commit 93f1e8def39de1f7d7c994686d819e107b899384 · ptr.pet/ark

+21

_sources/generated.json

···

       61
       61
        
               },

     

       62
       62
        
               "version": "be828766411cad04c194c8f714d46aa2b2596362"

     

       63
       63
        
           },

     

       64
       64
       +
           "headplane": {

     

       65
       65
       +
               "cargoLocks": null,

     

       66
       66
       +
               "date": "2025-07-23",

     

       67
       67
       +
               "extract": null,

     

       68
       68
       +
               "name": "headplane",

     

       69
       69
       +
               "passthru": null,

     

       70
       70
       +
               "pinned": false,

     

       71
       71
       +
               "src": {

     

       72
       72
       +
                   "deepClone": false,

     

       73
       73
       +
                   "fetchSubmodules": false,

     

       74
       74
       +
                   "leaveDotGit": false,

     

       75
       75
       +
                   "name": null,

     

       76
       76
       +
                   "owner": "90-008",

     

       77
       77
       +
                   "repo": "headplane",

     

       78
       78
       +
                   "rev": "e9fe8625db3b03c121e0b7fb50add4cd729d986c",

     

       79
       79
       +
                   "sha256": "sha256-KM7Jxrab3o38tJr3gA6wQ2zalZ2N5yK4d65r3KhGZKg=",

     

       80
       80
       +
                   "sparseCheckout": [],

     

       81
       81
       +
                   "type": "github"

     

       82
       82
       +
               },

     

       83
       83
       +
               "version": "e9fe8625db3b03c121e0b7fb50add4cd729d986c"

     

       84
       84
       +
           },

     

       64
       85
        
           "home": {

     

       65
       86
        
               "cargoLocks": null,

     

       66
       87
        
               "date": "2025-07-22",

+12

_sources/generated.nix

···

       39
       39
        
           };

     

       40
       40
        
           date = "2025-07-21";

     

       41
       41
        
         };

     

       42
       42
       +
         headplane = {

     

       43
       43
       +
           pname = "headplane";

     

       44
       44
       +
           version = "e9fe8625db3b03c121e0b7fb50add4cd729d986c";

     

       45
       45
       +
           src = fetchFromGitHub {

     

       46
       46
       +
             owner = "90-008";

     

       47
       47
       +
             repo = "headplane";

     

       48
       48
       +
             rev = "e9fe8625db3b03c121e0b7fb50add4cd729d986c";

     

       49
       49
       +
             fetchSubmodules = false;

     

       50
       50
       +
             sha256 = "sha256-KM7Jxrab3o38tJr3gA6wQ2zalZ2N5yK4d65r3KhGZKg=";

     

       51
       51
       +
           };

     

       52
       52
       +
           date = "2025-07-23";

     

       53
       53
       +
         };

     

       42
       54
        
         home = {

     

       43
       55
        
           pname = "home";

     

       44
       56
        
           version = "0cdfcdbb525b77b951c889b6131047bc374f48fe";

+50

hosts/wolumonde/modules/headplane.nix

···

       1
       1
       +
       {lib, config, pkgs, terra, inputs, ...}:

     

       2
       2
       +
       let

     

       3
       3
       +
         format = pkgs.formats.yaml {};

     

       4
       4
       +
       

     

       5
       5
       +
         # A workaround generate a valid Headscale config accepted by Headplane when `config_strict == true`.

     

       6
       6
       +
         settings = lib.recursiveUpdate config.services.headscale.settings {

     

       7
       7
       +
           acme_email = "/dev/null";

     

       8
       8
       +
           tls_cert_path = "/dev/null";

     

       9
       9
       +
           tls_key_path = "/dev/null";

     

       10
       10
       +
           policy.path = "/dev/null";

     

       11
       11
       +
           oidc.client_secret_path = "/dev/null";

     

       12
       12
       +
         };

     

       13
       13
       +
       

     

       14
       14
       +
         headscaleConfig = format.generate "headscale.yml" settings;

     

       15
       15
       +
       

     

       16
       16
       +
         cfg = config.services.headplane.settings;

     

       17
       17
       +
       in {

     

       18
       18
       +
         imports = ["${inputs.headplane}/nix/module.nix"];

     

       19
       19
       +
       

     

       20
       20
       +
         services.headplane = {

     

       21
       21
       +
           enable = true;

     

       22
       22
       +
           package = terra.headplane;

     

       23
       23
       +
           agent.enable = false;

     

       24
       24
       +
           settings = {

     

       25
       25
       +
             server = {

     

       26
       26
       +
               host = "0.0.0.0";

     

       27
       27
       +
               port = 4444;

     

       28
       28
       +
               cookie_secret = lib.fixedWidthString 32 "0" "";

     

       29
       29
       +
               cookie_secure = false;

     

       30
       30
       +
             };

     

       31
       31
       +
             headscale = {

     

       32
       32
       +
               url = config.services.headscale.settings.server_url;

     

       33
       33
       +
               config_path = "${headscaleConfig}";

     

       34
       34
       +
               config_strict = true;

     

       35
       35
       +
             };

     

       36
       36
       +
             integration.proc.enabled = true;

     

       37
       37
       +
             oidc = {

     

       38
       38
       +
               issuer = config.services.pocket-id.settings.APP_URL;

     

       39
       39
       +
               client_id = "2aae8944-94c3-42bb-8cb9-86ce85b1ee43";

     

       40
       40
       +
               client_secret = "";

     

       41
       41
       +
               token_endpoint_auth_method = "client_secret_post";

     

       42
       42
       +
               headscale_api_key = "";

     

       43
       43
       +
               disable_api_key_login = true;

     

       44
       44
       +
               redirect_uri = "http://wolumonde:${toString cfg.server.port}/admin/oidc/callback";

     

       45
       45
       +
             };

     

       46
       46
       +
           };

     

       47
       47
       +
         };

     

       48
       48
       +
         age.secrets.headplaneSecrets.file = ../../../secrets/headplaneSecrets.age;

     

       49
       49
       +
         systemd.services.headplane.serviceConfig.EnvironmentFile = config.age.secrets.headplaneSecrets.path;

     

       50
       50
       +
       }

+1

hosts/wolumonde/modules/headscale.nix

···

       15
       15
        
           port = 1111;

     

       16
       16
        
           settings = {

     

       17
       17
        
             server_url = "https://${domain}";

     

       18
       18
       +
             policy.mode = "database";

     

       18
       19
        
             dns = {

     

       19
       20
        
               base_domain = "lan.${rootDomain}";

     

       20
       21
        
               nameservers.global = ["1.1.1.1" "1.0.0.1" "9.9.9.9" "149.112.112.112"];

+4

nvfetcher.toml

···

       1
       1
        
       # nvfetcher configuration for Nix flake inputs

     

       2
       2
        
       

     

       3
       3
       +
       [headplane]

     

       4
       4
       +
       src.git = "https://github.com/90-008/headplane"

     

       5
       5
       +
       fetch.github = "90-008/headplane"

     

       6
       6
       +
       

     

       3
       7
        
       [lix-module]

     

       4
       8
        
       src.manual = "2.93.2-1"

     

       5
       9
        
       fetch.tarball = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.2-1.tar.gz"

+1

pkgs-set/pkgs/headplane.nix

···

       1
       1
       +
       {callPackage, inputs, ...}: callPackage "${inputs.headplane}/nix/package.nix" {}

secrets/headplaneSecrets.age

This is a binary file and will not be displayed.

+4

secrets/secrets.nix

···

       58
       58
        
           yusdacra

     

       59
       59
        
           wolumonde

     

       60
       60
        
         ];

     

       61
       61
       +
         "headplaneSecrets.age".publicKeys = [

     

       62
       62
       +
           yusdacra

     

       63
       63
       +
           wolumonde

     

       64
       64
       +
         ];

     

       61
       65
        
         "tailscaleAuthKey.age".publicKeys = [

     

       62
       66
        
           yusdacra

     

       63
       67
        
           wolumonde