James/eve-psr-nix0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updates!

Browse Source
This commit is contained in:
James Eversole
2025-11-18 13:06:31 -06:00
parent ff550b960e
commit 10c3898b0b
7 changed files with 79 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

171
flake.lock generated
View File

@@ -10,11 +10,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1750173260, "lastModified": 1762618334,
"narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", "rev": "fcdea223397448d35d9b31f798479227e80183f6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -26,11 +26,11 @@
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1673956053, "lastModified": 1761588595,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -39,59 +39,20 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"lix": {
"inputs": {
"flake-compat": "flake-compat_2",
"nix2container": "nix2container",
"nixpkgs": "nixpkgs",
"nixpkgs-regression": "nixpkgs-regression",
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1737234286,
"narHash": "sha256-CCKIAE84dzkrnlxJCKFyffAxP3yfsOAbdvydUGqq24g=",
"rev": "2837da71ec1588c1187d2e554719b15904a46c8b",
"revCount": 16631,
"type": "git",
"url": "https://git.lix.systems/lix-project/lix"
},
"original": {
"rev": "2837da71ec1588c1187d2e554719b15904a46c8b",
"type": "git",
"url": "https://git.lix.systems/lix-project/lix"
}
},
"nix-serve-ng": { "nix-serve-ng": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
"lix": "lix",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1748458972, "lastModified": 1763069480,
"narHash": "sha256-N6c3NozYqAGwmjf+k5GHOZzlcquDntrJwsZQ7O2sqtQ=", "narHash": "sha256-dbjGP/uD2WeGYf6A5CmLb6z5owleoYXybFbkTcWSvxA=",
"owner": "aristanetworks", "owner": "aristanetworks",
"repo": "nix-serve-ng", "repo": "nix-serve-ng",
"rev": "1d21f73a2d563ffbb924a4244c29b35e898caefe", "rev": "3b9c80f78501813b1a29c5b33a3ccc50a7506f0e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -100,76 +61,13 @@
"type": "github" "type": "github"
} }
}, },
"nix2container": {
"flake": false,
"locked": {
"lastModified": 1724996935,
"narHash": "sha256-njRK9vvZ1JJsP8oV2OgkBrpJhgQezI03S7gzskCcHos=",
"owner": "nlewo",
"repo": "nix2container",
"rev": "fa6bb0a1159f55d071ba99331355955ae30b3401",
"type": "github"
},
"original": {
"owner": "nlewo",
"repo": "nix2container",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1733348545, "lastModified": 1763334038,
"narHash": "sha256-b4JrUmqT0vFNx42aEN9LTWOHomkTKL/ayLopflVf81U=", "narHash": "sha256-LBVOyaH6NFzQ3X/c6vfMZ9k4SV2ofhpxeL9YnhHNJQQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9ecb50d2fae8680be74c08bb0a995c5383747f89", "rev": "4c8cdd5b1a630e8f72c9dd9bf582b1afb3127d2c",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1751159883,
"narHash": "sha256-urW/Ylk9FIfvXfliA1ywh75yszAbiTEVgpPeinFyVZo=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "14a40a1d7fb9afa4739275ac642ed7301a9ba1ab",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1753115646,
"narHash": "sha256-yLuz5cz5Z+sn8DRAfNkrd2Z1cV6DaYO9JMrEz4KZo/c=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "92c2e04a475523e723c67ef872d8037379073681",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -178,16 +76,31 @@
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1761765539,
"narHash": "sha256-b0yj6kfvO8ApcSE+QmA6mUfu8IYG6/uU28OFn4PaC8M=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "719359f4562934ae99f5443f20aa06c2ffff91fc",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"parts": { "parts": {
"inputs": { "inputs": {
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1753121425, "lastModified": 1762980239,
"narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", "narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", "rev": "52a2caecc898d0b46b2b905f058ccc5081f842da",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -196,27 +109,11 @@
"type": "github" "type": "github"
} }
}, },
"pre-commit-hooks": {
"flake": false,
"locked": {
"lastModified": 1733318908,
"narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "6f4e2a2112050951a314d2733a994fbab94864c6",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"nix-serve-ng": "nix-serve-ng", "nix-serve-ng": "nix-serve-ng",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs",
"parts": "parts" "parts": "parts"
} }
}, },
@@ -255,11 +152,11 @@
"systems": "systems_2" "systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1687709756, "lastModified": 1731533236,
"narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=", "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7", "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github" "type": "github"
}, },
"original": { "original": {

4
nix/application/containers.nix
View File

@@ -23,7 +23,7 @@
}; };
gitea = { gitea = {
image = "docker.io/gitea/gitea:1.24.0-rc0-rootless"; image = "docker.io/gitea/gitea:1.25.0-rootless";
volumes = [ "/home/sezycei/srv/containerdata/gitea/data:/var/lib/gitea" volumes = [ "/home/sezycei/srv/containerdata/gitea/data:/var/lib/gitea"
"/home/sezycei/srv/containerdata/gitea/config:/etc/gitea" "/home/sezycei/srv/containerdata/gitea/config:/etc/gitea"
]; ];
@@ -146,7 +146,7 @@
}; };
vaultwarden = { vaultwarden = {
image = "vaultwarden/server:1.33.2"; image = "vaultwarden/server:1.34.3";
ports = [ "40080:80" ]; ports = [ "40080:80" ];
volumes = [ volumes = [
"/home/sezycei/srv/containerdata/bitwarden/data:/data" "/home/sezycei/srv/containerdata/bitwarden/data:/data"

2
nix/application/nginx.nix
View File

@@ -87,7 +87,6 @@
proxy_set_header X-Request-Base "https://hydra.matri.cx"; proxy_set_header X-Request-Base "https://hydra.matri.cx";
''; '';
}; };
"jame.su" = static { dir = "/var/www/jame.su"; };
"llm.matri.cx" = proxiedLAN { "llm.matri.cx" = proxiedLAN {
target = "http://192.168.0.94:11434"; target = "http://192.168.0.94:11434";
extra = '' extra = ''
@@ -102,7 +101,6 @@
"purr.eversole.co" = proxied { target = "http://127.0.0.1:5195"; }; "purr.eversole.co" = proxied { target = "http://127.0.0.1:5195"; };
"pw.eversole.co" = proxied { target = "http://127.0.0.1:40080"; }; "pw.eversole.co" = proxied { target = "http://127.0.0.1:40080"; };
"sezycei.com" = static { dir = "/var/www/sezycei.com"; }; "sezycei.com" = static { dir = "/var/www/sezycei.com"; };
"snakebelmont.com" = static { dir = "/var/www/snakebelmont.com"; };
"transmission.matri.cx" = proxiedLAN { target = "http://127.0.0.1:9091"; }; "transmission.matri.cx" = proxiedLAN { target = "http://127.0.0.1:9091"; };
"vpn.matri.cx" = { "vpn.matri.cx" = {
forceSSL = true; forceSSL = true;

14
nix/system/dns.nix
View File

@@ -59,7 +59,7 @@
} }
} }
*.ycombinator.com { news.ycombinator.com {
template IN A { template IN A {
answer "{{ .Name }} 0 IN A 127.0.0.1" answer "{{ .Name }} 0 IN A 127.0.0.1"
} }
@@ -70,6 +70,18 @@
answer "{{ .Name }} 0 IN A 127.0.0.1" answer "{{ .Name }} 0 IN A 127.0.0.1"
} }
} }
4chan.org {
template IN A {
answer "{{ .Name }} 0 IN A 127.0.0.1"
}
}
*.4chan.org {
template IN A {
answer "{{ .Name }} 0 IN A 127.0.0.1"
}
}
''; '';
}; };
} }

5
nix/system/hardware.nix
View File

@@ -32,7 +32,10 @@
}; };
}; };
swapDevices = [ ]; swapDevices = [{
device = "/swap";
size = (8 * 1024);
}];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

4
nix/system/network.nix
View File

@@ -2,8 +2,8 @@
networking = { networking = {
hostName = "eve-psr-nix0"; hostName = "eve-psr-nix0";
firewall = { firewall = {
allowedTCPPorts = [ 22 80 443 5000 23231 23232 23233 20443 ]; allowedTCPPorts = [ 22 80 443 4242 5000 23231 23232 23233 20443 ];
allowedUDPPorts = [ 53 51820 config.services.tailscale.port 20443 ]; allowedUDPPorts = [ 53 4242 51820 config.services.tailscale.port 20443 ];
extraCommands = '' extraCommands = ''
iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o enp1s0 -j MASQUERADE iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o enp1s0 -j MASQUERADE
''; '';

12
nix/user/users.nix
View File

@@ -2,7 +2,8 @@
programs.bash.promptInit = '' programs.bash.promptInit = ''
PS1='\u@\h:\w\n-> ' PS1='\u@\h:\w\n-> '
''; '';
users.users = { users = {
users = {
sezycei = { sezycei = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "nginx" ]; extraGroups = [ "wheel" "nginx" ];
@@ -19,5 +20,14 @@
isNormalUser = true; isNormalUser = true;
homeMode = "770"; homeMode = "770";
}; };
reticulum = {
isSystemUser = true;
description = "Reticulum daemon user";
group = "reticulum";
home = "/var/lib/reticulum";
createHome = true;
};
};
groups.reticulum = {};
}; };
} }