        
           },

     

       981
       981
       -
           "sqlite-lib-src": {

     

       982
       982
       -
             "flake": false,

     

       983
       983
       -
             "locked": {

     

       984
       984
       -
               "lastModified": 1706631843,

     

       985
       985
       -
               "narHash": "sha256-bJoMjirsBjm2Qk9KPiy3yV3+8b/POlYe76/FQbciHro=",

     

       986
       986
       -
               "type": "tarball",

     

       987
       987
       -
               "url": "https://sqlite.org/2024/sqlite-amalgamation-3450100.zip"

     

       988
       988
       -
             },

     

       989
       989
       -
             "original": {

     

       990
       990
       -
               "type": "tarball",

     

       991
       991
       -
               "url": "https://sqlite.org/2024/sqlite-amalgamation-3450100.zip"

     

       992
       992
       -
             }

     

       993
       993
       -
           },

     

       994
       861
        
           "systems": {

     

       995
       862
        
             "locked": {

     

       996
       863
        
               "lastModified": 1681028828,

     
···

       1004
       871
        
               "owner": "nix-systems",

     

       1005
       872
        
               "repo": "default",

     

       1006
       873
        
               "type": "github"

     

       1007
       1007
       -
             }

     

       1008
       1008
       -
           },

     

       1009
       1009
       -
           "systems_2": {

     

       1010
       1010
       -
             "locked": {

     

       1011
       1011
       -
               "lastModified": 1681028828,

     

       1012
       1012
       -
               "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",

     

       1013
       1013
       -
               "owner": "nix-systems",

     

       1014
       1014
       -
               "repo": "default",

     

       1015
       1015
       -
               "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",

     

       1016
       1016
       -
               "type": "github"

     

       1017
       1017
       -
             },

     

       1018
       1018
       -
             "original": {

     

       1019
       1019
       -
               "owner": "nix-systems",

     

       1020
       1020
       -
               "repo": "default",

     

       1021
       1021
       -
               "type": "github"

     

       1022
       1022
       -
             }

     

       1023
       1023
       -
           },

     

       1024
       1024
       -
           "tangled-core": {

     

       1025
       1025
       -
             "inputs": {

     

       1026
       1026
       -
               "gomod2nix": "gomod2nix",

     

       1027
       1027
       -
               "htmx-src": "htmx-src",

     

       1028
       1028
       -
               "htmx-ws-src": "htmx-ws-src",

     

       1029
       1029
       -
               "ibm-plex-mono-src": "ibm-plex-mono-src",

     

       1030
       1030
       -
               "indigo": "indigo",

     

       1031
       1031
       -
               "inter-fonts-src": "inter-fonts-src",

     

       1032
       1032
       -
               "lucide-src": "lucide-src",

     

       1033
       1033
       -
               "nixpkgs": [

     

       1034
       1034
       -
                 "nixpkgs"

     

       1035
       1035
       -
               ],

     

       1036
       1036
       -
               "sqlite-lib-src": "sqlite-lib-src"

     

       1037
       1037
       -
             },

     

       1038
       1038
       -
             "locked": {

     

       1039
       1039
       -
               "lastModified": 1755330292,

     

       1040
       1040
       -
               "narHash": "sha256-Dh3t2ugmuJxtxxCEg8MlxekUWZwjKiH0wHBLgfT5lbA=",

     

       1041
       1041
       -
               "ref": "refs/heads/master",

     

       1042
       1042
       -
               "rev": "ea1263475985aade8f1f1ecd59d8e8cbc3f6d9b3",

     

       1043
       1043
       -
               "revCount": 1152,

     

       1044
       1044
       -
               "type": "git",

     

       1045
       1045
       -
               "url": "https://tangled.sh/@tangled.sh/core"

     

       1046
       1046
       -
             },

     

       1047
       1047
       -
             "original": {

     

       1048
       1048
       -
               "type": "git",

     

       1049
       1049
       -
               "url": "https://tangled.sh/@tangled.sh/core"

     

       1050
       874
        
             }

     

       1051
       875
        
           },

     

       1052
       876
        
           "treefmt-nix": {

-5

flake.nix

···

       59
       59
        
             url = "github:ayla6/secrets";

     

       60
       60
        
             flake = false;

     

       61
       61
        
           };

     

       62
       62
       -
       

     

       63
       63
       -
           tangled-core = {

     

       64
       64
       -
             url = "git+https://tangled.sh/@tangled.sh/core";

     

       65
       65
       -
             inputs.nixpkgs.follows = "nixpkgs";

     

       66
       66
       -
           };

     

       67
       62
        
         };

     

       68
       63
        
       

     

       69
       64
        
         nixConfig = {

-1

hosts/nanpi/secrets.nix

···

       9
       9
        
           syncthingKey.file = "${self.inputs.secrets}/ayla/syncthing/nanpi/key.age";

     

       10
       10
        
           resticPassword.file = "${self.inputs.secrets}/restic-passwd.age";

     

       11
       11
        
           vaultwarden.file = "${self.inputs.secrets}/vaultwarden.age";

     

       12
       12
       -
           tangled-knot.file = "${self.inputs.secrets}/tangled-knot.age";

     

       13
       12
        
         };

     

       14
       13
        
       }

-14

hosts/nanpi/services.nix

···

       24
       24
        
       

     

       25
       25
        
                   "${config.mySnippets.aylac-top.networkMap.vaultwarden.vHost}" = "http://${config.mySnippets.aylac-top.networkMap.vaultwarden.hostName}:${toString config.mySnippets.aylac-top.networkMap.vaultwarden.port}";

     

       26
       26
        
       

     

       27
       27
       -
                   "${config.mySnippets.aylac-top.networkMap.tangled-knot.vHost}" = "http://${config.mySnippets.aylac-top.networkMap.tangled-knot.hostName}:${toString config.mySnippets.aylac-top.networkMap.tangled-knot.port}";

     

       28
       28
       -
       

     

       29
       27
        
                   "${config.mySnippets.aylac-top.networkMap.forgejo.vHost}" = "http://${config.mySnippets.aylac-top.networkMap.forgejo.hostName}:${toString config.mySnippets.aylac-top.networkMap.forgejo.port}";

     

       30
       28
        
                   "${config.mySnippets.aylac-top.networkMap.forgejo.sshVHost}" = "ssh://${config.mySnippets.aylac-top.networkMap.forgejo.hostName}:2222";

     

       31
       29
        
                 };

     
···

       85
       83
        
           };

     

       86
       84
        
       

     

       87
       85
        
           # because of the lack of forwarding the ssh because of the tunnel, repo origins have to be added like this, and nobody can pull your repos

     

       88
       88
       -
           # git@nanpi:did\:plc\:3c6vkaq7xf5kz3va3muptjh5/nixcfg

     

       89
       89
       -
           # you can also ln -s the did to your user name, letting you do git@nanpi:aylac.top/nixcfg

     

       90
       90
       -
           # as opposed to git@knot.aylac.top:aylac.top/nixcfg

     

       91
       91
       -
           tangled-knot = {

     

       92
       92
       -
             enable = true;

     

       93
       93
       -
             openFirewall = false;

     

       94
       94
       -
             server = {

     

       95
       95
       -
               hostname = config.mySnippets.aylac-top.networkMap.tangled-knot.vHost;

     

       96
       96
       -
               listenAddr = "0.0.0.0:${toString config.mySnippets.aylac-top.networkMap.tangled-knot.port}";

     

       97
       97
       -
               secretFile = config.age.secrets.tangled-knot.path;

     

       98
       98
       -
             };

     

       99
       99
       -
           };

     

       100
       86
        
         };

     

       101
       87
        
       }

-1

modules/flake/nixos.nix

···

       35
       35
        
                     inputs.disko.nixosModules.disko

     

       36
       36
        
                     inputs.home-manager.nixosModules.home-manager

     

       37
       37
        
                     inputs.lanzaboote.nixosModules.lanzaboote

     

       38
       38
       -
                     inputs.tangled-core.nixosModules.knot

     

       39
       38
        
                     modules.hardware

     

       40
       39
        
                     modules.nixos

     

       41
       40
        
                     modules.snippets

-10

modules/nixos/profiles/backups/default.nix

···

       218
       218
        
                 repository = mkRepoA "passwords";

     

       219
       219
        
               }

     

       220
       220
        
             );

     

       221
       221
       -
       

     

       222
       222
       -
             tangled-knot = lib.mkIf config.services.tangled-knot.enable (

     

       223
       223
       -
               config.mySnippets.restic

     

       224
       224
       -
               // {

     

       225
       225
       -
                 backupCleanupCommand = start "knot";

     

       226
       226
       -
                 backupPrepareCommand = stop "knot";

     

       227
       227
       -
                 paths = [config.services.tangled-knot.stateDir];

     

       228
       228
       -
                 repository = mkRepoA "tangled-knot";

     

       229
       229
       -
               }

     

       230
       230
       -
             );

     

       231
       221
        
           };

     

       232
       222
        
         };

     

       233
       223
        
       }

-6

modules/snippets/aylac-top/default.nix

···

       17
       17
        
               vHost = "pds.aylac.top";

     

       18
       18
        
             };

     

       19
       19
        
       

     

       20
       20
       -
             tangled-knot = {

     

       21
       21
       -
               hostName = "nanpi";

     

       22
       22
       -
               port = 5555;

     

       23
       23
       -
               vHost = "knot.aylac.top";

     

       24
       24
       -
             };

     

       25
       25
       -
       

     

       26
       20
        
             vaultwarden = {

     

       27
       21
        
               hostName = "nanpi";

     

       28
       22
        
               port = 8222;