nekomimi.pet / nixcfg
my nix configs for my servers and desktop
fork atom

cute refactor

nekomimi.pet 7fb32811 3e9d95c2

options
unified split
Changed files
+250 -179
flake.nix
hosts
buer
default.nix
focalor
default.nix
valefar
default.nix
modules
caddy
caddy.nix
common
system.nix
forgejo
default.nix
garage
default.nix
github-runners
default.nix
services
forgejo.nix
garage.nix
github-runners.nix
+74 -66
flake.nix 
···

       
9

       
 

       



     

       
10

       
 

       
    vscode-server.url = "github:nix-community/nixos-vscode-server";


     

       
11

       
 

       
    agenix.url = "github:ryantm/agenix";


     

       
12

       
-

       
    zen-browser = { 


     

       
13

       
 

       
      url = "github:0xc000022070/zen-browser-flake";


     

       
14

       
 

       
      inputs.nixpkgs.follows = "nixpkgs";


     

       
15

       
 

       
    };


     
···

       
21

       
 

       
    };


     

       
22

       
 

       
  };


     

       
23

       
 

       



     

       
24

       
-

       
  outputs = inputs@{ self, nixpkgs, lix-module, vscode-server, agenix, zen-browser, catppuccin, home-manager, ... }: {


     

       
25

       
-

       
    nixosConfigurations = {


     

       
26

       
-

       
      focalor = nixpkgs.lib.nixosSystem {


     

       
27

       
-

       
        system = "x86_64-linux";


     

       
28

       
-

       
        specialArgs = { inherit inputs; system = "x86_64-linux"; };


     

       
29

       
-

       
        modules = [


     

       
30

       
-

       
          ./hosts/focalor


     

       
31

       
-

       
          lix-module.nixosModules.default


     

       
32

       
-

       
          


     

       
33

       
-

       
          vscode-server.nixosModules.default


     

       
34

       
-

       
          agenix.nixosModules.default


     

       
35

       
-

       
          


     

       
36

       
-

       
          ({ config, pkgs, ... }: {


     

       
37

       
-

       
            services.vscode-server.enable = true;


     

       
38

       
-

       
            services.vscode-server.nodejsPackage = pkgs.nodejs_20;


     

       
39

       
-

       
            environment.systemPackages = [ agenix.packages.x86_64-linux.default ];


     

       
40

       
-

       
          })


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
41

       
 

       



     

       
42

       
-

       
          catppuccin.nixosModules.catppuccin


     

       

       

       
     

       
43

       
 

       



     

       
44

       
-

       
          home-manager.nixosModules.home-manager {


     

       
45

       
-

       
            home-manager.useGlobalPkgs = true;


     

       
46

       
-

       
            home-manager.backupFileExtension = "HMBackup";


     

       
47

       
-

       
            home-manager.users.regent.imports = [


     

       
48

       
-

       
              ./home/regent/home.nix


     

       
49

       
-

       
              catppuccin.homeModules.catppuccin


     

       
50

       
-

       
            ];


     

       
51

       
-

       
            home-manager.extraSpecialArgs = { inherit inputs; system = "x86_64-linux";};


     

       
52

       
-

       
          }


     

       
53

       
-

       
        ];


     

       
54

       
-

       
      };


     

       
55

       
 

       



     

       
56

       
-

       
      valefar = nixpkgs.lib.nixosSystem {


     

       
57

       
-

       
        system = "x86_64-linux";


     

       
58

       
-

       
        modules = [


     

       
59

       
-

       
          ./hosts/valefar  # imports configuration.nix automatically


     

       
60

       
-

       
          lix-module.nixosModules.default


     

       
61

       
-

       
          


     

       
62

       
-

       
          # External modules


     

       
63

       
-

       
          vscode-server.nixosModules.default


     

       
64

       
-

       
          agenix.nixosModules.default


     

       
65

       
-

       
          


     

       
66

       
-

       
          # Global external module config


     

       
67

       
-

       
          ({ config, pkgs, ... }: {


     

       
68

       
-

       
            services.vscode-server.enable = true;


     

       
69

       
-

       
            services.vscode-server.nodejsPackage = pkgs.nodejs_20;


     

       
70

       
-

       
            environment.systemPackages = [ agenix.packages.x86_64-linux.default ];


     

       
71

       
-

       
          })


     

       
72

       
-

       
        ];


     

       
73

       
-

       
      };


     

       

       

       
     

       

       

       
     

       

       

       
     

       
74

       
 

       



     

       
75

       
-

       
      buer = nixpkgs.lib.nixosSystem {


     

       
76

       
-

       
        system = "x86_64-linux";


     

       
77

       
-

       
        modules = [


     

       
78

       
-

       
          ./hosts/buer


     

       
79

       
 

       



     

       
80

       
-

       
          agenix.nixosModules.default  


     

       
81

       
-

       
        ];


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
82

       
 

       
      };


     

       
83

       
-

       
      


     

       
84

       
-

       
      # Easy to add more hosts


     

       
85

       
-

       
      /*server2 = nixpkgs.lib.nixosSystem {


     

       
86

       
-

       
        system = "x86_64-linux";


     

       
87

       
-

       
        modules = [


     

       
88

       
-

       
          ./hosts/server2


     

       
89

       
-

       
          agenix.nixosModules.default


     

       
90

       
-

       
          # different services for server2


     

       
91

       
-

       
        ];


     

       
92

       
-

       
      };*/


     

       
93

       
 

       
    };


     

       
94

       
-

       
  };


     

       
95

       
-

       
}


     
···

       
9

       
 

       



     

       
10

       
 

       
    vscode-server.url = "github:nix-community/nixos-vscode-server";


     

       
11

       
 

       
    agenix.url = "github:ryantm/agenix";


     

       
12

       
+

       
    zen-browser = {


     

       
13

       
 

       
      url = "github:0xc000022070/zen-browser-flake";


     

       
14

       
 

       
      inputs.nixpkgs.follows = "nixpkgs";


     

       
15

       
 

       
    };


     
···

       
21

       
 

       
    };


     

       
22

       
 

       
  };


     

       
23

       
 

       



     

       
24

       
+

       
  outputs =


     

       
25

       
+

       
    { self, ... }@inputs:


     

       
26

       
+

       
    with inputs;


     

       
27

       
+

       
    let


     

       
28

       
+

       
      nixosModules = builtins.listToAttrs (


     

       
29

       
+

       
        map (module: {


     

       
30

       
+

       
          name = module;


     

       
31

       
+

       
          value = import (./modules + "/${module}");


     

       
32

       
+

       
        }) (builtins.attrNames (builtins.readDir ./modules))


     

       
33

       
+

       
      );


     

       
34

       
+

       
    in


     

       
35

       
+

       
    {


     

       
36

       
+

       
      nixosConfigurations = {


     

       
37

       
+

       
        focalor = nixpkgs.lib.nixosSystem {


     

       
38

       
+

       
          system = "x86_64-linux";


     

       
39

       
+

       
          specialArgs = {


     

       
40

       
+

       
            inherit inputs;


     

       
41

       
+

       
            system = "x86_64-linux";


     

       
42

       
+

       
          };


     

       
43

       
+

       
          modules = [


     

       
44

       
+

       
            ./hosts/focalor


     

       
45

       
+

       
            lix-module.nixosModules.default


     

       
46

       
 

       



     

       
47

       
+

       
            vscode-server.nixosModules.default


     

       
48

       
+

       
            agenix.nixosModules.default


     

       
49

       
 

       



     

       
50

       
+

       
            catppuccin.nixosModules.catppuccin


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
51

       
 

       



     

       
52

       
+

       
            home-manager.nixosModules.home-manager


     

       
53

       
+

       
            {


     

       
54

       
+

       
              home-manager.useGlobalPkgs = true;


     

       
55

       
+

       
              home-manager.backupFileExtension = "HMBackup";


     

       
56

       
+

       
              home-manager.users.regent.imports = [


     

       
57

       
+

       
                ./home/regent/home.nix


     

       
58

       
+

       
                catppuccin.homeModules.catppuccin


     

       
59

       
+

       
              ];


     

       
60

       
+

       
              home-manager.extraSpecialArgs = {


     

       
61

       
+

       
                inherit inputs;


     

       
62

       
+

       
                system = "x86_64-linux";


     

       
63

       
+

       
              };


     

       
64

       
+

       
            }


     

       
65

       
+

       
          ];


     

       
66

       
+

       
        };


     

       
67

       
+

       



     

       
68

       
+

       
        valefar = nixpkgs.lib.nixosSystem {


     

       
69

       
+

       
          system = "x86_64-linux";


     

       
70

       
+

       
          modules = [


     

       
71

       
+

       
            ./hosts/valefar


     

       
72

       
+

       
            lix-module.nixosModules.default


     

       
73

       
 

       



     

       
74

       
+

       
            vscode-server.nixosModules.default


     

       
75

       
+

       
            agenix.nixosModules.default


     

       

       

       
     

       

       

       
     

       
76

       
 

       



     

       
77

       
+

       
            { imports = builtins.attrValues nixosModules; }


     

       
78

       
+

       
          ];


     

       
79

       
+

       
        };


     

       
80

       
+

       



     

       
81

       
+

       
        buer = nixpkgs.lib.nixosSystem {


     

       
82

       
+

       
          system = "x86_64-linux";


     

       
83

       
+

       
          modules = [


     

       
84

       
+

       
            ./hosts/buer


     

       
85

       
+

       



     

       
86

       
+

       
            agenix.nixosModules.default


     

       
87

       
+

       
          ];


     

       
88

       
+

       
        };


     

       
89

       
+

       



     

       
90

       
+

       
        # Easy to add more hosts


     

       
91

       
+

       
        /*


     

       
92

       
+

       
          server2 = nixpkgs.lib.nixosSystem {


     

       
93

       
+

       
            system = "x86_64-linux";


     

       
94

       
+

       
            modules = [


     

       
95

       
+

       
              ./hosts/server2


     

       
96

       
+

       
              agenix.nixosModules.default


     

       
97

       
+

       
              # different services for server2


     

       
98

       
+

       
            ];


     

       
99

       
+

       
          };


     

       
100

       
+

       
        */


     

       
101

       
 

       
      };


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
102

       
 

       
    };


     

       
103

       
+

       
}
+3 -1
hosts/buer/default.nix 
···

       
13

       
 

       
    ../../modules/common/services.nix


     

       
14

       
 

       
    


     

       
15

       
 

       
    # Services specific to this host


     

       
16

       
-

       
    ../../services/garage.nix


     

       
17

       
 

       
    #../../services/forgejo.nix


     

       
18

       
 

       



     

       
19

       
 

       
    # Common secrets


     

       
20

       
 

       
    ../../host-secrets.nix


     

       
21

       
 

       
  ];


     

       

       

       
     

       

       

       
     

       

       

       
     

       
22

       
 

       



     

       
23

       
 

       
  # pin host platform & microcode


     

       
24

       
 

       
  nixpkgs.hostPlatform               = lib.mkDefault "x86_64-linux";


     
···

       
13

       
 

       
    ../../modules/common/services.nix


     

       
14

       
 

       
    


     

       
15

       
 

       
    # Services specific to this host


     

       

       

       
     

       
16

       
 

       
    #../../services/forgejo.nix


     

       
17

       
 

       



     

       
18

       
 

       
    # Common secrets


     

       
19

       
 

       
    ../../host-secrets.nix


     

       
20

       
 

       
  ];


     

       
21

       
+

       



     

       
22

       
+

       
  system.stateVersion = "24.11";


     

       
23

       
+

       
  modules.garage.enable = true;


     

       
24

       
 

       



     

       
25

       
 

       
  # pin host platform & microcode


     

       
26

       
 

       
  nixpkgs.hostPlatform               = lib.mkDefault "x86_64-linux";
+3 -3
hosts/focalor/default.nix 
···

       
20

       
 

       
    # Nvidia


     

       
21

       
 

       
    ../../modules/common/nvidia.nix


     

       
22

       
 

       
    


     

       
23

       
-

       
    # Services specific to this host


     

       
24

       
-

       
    #../../services/xyz.nix    


     

       
25

       
-

       



     

       
26

       
 

       
    # Common secrets


     

       
27

       
 

       
    #../../host-secrets.nix


     

       
28

       
 

       
  ];


     

       

       

       
     

       

       

       
     

       
29

       
 

       



     

       
30

       
 

       
  # pin host platform & microcode


     

       
31

       
 

       
  nixpkgs.hostPlatform               = lib.mkDefault "x86_64-linux";


     
···

       
62

       
 

       
  environment.systemPackages = with pkgs; [


     

       
63

       
 

       
    #lm_sensors


     

       
64

       
 

       
    code-server


     

       

       

       
     

       
65

       
 

       
  ];


     

       
66

       
 

       



     

       
67

       
 

       
  environment.sessionVariables.WLR_RENDERER = "vulkan";


     
···

       
20

       
 

       
    # Nvidia


     

       
21

       
 

       
    ../../modules/common/nvidia.nix


     

       
22

       
 

       
    


     

       

       

       
     

       

       

       
     

       

       

       
     

       
23

       
 

       
    # Common secrets


     

       
24

       
 

       
    #../../host-secrets.nix


     

       
25

       
 

       
  ];


     

       
26

       
+

       



     

       
27

       
+

       
  system.stateVersion = "24.11";


     

       
28

       
 

       



     

       
29

       
 

       
  # pin host platform & microcode


     

       
30

       
 

       
  nixpkgs.hostPlatform               = lib.mkDefault "x86_64-linux";


     
···

       
61

       
 

       
  environment.systemPackages = with pkgs; [


     

       
62

       
 

       
    #lm_sensors


     

       
63

       
 

       
    code-server


     

       
64

       
+

       
    agenix.packages.x86_64-linux.default


     

       
65

       
 

       
  ];


     

       
66

       
 

       



     

       
67

       
 

       
  environment.sessionVariables.WLR_RENDERER = "vulkan";
+10 -4
hosts/valefar/default.nix 
···

       
14

       
 

       
    ../../modules/common/services.nix


     

       
15

       
 

       
    ../../modules/common/efi.nix


     

       
16

       
 

       
    


     

       
17

       
-

       
    # Services specific to this host


     

       
18

       
-

       
    ../../services/garage.nix


     

       
19

       
-

       
    ../../services/forgejo.nix


     

       
20

       
-

       



     

       
21

       
 

       
    # Common secrets


     

       
22

       
 

       
    ../../host-secrets.nix


     

       
23

       
 

       
  ];


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
24

       
 

       



     

       
25

       
 

       
  # pin host platform & microcode


     

       
26

       
 

       
  nixpkgs.hostPlatform               = lib.mkDefault "x86_64-linux";


     
···

       
83

       
 

       
  services.zfs.autoScrub.enable = true;


     

       
84

       
 

       
  services.zfs.trim.enable = true;


     

       
85

       
 

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       
86

       
 

       
  environment.systemPackages = with pkgs; [


     

       
87

       
 

       
    lm_sensors


     

       
88

       
 

       
    code-server


     

       

       

       
     

       
89

       
 

       
  ];


     

       
90

       
 

       



     

       
91

       
 

       
  virtualisation.docker = {


     
···

       
14

       
 

       
    ../../modules/common/services.nix


     

       
15

       
 

       
    ../../modules/common/efi.nix


     

       
16

       
 

       
    


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
17

       
 

       
    # Common secrets


     

       
18

       
 

       
    ../../host-secrets.nix


     

       
19

       
 

       
  ];


     

       
20

       
+

       



     

       
21

       
+

       
  # Enable modules


     

       
22

       
+

       
  modules.garage.enable = true;


     

       
23

       
+

       
  modules.forgejo.enable = true;


     

       
24

       
+

       



     

       
25

       
+

       
  system.stateVersion = "24.11";


     

       
26

       
 

       



     

       
27

       
 

       
  # pin host platform & microcode


     

       
28

       
 

       
  nixpkgs.hostPlatform               = lib.mkDefault "x86_64-linux";


     
···

       
85

       
 

       
  services.zfs.autoScrub.enable = true;


     

       
86

       
 

       
  services.zfs.trim.enable = true;


     

       
87

       
 

       



     

       
88

       
+

       
  services.vscode-server.enable = true;


     

       
89

       
+

       
  services.vscode-server.nodejsPackage = pkgs.nodejs_20;


     

       
90

       
+

       



     

       
91

       
 

       
  environment.systemPackages = with pkgs; [


     

       
92

       
 

       
    lm_sensors


     

       
93

       
 

       
    code-server


     

       
94

       
+

       
    agenix.packages.x86_64-linux.default


     

       
95

       
 

       
  ];


     

       
96

       
 

       



     

       
97

       
 

       
  virtualisation.docker = {
+14
modules/caddy/caddy.nix 
···

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     
···

       
1

       
+

       
{lib, pkgs, config, ...}:


     

       
2

       
+

       



     

       
3

       
+

       
{


     

       
4

       
+

       
 


     

       
5

       
+

       
  services.caddy = {


     

       
6

       
+

       
    enable = true;


     

       
7

       
+

       



     

       
8

       
+

       
    virtualHosts = {


     

       
9

       
+

       
      "s3.nekomimi.pet".extraConfig = ''


     

       
10

       
+

       
        reverse_proxy http://127.0.0.1:3903


     

       
11

       
+

       
      ''


     

       
12

       
+

       
    };


     

       
13

       
+

       
  };


     

       
14

       
+

       
}
-2
modules/common/system.nix 
···

       
11

       
 

       



     

       
12

       
 

       
  time.timeZone     = "America/New_York";


     

       
13

       
 

       
  i18n.defaultLocale = "en_US.UTF-8";


     

       
14

       
-

       



     

       
15

       
-

       
  system.stateVersion = "24.11";


     

       
16

       
 

       
}


     

       
17

       
 

       



     
···

       
11

       
 

       



     

       
12

       
 

       
  time.timeZone     = "America/New_York";


     

       
13

       
 

       
  i18n.defaultLocale = "en_US.UTF-8";


     

       

       

       
     

       

       

       
     

       
14

       
 

       
}


     

       
15
+49
modules/forgejo/default.nix 
···

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     
···

       
1

       
+

       
{ lib, pkgs, config, ... }:


     

       
2

       
+

       



     

       
3

       
+

       
with lib;


     

       
4

       
+

       
let


     

       
5

       
+

       
  cfg = config.modules.forgejo;


     

       
6

       
+

       
  sshPort = 2222;


     

       
7

       
+

       
  httpPort = 5000;


     

       
8

       
+

       
in


     

       
9

       
+

       
{


     

       
10

       
+

       
  options = {


     

       
11

       
+

       
    modules = {


     

       
12

       
+

       
      forgejo = {


     

       
13

       
+

       
        enable = mkEnableOption "Deploy forgejo";


     

       
14

       
+

       
      };


     

       
15

       
+

       
    };


     

       
16

       
+

       
  };


     

       
17

       
+

       



     

       
18

       
+

       
  config = mkIf cfg.enable {


     

       
19

       
+

       
    networking.firewall.allowedTCPPorts = [


     

       
20

       
+

       
      sshPort


     

       
21

       
+

       
      httpPort


     

       
22

       
+

       
    ];


     

       
23

       
+

       



     

       
24

       
+

       
    services.forgejo = {


     

       
25

       
+

       
      enable = true;


     

       
26

       
+

       
      database = {


     

       
27

       
+

       
        type = "sqlite3";


     

       
28

       
+

       
        path = "/var/lib/forgejo/forgejo.db";


     

       
29

       
+

       
      };


     

       
30

       
+

       
      lfs.enable = true;


     

       
31

       
+

       
      settings = {


     

       
32

       
+

       
        server = {


     

       
33

       
+

       
          domain = "git.nekomimi.pet";


     

       
34

       
+

       
          ROOT_URL = "https://git.nekomimi.pet";


     

       
35

       
+

       
          LANDING_PAGE = "explore";


     

       
36

       
+

       
          HTTP_PORT = 5000;


     

       
37

       
+

       
          SSH_LISTEN_PORT = 2222;


     

       
38

       
+

       
          SSH_PORT = 2222;


     

       
39

       
+

       
          START_SSH_SERVER = true;


     

       
40

       
+

       
        };


     

       
41

       
+

       
        # service.DISABLE_REGISTRATION = true;


     

       
42

       
+

       
        actions = {


     

       
43

       
+

       
          ENABLED = true;


     

       
44

       
+

       
          DEFAULT_ACTIONS_URL = "github";


     

       
45

       
+

       
        };


     

       
46

       
+

       
      };


     

       
47

       
+

       
    };


     

       
48

       
+

       
  };


     

       
49

       
+

       
}
+50
modules/garage/default.nix 
···

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     
···

       
1

       
+

       
{ config, lib, pkgs, ... }:


     

       
2

       
+

       



     

       
3

       
+

       
with lib;


     

       
4

       
+

       
let


     

       
5

       
+

       
  cfg = config.modules.garage;


     

       
6

       
+

       
in


     

       
7

       
+

       
{


     

       
8

       
+

       
  options = {


     

       
9

       
+

       
    modules = {


     

       
10

       
+

       
      garage = {


     

       
11

       
+

       
        enable = mkEnableOption "Deploy garage";


     

       
12

       
+

       
      };


     

       
13

       
+

       
    };


     

       
14

       
+

       
  };


     

       
15

       
+

       



     

       
16

       
+

       
  config = mkIf cfg.enable {


     

       
17

       
+

       
    services.garage = {


     

       
18

       
+

       
      enable = true;


     

       
19

       
+

       
      package = pkgs.garage;


     

       
20

       
+

       
      settings = {


     

       
21

       
+

       
        metadata_dir = "/garage/metadata";


     

       
22

       
+

       
        data_dir = "/garage/data";


     

       
23

       
+

       
        db_engine = "lmdb";


     

       
24

       
+

       
        replication_mode = "2";


     

       
25

       
+

       
        rpc_bind_addr = "[::]:3901";


     

       
26

       
+

       
        rpc_public_addr = "${config.networking.hostName}:3901";


     

       
27

       
+

       
        rpc_secret_file = config.age.secrets."garage-rpc-secret".path;


     

       
28

       
+

       
        s3_api = {


     

       
29

       
+

       
          s3_region = config.networking.hostName;


     

       
30

       
+

       
          api_bind_addr = "[::]:3900";


     

       
31

       
+

       
          root_domain = ".s3.nekomimi.pet";


     

       
32

       
+

       
        };


     

       
33

       
+

       
        s3_web = {


     

       
34

       
+

       
          bind_addr = "[::]:3902";


     

       
35

       
+

       
          root_domain = ".web.nekomimi.pet";


     

       
36

       
+

       
          index = "index.html";


     

       
37

       
+

       
        };


     

       
38

       
+

       
        admin = {


     

       
39

       
+

       
          api_bind_addr = "[::]:3903";


     

       
40

       
+

       
          admin_token_file = config.age.secrets."garage-admin-token".path;


     

       
41

       
+

       
          metrics_token_file = config.age.secrets."garage-metrics-token".path;


     

       
42

       
+

       
        };


     

       
43

       
+

       
        bootstrap_peers = [


     

       
44

       
+

       
          "d548d0c9ae9aec9e26fe0bd2ca3efe75f654fa350bad5cb02bc9aebc9850ba8f@[2a04:52c0:135:48d1::2]:3901" # buer


     

       
45

       
+

       
          "5504cb25910dcef4a4312006691d651c099cde7c3a88df9ca79aa350571e6e65@[2601:5c2:8400:26c0:4ecc:6aff:fef7:98ca]:3901" #valefar


     

       
46

       
+

       
        ];


     

       
47

       
+

       
      };


     

       
48

       
+

       
    };


     

       
49

       
+

       
  };


     

       
50

       
+

       
}
+47
modules/github-runners/default.nix 
···

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     
···

       
1

       
+

       
{ lib, pkgs, config, ... }:


     

       
2

       
+

       



     

       
3

       
+

       
with lib;


     

       
4

       
+

       
let


     

       
5

       
+

       
  cfg = config.modules.github-runners;


     

       
6

       
+

       
  extraPackages = 


     

       
7

       
+

       
    let gtar = pkgs.runCommandNoCC "gtar" { } ''


     

       
8

       
+

       
      mkdir -p $out/bin


     

       
9

       
+

       
      ln -s ${lib.getExe pkgs.gnutar} $out/bin/gtar


     

       
10

       
+

       
    '';


     

       
11

       
+

       
    in


     

       
12

       
+

       
    with pkgs; [


     

       
13

       
+

       
      nix


     

       
14

       
+

       
      nixci


     

       
15

       
+

       
      cachix


     

       
16

       
+

       
      coreutils


     

       
17

       
+

       
      which


     

       
18

       
+

       
      jq


     

       
19

       
+

       
      gtar


     

       
20

       
+

       
      docker


     

       
21

       
+

       
      curl


     

       
22

       
+

       
    ];


     

       
23

       
+

       
in


     

       
24

       
+

       
{


     

       
25

       
+

       
  options = {


     

       
26

       
+

       
    modules = {


     

       
27

       
+

       
      github-runners = {


     

       
28

       
+

       
        enable = mkEnableOption "Deploy github runners";


     

       
29

       
+

       
      };


     

       
30

       
+

       
    };


     

       
31

       
+

       
  };


     

       
32

       
+

       



     

       
33

       
+

       
  config = mkIf cfg.enable {


     

       
34

       
+

       
    services.github-runners = {


     

       
35

       
+

       
      simplelink = {


     

       
36

       
+

       
        enable     = true;


     

       
37

       
+

       
        name       = "simplelink";


     

       
38

       
+

       
        url        = "https://github.com/waveringana/simplelink";


     

       
39

       
+

       
        token  = config.age.secrets."build-token".path;


     

       
40

       
+

       
        user = "regent";


     

       
41

       
+

       
        group = "docker";


     

       
42

       
+

       
        extraPackages = extraPackages;


     

       
43

       
+

       
       };


     

       
44

       
+

       
    };


     

       
45

       
+

       
  };


     

       
46

       
+

       
}


     

       
47

       
+
-32
services/forgejo.nix 
···

       
1

       
-

       
{lib, pkgs, config, ...}:


     

       
2

       
-

       



     

       
3

       
-

       
let


     

       
4

       
-

       
  cfg = config.services.forgejo;


     

       
5

       
-

       
  srv = cfg.settings.server;


     

       
6

       
-

       
in


     

       
7

       
-

       
{


     

       
8

       
-

       
  services.forgejo = {


     

       
9

       
-

       
    enable = true;


     

       
10

       
-

       
    database = {


     

       
11

       
-

       
      type = "sqlite3";


     

       
12

       
-

       
      path = "/var/lib/forgejo/forgejo.db";


     

       
13

       
-

       
    };


     

       
14

       
-

       
    lfs.enable = true;


     

       
15

       
-

       
    settings = {


     

       
16

       
-

       
      server = {


     

       
17

       
-

       
        domain = "git.nekomimi.pet";


     

       
18

       
-

       
        ROOT_URL = "https://git.nekomimi.pet";


     

       
19

       
-

       
        LANDING_PAGE = "explore";


     

       
20

       
-

       
        HTTP_PORT = 5000;


     

       
21

       
-

       
        SSH_LISTEN_PORT = 2222;


     

       
22

       
-

       
        SSH_PORT = 2222;


     

       
23

       
-

       
        START_SSH_SERVER = true;


     

       
24

       
-

       
      };


     

       
25

       
-

       
      # service.DISABLE_REGISTRATION = true; 


     

       
26

       
-

       
      actions = {


     

       
27

       
-

       
        ENABLED = true;


     

       
28

       
-

       
        DEFAULT_ACTIONS_URL = "github";


     

       
29

       
-

       
      };


     

       
30

       
-

       
    };


     

       
31

       
-

       
  };


     

       
32

       
-

       
}

     
···
-36
services/garage.nix 
···

       
1

       
-

       
{ config, lib, pkgs, ... }:


     

       
2

       
-

       



     

       
3

       
-

       
{


     

       
4

       
-

       
  services.garage = {


     

       
5

       
-

       
    enable = true;


     

       
6

       
-

       
    package = pkgs.garage;


     

       
7

       
-

       
    settings = {


     

       
8

       
-

       
      metadata_dir = "/garage/metadata";


     

       
9

       
-

       
      data_dir = "/garage/data";


     

       
10

       
-

       
      db_engine = "lmdb";


     

       
11

       
-

       
      replication_mode = "2";


     

       
12

       
-

       
      rpc_bind_addr = "[::]:3901";


     

       
13

       
-

       
      rpc_public_addr = "${config.networking.hostName}:3901";


     

       
14

       
-

       
      rpc_secret_file = config.age.secrets."garage-rpc-secret".path;


     

       
15

       
-

       
      s3_api = {


     

       
16

       
-

       
        s3_region = config.networking.hostName;


     

       
17

       
-

       
        api_bind_addr = "[::]:3900";


     

       
18

       
-

       
        root_domain = ".s3.nekomimi.pet";


     

       
19

       
-

       
      };


     

       
20

       
-

       
      s3_web = {


     

       
21

       
-

       
        bind_addr = "[::]:3902";


     

       
22

       
-

       
        root_domain = ".web.nekomimi.pet";


     

       
23

       
-

       
        index = "index.html";


     

       
24

       
-

       
      };


     

       
25

       
-

       
      admin = {


     

       
26

       
-

       
        api_bind_addr = "[::]:3903";


     

       
27

       
-

       
        admin_token_file = config.age.secrets."garage-admin-token".path;


     

       
28

       
-

       
        metrics_token_file = config.age.secrets."garage-metrics-token".path;


     

       
29

       
-

       
      };


     

       
30

       
-

       
      bootstrap_peers = [


     

       
31

       
-

       
        "d548d0c9ae9aec9e26fe0bd2ca3efe75f654fa350bad5cb02bc9aebc9850ba8f@[2a04:52c0:135:48d1::2]:3901" # buer


     

       
32

       
-

       
        "5504cb25910dcef4a4312006691d651c099cde7c3a88df9ca79aa350571e6e65@[2601:5c2:8400:26c0:4ecc:6aff:fef7:98ca]:3901" #valefar


     

       
33

       
-

       
      ];


     

       
34

       
-

       
    };


     

       
35

       
-

       
  };


     

       
36

       
-

       
}


     
···
-35
services/github-runners.nix 
···

       
1

       
-

       
{ lib, pkgs, ... }:


     

       
2

       
-

       



     

       
3

       
-

       
let extraPackages = 


     

       
4

       
-

       
  let gtar = pkgs.runCommandNoCC "gtar" { } ''


     

       
5

       
-

       
    mkdir -p $out/bin


     

       
6

       
-

       
    ln -s ${lib.getExe pkgs.gnutar} $out/bin/gtar


     

       
7

       
-

       
  '';


     

       
8

       
-

       
  in


     

       
9

       
-

       
  with pkgs; [


     

       
10

       
-

       
    nix


     

       
11

       
-

       
    nixci


     

       
12

       
-

       
    cachix


     

       
13

       
-

       
    coreutils


     

       
14

       
-

       
    which


     

       
15

       
-

       
    jq


     

       
16

       
-

       
    gtar


     

       
17

       
-

       
    docker


     

       
18

       
-

       
    curl


     

       
19

       
-

       
  ];


     

       
20

       
-

       



     

       
21

       
-

       
in


     

       
22

       
-

       
{


     

       
23

       
-

       
  services.github-runners = {


     

       
24

       
-

       
    simplelink = {


     

       
25

       
-

       
      enable     = true;


     

       
26

       
-

       
      name       = "simplelink";


     

       
27

       
-

       
      url        = "https://github.com/waveringana/simplelink";


     

       
28

       
-

       
      token  = config.age.secrets."build-token".path;


     

       
29

       
-

       
      user = "regent";


     

       
30

       
-

       
      group = "docker";


     

       
31

       
-

       
      extraPackages = extraPackages;


     

       
32

       
-

       
     };


     

       
33

       
-

       
  };


     

       
34

       
-

       
}


     

       
35

       
-

       



     
···