diff options
| -rw-r--r-- | chaski/configuration.nix | 1 | ||||
| -rw-r--r-- | chaski/services/headscale.nix | 40 | ||||
| -rw-r--r-- | flora/services/cgit.nix | 4 | ||||
| -rw-r--r-- | home/home.nix | 5 | ||||
| -rw-r--r-- | home/newsboat-public.nix | 8 | ||||
| -rw-r--r-- | npins/sources.json | 46 | ||||
| -rw-r--r-- | surltesh-echer/configuration.scm | 7 | ||||
| -rw-r--r-- | surltesh-echer/home/home-configuration.scm | 2 |
8 files changed, 82 insertions, 31 deletions
diff --git a/chaski/configuration.nix b/chaski/configuration.nix index da8fdaf..6339d32 100644 --- a/chaski/configuration.nix +++ b/chaski/configuration.nix @@ -12,6 +12,7 @@ ./services/chat.nix ./services/bahnhof-name.nix ./services/conduit.nix + ./services/headscale.nix ]; sops.defaultSopsFile = ../secrets/chaski.yaml; diff --git a/chaski/services/headscale.nix b/chaski/services/headscale.nix new file mode 100644 index 0000000..8240d93 --- /dev/null +++ b/chaski/services/headscale.nix @@ -0,0 +1,40 @@ +{ config, lib, pkgs, ... }: + +{ + services.headscale = { + enable = true; + settings = { + server_url = "https://headscale.noms.ing"; + listen_addr = "127.0.0.1:8323"; + + # oidc = { + # only_start_if_oidc_is_available = true; + # issuer = "https://idm.cuties.network/oauth2/openid/headscale"; + # client_id = "headscale"; + # client_secret_path = "/run/secrets/headscale_oidc_secret"; + # strip_email_domain = true; + # }; + + dns_config.magic_dns = true; + dns_config.domains = [ "nodes.headscale.noms.ing" ]; + # dns_config.base_domain = "ts.cuties.network"; + }; + }; + + users.users.headscale.extraGroups = [ config.users.groups.keys.name ]; + # sops.secrets.headscale_oidc_secret = { + # owner = config.users.users.headscale.name; + # sopsFile = ./headscale.sops.yaml; + # }; + + services.nginx.virtualHosts."headscale.noms.ing" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://localhost:8323"; + proxyWebsockets = true; + }; + }; + + services.tailscale.enable = true; +} diff --git a/flora/services/cgit.nix b/flora/services/cgit.nix index 1d307e3..1dae737 100644 --- a/flora/services/cgit.nix +++ b/flora/services/cgit.nix @@ -82,7 +82,7 @@ in locations."~ /git(/[^/]*/(info/refs|git-(upload|receive)-pack|objects/info/packs))" = { extraConfig = '' - fastcgi_pass unix:${config.services.fcgiwrap.socketAddress}; + fastcgi_pass unix:${config.services.fcgiwrap.instances.cgit.socket.address}; include ${pkgs.nginx}/conf/fastcgi_params; fastcgi_param SCRIPT_FILENAME ${pkgs.gitMinimal}/bin/git-http-backend; fastcgi_param GIT_HTTP_EXPORT_ALL ""; @@ -93,7 +93,7 @@ in locations."~ /git/forks(/.*/(info/refs|git-(upload|receive)-pack|objects/info/packs))" = { extraConfig = '' - fastcgi_pass unix:${config.services.fcgiwrap.socketAddress}; + fastcgi_pass unix:${config.services.fcgiwrap.instances.cgit.socket.address}; include ${pkgs.nginx}/conf/fastcgi_params; fastcgi_param SCRIPT_FILENAME ${pkgs.gitMinimal}/bin/git-http-backend; fastcgi_param GIT_HTTP_EXPORT_ALL ""; diff --git a/home/home.nix b/home/home.nix index 22640b9..0452e0f 100644 --- a/home/home.nix +++ b/home/home.nix @@ -316,6 +316,11 @@ user = "git"; identityFile = keydir + "/id_surltesh-echer"; }; + "encoder* mixer* atem* minion*" = { + # hostname = "%h.lan.c3voc.de"; + user = "voc"; + extraOptions.StrictHostKeyChecking = "no"; + }; "nobelium" = { hostname = "no.colorspace.club"; user = "root"; diff --git a/home/newsboat-public.nix b/home/newsboat-public.nix index 1bd5bcb..8216b14 100644 --- a/home/newsboat-public.nix +++ b/home/newsboat-public.nix @@ -29,6 +29,7 @@ with import ./newsboat-lib.nix; (ntag "https://www.gdl.de/feed.rss" "trains") (ntag "https://www.transformativeworks.org/feed" "fandom") (ntag "https://haskell.github.io/security-advisories/atom.xml" "comp") + (ntag "https://blog.haskell.org/atom.xml" "comp") # blogs (btag "https://scilogs.spektrum.de/klimalounge/feed/" "climate") @@ -205,6 +206,9 @@ with import ./newsboat-lib.nix; (btag "https://blog.poisson.chat/rss.xml" "comp") (btag "https://blog.nadja.top/feed.rss" "hardware") (btag "https://matttproud.com/blog/index.xml" "comp") + (btag "https://www.rntz.net/blog/atom.xml" "comp") + (btag "https://realdougwilson.com/feed.xml" "fonts") + (btag "https://feeds.feedburner.com/balpha" "fonts") # paper (btag "http://arxiv.org/rss/cs.PL" "paper") @@ -269,6 +273,10 @@ with import ./newsboat-lib.nix; (ytag "UC6IxnFzHofFJ5X2PycSMsww" "stuff") # xkcd's What If? (ytag "UClgXF_jwWAwPRu8nT1g90xQ" "stuff") # Matt Gray (ytag "UCqqJQ_cXSat0KIAVfIfKkVA" "food") # Kenji + (ytag "UCK48_8v5k90EXEYRD5mATlw" "plants") # techplant + (ytag "UChIwaIJ8nxk8nskUZJD2yyg" "plants") # plants in jars + (ytag "UCWYSiz0rqNEJ0mX4a45Lhrw" "plants") # nick alexander + (ytag "UC9_p50tH3WmMslWRWKnM7dQ" "food") # Adam Ragusea (blender 2737) # blender developers (blender 10) # reels (blender 9) # open movies diff --git a/npins/sources.json b/npins/sources.json index 53bc46b..260317b 100644 --- a/npins/sources.json +++ b/npins/sources.json @@ -29,9 +29,9 @@ "url": "ssh://cgit/~/blog" }, "branch": "main", - "revision": "58e380da3f6cc57bc8673067973d880c209c011c", + "revision": "8ab8e7f9580b1144baf511d206188dece7b13bc8", "url": null, - "hash": "129v5q9ayf63v616rjy88v07i2brl8s7hw6s2yxsxvknyrnykbj7" + "hash": "1n78xgl5vfnfvjd2q7zycpy295y0qi2s028yjwgk3pb0zlk43wvs" }, "deploy-rs": { "type": "Git", @@ -78,9 +78,9 @@ "repo": "home-manager" }, "branch": "release-24.05", - "revision": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", - "url": "https://github.com/nix-community/home-manager/archive/e1391fb22e18a36f57e6999c7a9f966dc80ac073.tar.gz", - "hash": "0c83di08nhkzq0cwc3v7aax3x8y5m7qahyzxppinzwxi3r8fnjq3" + "revision": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "url": "https://github.com/nix-community/home-manager/archive/2f23fa308a7c067e52dfcc30a0758f47043ec176.tar.gz", + "hash": "00wp0s9b5nm5rsbwpc1wzfrkyxxmqjwsc1kcibjdbfkh69arcpsn" }, "isabelle-utils": { "type": "Git", @@ -100,9 +100,9 @@ "url": "git+ssh://git@git.lix.systems/lix-project/lix" }, "branch": "main", - "revision": "02eb07cfd539c34c080cb1baf042e5e780c1fcc2", + "revision": "6b7076f81c25941559f7d132a5ebc2fcfcedcc4d", "url": null, - "hash": "1zbgg9mkydfgv2c0h39xys62kwqzd8f1rczcia0l47gf4fmz05a0" + "hash": "1kv0yxaw1mfi9c99g940m0w8aqfnpwnwrxpd43920xqnd928jxli" }, "lix-nixos-module": { "type": "Git", @@ -111,9 +111,9 @@ "url": "git+ssh://git@git.lix.systems/lix-project/nixos-module" }, "branch": "main", - "revision": "cecf70b77539c1a593f60ec9d0305b5e537ab6a9", + "revision": "fd186f535a4ac7ae35d98c1dd5d79f0a81b7976d", "url": null, - "hash": "0dk8x931mvbkn4smfxr5gdrhdvwpdxqxd1gwc8v7p4naan8wwgxd" + "hash": "0jxpqaz12lqibg03iv36sa0shfvamn2yhg937llv3kl4csijd34f" }, "nixpkgs": { "type": "Git", @@ -123,9 +123,9 @@ "repo": "nixpkgs" }, "branch": "nixos-24.05", - "revision": "6e99f2a27d600612004fbd2c3282d614bfee6421", - "url": "https://github.com/NixOS/nixpkgs/archive/6e99f2a27d600612004fbd2c3282d614bfee6421.tar.gz", - "hash": "1qwbrn2cb1x9clkhqmdnx5r8v11168p3nx14h3r9wcml0bgblpvr" + "revision": "080166c15633801df010977d9d7474b4a6c549d7", + "url": "https://github.com/NixOS/nixpkgs/archive/080166c15633801df010977d9d7474b4a6c549d7.tar.gz", + "hash": "17sls93qjqr0dsh31xph33m1f1x67gs22s3cr8qv20bm8zkab9y4" }, "nixpkgs-unstable": { "type": "Git", @@ -135,9 +135,9 @@ "repo": "nixpkgs" }, "branch": "nixpkgs-unstable", - "revision": "b833ff01a0d694b910daca6e2ff4a3f26dee478c", - "url": "https://github.com/NixOS/nixpkgs/archive/b833ff01a0d694b910daca6e2ff4a3f26dee478c.tar.gz", - "hash": "1v3y9km48glcmgzk7h8s9sg5sgv1w86pyad973d981sk84a85cdl" + "revision": "2d2a9ddbe3f2c00747398f3dc9b05f7f2ebb0f53", + "url": "https://github.com/NixOS/nixpkgs/archive/2d2a9ddbe3f2c00747398f3dc9b05f7f2ebb0f53.tar.gz", + "hash": "1v6gpivg8mj4qapdp0y5grapnlvlw8xyh5bjahq9i50iidjr3587" }, "ntfy-matrix-bot": { "type": "Git", @@ -169,9 +169,9 @@ "repo": "rust-overlay" }, "branch": "master", - "revision": "a562172c72d00350f9f2ff830e6515b6e7bee6d5", - "url": "https://github.com/oxalica/rust-overlay/archive/a562172c72d00350f9f2ff830e6515b6e7bee6d5.tar.gz", - "hash": "1wqad73kb8qgm3amlqkx0n4hkcjl0fwh8ki5cgvplgrij8y1sjd1" + "revision": "41814763a2c597755b0755dbe3e721367a5e420f", + "url": "https://github.com/oxalica/rust-overlay/archive/41814763a2c597755b0755dbe3e721367a5e420f.tar.gz", + "hash": "0pphdgma7dm0mhknnmg41ga4779cg47f9v8h2znhy15f79v5l1f5" }, "showrt": { "type": "Git", @@ -204,9 +204,9 @@ "repo": "sops-nix" }, "branch": "master", - "revision": "5db5921e40ae382d6716dce591ea23b0a39d96f7", - "url": "https://github.com/Mic92/sops-nix/archive/5db5921e40ae382d6716dce591ea23b0a39d96f7.tar.gz", - "hash": "0bjdycci2ag4xwsd5xqn8nffn5bfl7y24fzizwbgsx12xk26jgln" + "revision": "e9b5eef9b51cdf966c76143e13a9476725b2f760", + "url": "https://github.com/Mic92/sops-nix/archive/e9b5eef9b51cdf966c76143e13a9476725b2f760.tar.gz", + "hash": "1irwfigc3fcxdm5pc3p9cddv57drjp208sa0hd7bq78b0csdxnyl" }, "traveltext": { "type": "Git", @@ -215,9 +215,9 @@ "url": "https://stuebinm.eu/git/traveltext" }, "branch": "main", - "revision": "b6080abc5661f9323593944f5701d7dd7597afb9", + "revision": "d876202506621eb76012c12cbb0e91fd2bb0ada0", "url": null, - "hash": "0rwfkkq46j7yjbkv3ylpsifzlhq7qlc2svzpbwjyqm65d53dyalm" + "hash": "0886l3r4fnnd6pc699n9l7kzh1y00y6bbdalab90gjqccviwv9cd" }, "uplcg": { "type": "Git", diff --git a/surltesh-echer/configuration.scm b/surltesh-echer/configuration.scm index e97a9f3..7c679c8 100644 --- a/surltesh-echer/configuration.scm +++ b/surltesh-echer/configuration.scm @@ -11,8 +11,7 @@ emacs terminals wm xdisorg shells admin - version-control - nss) + version-control) (use-service-modules desktop base) @@ -52,9 +51,7 @@ ;; window managers hikari emacs kitty fuzzel git - fish - ;; for HTTPS access - nss-certs) + fish) %base-packages)) ;; Use the "desktop" services, which include the X11 diff --git a/surltesh-echer/home/home-configuration.scm b/surltesh-echer/home/home-configuration.scm index 9e87bac..728cfba 100644 --- a/surltesh-echer/home/home-configuration.scm +++ b/surltesh-echer/home/home-configuration.scm @@ -71,7 +71,7 @@ (url "https://git.savannah.gnu.org/git/guix.git") (branch "master") (commit - "5a95cf76e1d0f9fdff5b232b42337c657b76d1d4") + "7a89bbffd081129da8c2c5b58b4e12133bf210c5") (introduction (make-channel-introduction "9edb3f66fd807b096b48283debdcddccfea34bad" |