commit 793ea803091ff6e9597d096ba793552505b6060d · kitten.sh/system

+53 -36

flake.lock

···

       1
       1
        
       {

     

       2
       2
        
         "nodes": {

     

       3
       3
       +
           "actor-typeahead-src": {

     

       4
       4
       +
             "flake": false,

     

       5
       5
       +
             "locked": {

     

       6
       6
       +
               "lastModified": 1762835797,

     

       7
       7
       +
               "narHash": "sha256-heizoWUKDdar6ymfZTnj3ytcEv/L4d4fzSmtr0HlXsQ=",

     

       8
       8
       +
               "ref": "refs/heads/main",

     

       9
       9
       +
               "rev": "677fe7f743050a4e7f09d4a6f87bbf1325a06f6b",

     

       10
       10
       +
               "revCount": 6,

     

       11
       11
       +
               "type": "git",

     

       12
       12
       +
               "url": "https://tangled.org/@jakelazaroff.com/actor-typeahead"

     

       13
       13
       +
             },

     

       14
       14
       +
             "original": {

     

       15
       15
       +
               "type": "git",

     

       16
       16
       +
               "url": "https://tangled.org/@jakelazaroff.com/actor-typeahead"

     

       17
       17
       +
             }

     

       18
       18
       +
           },

     

       3
       19
        
           "agenix": {

     

       4
       20
        
             "inputs": {

     

       5
       21
        
               "darwin": [

     
···

       14
       30
        
               "systems": "systems"

     

       15
       31
        
             },

     

       16
       32
        
             "locked": {

     

       17
       17
       -
               "lastModified": 1754433428,

     

       18
       18
       -
               "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=",

     

       33
       33
       +
               "lastModified": 1762618334,

     

       34
       34
       +
               "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=",

     

       19
       35
        
               "owner": "ryantm",

     

       20
       36
        
               "repo": "agenix",

     

       21
       21
       -
               "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d",

     

       37
       37
       +
               "rev": "fcdea223397448d35d9b31f798479227e80183f6",

     

       22
       38
        
               "type": "github"

     

       23
       39
        
             },

     

       24
       40
        
             "original": {

     
···

       60
       76
        
               ]

     

       61
       77
        
             },

     

       62
       78
        
             "locked": {

     

       63
       63
       -
               "lastModified": 1760213993,

     

       64
       64
       -
               "narHash": "sha256-EWdMehWtLMRncjs7mGnor/lmUiVuNP65pKAVVIeutVk=",

     

       79
       79
       +
               "lastModified": 1763324551,

     

       80
       80
       +
               "narHash": "sha256-RmJ19a5eq4aWfMeGvCQGsnnVgZNZKwvQU/H9Q1hTpMY=",

     

       65
       81
        
               "owner": "tadfisher",

     

       66
       82
        
               "repo": "android-nixpkgs",

     

       67
       67
       -
               "rev": "e8b193106797ac680f906464fae31b7588a632ad",

     

       83
       83
       +
               "rev": "b3deb5d9c67274adee5b2161e4485bf8671137a3",

     

       68
       84
        
               "type": "github"

     

       69
       85
        
             },

     

       70
       86
        
             "original": {

     
···

       82
       98
        
               ]

     

       83
       99
        
             },

     

       84
       100
        
             "locked": {

     

       85
       85
       -
               "lastModified": 1759818599,

     

       86
       86
       -
               "narHash": "sha256-4Go3gVl3E+geWMcFQ+06qlkO/lJlSvS9dyhYiXLWYq0=",

     

       101
       101
       +
               "lastModified": 1763329080,

     

       102
       102
       +
               "narHash": "sha256-S6eZaiRZPvSWv9d2kZO+HrYTelWqn++vsC/bUwOSQ7I=",

     

       87
       103
        
               "owner": "nix-community",

     

       88
       104
        
               "repo": "nixos-apple-silicon",

     

       89
       89
       -
               "rev": "24ab28e47b586f741910b3a2f0428f3523a0fff3",

     

       105
       105
       +
               "rev": "bc52b0623f4367447347cbcc88522ec64486d710",

     

       90
       106
        
               "type": "github"

     

       91
       107
        
             },

     

       92
       108
        
             "original": {

     
···

       155
       171
        
               ]

     

       156
       172
        
             },

     

       157
       173
        
             "locked": {

     

       158
       158
       -
               "lastModified": 1758805352,

     

       159
       159
       -
               "narHash": "sha256-BHdc43Lkayd+72W/NXRKHzX5AZ+28F3xaUs3a88/Uew=",

     

       174
       174
       +
               "lastModified": 1763136804,

     

       175
       175
       +
               "narHash": "sha256-6p2ljK42s0S8zS0UU59EsEqupz0GVCaBYRylpUadeBM=",

     

       160
       176
        
               "owner": "lnl7",

     

       161
       177
        
               "repo": "nix-darwin",

     

       162
       162
       -
               "rev": "c48e963a5558eb1c3827d59d21c5193622a1477c",

     

       178
       178
       +
               "rev": "973db96394513fd90270ea5a1211a82a4a0ba47f",

     

       163
       179
        
               "type": "github"

     

       164
       180
        
             },

     

       165
       181
        
             "original": {

     
···

       176
       192
        
               ]

     

       177
       193
        
             },

     

       178
       194
        
             "locked": {

     

       179
       179
       -
               "lastModified": 1741473158,

     

       180
       180
       -
               "narHash": "sha256-kWNaq6wQUbUMlPgw8Y+9/9wP0F8SHkjy24/mN3UAppg=",

     

       195
       195
       +
               "lastModified": 1762521437,

     

       196
       196
       +
               "narHash": "sha256-RXN+lcx4DEn3ZS+LqEJSUu/HH+dwGvy0syN7hTo/Chg=",

     

       181
       197
        
               "owner": "numtide",

     

       182
       198
        
               "repo": "devshell",

     

       183
       183
       -
               "rev": "7c9e793ebe66bcba8292989a68c0419b737a22a0",

     

       199
       199
       +
               "rev": "07bacc9531f5f4df6657c0a02a806443685f384a",

     

       184
       200
        
               "type": "github"

     

       185
       201
        
             },

     

       186
       202
        
             "original": {

     
···

       392
       408
        
               ]

     

       393
       409
        
             },

     

       394
       410
        
             "locked": {

     

       395
       395
       -
               "lastModified": 1760239230,

     

       396
       396
       -
               "narHash": "sha256-eqSP/BAbQwNTlQ/6yuK0yILzZAPNNj91gp6oIfVtu/E=",

     

       411
       411
       +
               "lastModified": 1763313531,

     

       412
       412
       +
               "narHash": "sha256-yvdCYUL85zEDp2NzPUBmaNBXP6KnWEOhAk3j7PTfsKw=",

     

       397
       413
        
               "owner": "nix-community",

     

       398
       414
        
               "repo": "home-manager",

     

       399
       399
       -
               "rev": "c4aaddeaecc09554c92518fd904e3e84b497ed09",

     

       415
       415
       +
               "rev": "3670a78eee49deebe4825fc8ecc46b172d1a8391",

     

       400
       416
        
               "type": "github"

     

       401
       417
        
             },

     

       402
       418
        
             "original": {

     
···

       583
       599
        
           },

     

       584
       600
        
           "nixos-hardware": {

     

       585
       601
        
             "locked": {

     

       586
       586
       -
               "lastModified": 1760106635,

     

       587
       587
       -
               "narHash": "sha256-2GoxVaKWTHBxRoeUYSjv0AfSOx4qw5CWSFz2b+VolKU=",

     

       602
       602
       +
               "lastModified": 1762847253,

     

       603
       603
       +
               "narHash": "sha256-BWWnUUT01lPwCWUvS0p6Px5UOBFeXJ8jR+ZdLX8IbrU=",

     

       588
       604
        
               "owner": "NixOS",

     

       589
       605
        
               "repo": "nixos-hardware",

     

       590
       590
       -
               "rev": "9ed85f8afebf2b7478f25db0a98d0e782c0ed903",

     

       606
       606
       +
               "rev": "899dc449bc6428b9ee6b3b8f771ca2b0ef945ab9",

     

       591
       607
        
               "type": "github"

     

       592
       608
        
             },

     

       593
       609
        
             "original": {

     
···

       599
       615
        
           },

     

       600
       616
        
           "nixpkgs": {

     

       601
       617
        
             "locked": {

     

       602
       602
       -
               "lastModified": 1760164275,

     

       603
       603
       -
               "narHash": "sha256-gKl2Gtro/LNf8P+4L3S2RsZ0G390ccd5MyXYrTdMCFE=",

     

       618
       618
       +
               "lastModified": 1763312402,

     

       619
       619
       +
               "narHash": "sha256-3YJkOBrFpmcusnh7i8GXXEyh7qZG/8F5z5+717550Hk=",

     

       604
       620
        
               "owner": "nixos",

     

       605
       621
        
               "repo": "nixpkgs",

     

       606
       606
       -
               "rev": "362791944032cb532aabbeed7887a441496d5e6e",

     

       622
       622
       +
               "rev": "85a6c4a07faa12aaccd81b36ba9bfc2bec974fa1",

     

       607
       623
        
               "type": "github"

     

       608
       624
        
             },

     

       609
       625
        
             "original": {

     
···

       1039
       1055
        
           },

     

       1040
       1056
        
           "tangled": {

     

       1041
       1057
        
             "inputs": {

     

       1058
       1058
       +
               "actor-typeahead-src": "actor-typeahead-src",

     

       1042
       1059
        
               "flake-compat": "flake-compat_3",

     

       1043
       1060
        
               "gomod2nix": "gomod2nix",

     

       1044
       1061
        
               "htmx-src": "htmx-src",

     
···

       1053
       1070
        
               "sqlite-lib-src": "sqlite-lib-src"

     

       1054
       1071
        
             },

     

       1055
       1072
        
             "locked": {

     

       1056
       1056
       -
               "lastModified": 1760265128,

     

       1057
       1057
       -
               "narHash": "sha256-16Kk6qlIFNS8gdvFAq/6ygNRo0+xqSKltBUNA4PxscY=",

     

       1073
       1073
       +
               "lastModified": 1763367685,

     

       1074
       1074
       +
               "narHash": "sha256-PznnFGOwl+FUj2b/xf2qeoh5+tWjj9monYiSufpjXuk=",

     

       1058
       1075
        
               "ref": "refs/heads/master",

     

       1059
       1059
       -
               "rev": "3ebdcdbd0f620da0dba554012bc89f59b9122808",

     

       1060
       1060
       -
               "revCount": 1520,

     

       1076
       1076
       +
               "rev": "e499dc0f74cea6a6e6eb930c1118683ae8d78d7d",

     

       1077
       1077
       +
               "revCount": 1667,

     

       1061
       1078
        
               "type": "git",

     

       1062
       1062
       -
               "url": "ssh://git@tangled.org/tangled.org/core"

     

       1079
       1079
       +
               "url": "https://tangled.org/@tangled.org/core"

     

       1063
       1080
        
             },

     

       1064
       1081
        
             "original": {

     

       1065
       1082
        
               "type": "git",

     

       1066
       1066
       -
               "url": "ssh://git@tangled.org/tangled.org/core"

     

       1083
       1083
       +
               "url": "https://tangled.org/@tangled.org/core"

     

       1067
       1084
        
             }

     

       1068
       1085
        
           },

     

       1069
       1086
        
           "telescope-nvim": {

     
···

       1188
       1205
        
             },

     

       1189
       1206
        
             "locked": {

     

       1190
       1207
        
               "dir": "nix",

     

       1191
       1191
       -
               "lastModified": 1760294209,

     

       1192
       1192
       -
               "narHash": "sha256-dVtV5m0AzcxUn7dVnVvmiQECQzO1rEMNYOEJvpodY1A=",

     

       1208
       1208
       +
               "lastModified": 1761993598,

     

       1209
       1209
       +
               "narHash": "sha256-2KCNlCz+W76Fdl+N7rEPdrwNwO011dDDYgZZmYlV3+o=",

     

       1193
       1210
        
               "owner": "AndyFilter",

     

       1194
       1211
        
               "repo": "yeetmouse",

     

       1195
       1195
       -
               "rev": "783f8f3c9dbb660235b953ad234b8b4b964ab2e7",

     

       1212
       1212
       +
               "rev": "99844bbd786d612657d892cac2f663d940fd3d62",

     

       1196
       1213
        
               "type": "github"

     

       1197
       1214
        
             },

     

       1198
       1215
        
             "original": {

     
···

       1212
       1229
        
               ]

     

       1213
       1230
        
             },

     

       1214
       1231
        
             "locked": {

     

       1215
       1215
       -
               "lastModified": 1760293464,

     

       1216
       1216
       -
               "narHash": "sha256-ZzEtJKudu4ElfYM2+hX9EIk43wX30wE2v5pjClibFq4=",

     

       1232
       1232
       +
               "lastModified": 1763353619,

     

       1233
       1233
       +
               "narHash": "sha256-y30wSzjr7QiO4OVB/Tt7dnLRLIuK2EpaftpKeMMLGu0=",

     

       1217
       1234
        
               "owner": "0xc000022070",

     

       1218
       1235
        
               "repo": "zen-browser-flake",

     

       1219
       1219
       -
               "rev": "a6ed465e39c76713f2d17918101193012e387e15",

     

       1236
       1236
       +
               "rev": "7463345c68cfdd9e92e2d40e390b1a802b0f2add",

     

       1220
       1237
        
               "type": "github"

     

       1221
       1238
        
             },

     

       1222
       1239
        
             "original": {

+1 -1

flake.nix

···

       84
       84
        
           };

     

       85
       85
        
       

     

       86
       86
        
           tangled = {

     

       87
       87
       -
             url = "git+ssh://git@tangled.org/tangled.org/core";

     

       87
       87
       +
             url = "git+https://tangled.org/@tangled.org/core";

     

       88
       88
        
             inputs.nixpkgs.follows = "nixpkgs";

     

       89
       89
        
           };

     

       90
       90
        
         };

-1

machines/ramune/configuration.nix

···

       31
       31
        
             leases = [

     

       32
       32
        
               { macAddress = "98:ed:7e:c6:57:b2"; ipAddress = "10.0.0.102"; } # eero router

     

       33
       33
        
               { macAddress = "c4:f1:74:51:4c:f2"; ipAddress = "10.0.0.124"; } # eero router

     

       34
       34
       -
               { macAddress = "5c:61:99:7a:16:40"; ipAddress = "10.0.0.103"; } # brother printer

     

       35
       34
        
               { macAddress = "1c:1d:d3:de:4b:06"; ipAddress = "10.0.0.35"; }  # irnbru

     

       36
       35
        
             ];

     

       37
       36
        
             nftables.blockForward = [

-5

modules/router/upnp.nix

···

       20
       20
        
           services.miniupnpd = {

     

       21
       21
        
             enable = true;

     

       22
       22
        
             upnp = true;

     

       23
       23
       -
             natpmp = true;

     

       24
       23
        
             internalIPs = if intern != null then [ intern.name ] else [];

     

       25
       24
        
             externalInterface = extern.name;

     

       26
       25
        
             appendConfig = ''

     
···

       31
       30
        
               allow 1024-65535 ${intern.cidr} 1024-65535

     

       32
       31
        
               deny 0-65535 0.0.0.0/0 0-65535

     

       33
       32
        
             '';

     

       34
       34
       -
           };

     

       35
       35
       -
       

     

       36
       36
       -
           systemd.services.miniupnpd = {

     

       37
       37
       -
             after = [ "network-online.target" ];

     

       38
       33
        
           };

     

       39
       34
        
         };

     

       40
       35
        
       }

+1 -1

modules/server/caddy.nix

···

       49
       49
        
       

     

       50
       50
        
         knotConfig = if knotEnabled then ''

     

       51
       51
        
           ${cfg.tangled.hostname} {

     

       52
       52
       -
             reverse_proxy localhost:5555

     

       52
       52
       +
             reverse_proxy ${config.services.tangled.knot.server.listenAddr}

     

       53
       53
        
           }

     

       54
       54
        
         '' else "";

     

       55
       55

+7 -7

modules/server/tangled.nix

···

       25
       25
        
         };

     

       26
       26
        
       

     

       27
       27
        
         config = mkIf (cfg.enable && cfg.tangled.enable) {

     

       28
       28
       -
           services.tangled-knot = {

     

       28
       28
       +
           services.tangled.knot = {

     

       29
       29
        
             enable = true;

     

       30
       30
        
             openFirewall = true;

     

       31
       31
        
             server = {

     

       32
       32
        
               hostname = cfg.tangled.hostname;

     

       33
       33
       -
               listenAddr = "127.0.0.1:5555";

     

       34
       33
        
               owner = cfg.tangled.owner;

     

       35
       34
        
             };

     

       36
       35
        
           };

     
···

       45
       44
        
                 fsckObjects = true;

     

       46
       45
        
                 autogc = true;

     

       47
       46
        
               };

     

       48
       48
       -
       

     

       49
       49
       -
               include.path = "/etc/gitconfig.private";

     

       47
       47
       +
               include.path = config.age.secrets."gitconfig.private".path;

     

       50
       48
        
             };

     

       51
       49
        
           };

     

       52
       50
        
       

     

       53
       53
       -
           age.secrets."gitconfig.private" = {

     

       51
       51
       +
           age.secrets."gitconfig.private" = let

     

       52
       52
       +
             user = config.services.tangled.knot.gitUser;

     

       53
       53
       +
           in {

     

       54
       54
        
             symlink = false;

     

       55
       55
        
             path = "/etc/gitconfig.private";

     

       56
       56
        
             file = ./encrypt/gitconfig.age;

     

       57
       57
       -
             owner = cfg.tangled.owner;

     

       58
       58
       -
             group = cfg.tangled.owner;

     

       57
       57
       +
             owner = user;

     

       58
       58
       +
             group = user;

     

       59
       59
        
             mode = "0444";

     

       60
       60
        
           };

     

       61
       61
        
         };