James/eve-psr-nix0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Misc system changes and nix flake update

Browse Source
This commit is contained in:
James Eversole
2025-07-24 08:08:22 -05:00
parent fc3979e64b
commit ff550b960e
8 changed files with 142 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

141
flake.lock generated
View File

@ -10,11 +10,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1736955230,
"narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=",
"lastModified": 1750173260,
"narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=",
"owner": "ryantm",
"repo": "agenix",
"rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c",
"rev": "531beac616433bac6f9e2a19feb8e99a22a66baf",
"type": "github"
},
"original": {
@ -39,20 +39,59 @@
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"lix": {
"inputs": {
"flake-compat": "flake-compat_2",
"nix2container": "nix2container",
"nixpkgs": "nixpkgs",
"nixpkgs-regression": "nixpkgs-regression",
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1737234286,
"narHash": "sha256-CCKIAE84dzkrnlxJCKFyffAxP3yfsOAbdvydUGqq24g=",
"rev": "2837da71ec1588c1187d2e554719b15904a46c8b",
"revCount": 16631,
"type": "git",
"url": "https://git.lix.systems/lix-project/lix"
},
"original": {
"rev": "2837da71ec1588c1187d2e554719b15904a46c8b",
"type": "git",
"url": "https://git.lix.systems/lix-project/lix"
}
},
"nix-serve-ng": {
"inputs": {
"flake-compat": "flake-compat",
"lix": "lix",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1733148767,
"narHash": "sha256-Ht5wD/n2I/tQWNgYIdmi3UQbm1FNwp9m9JmDjZEd6ng=",
"lastModified": 1748458972,
"narHash": "sha256-N6c3NozYqAGwmjf+k5GHOZzlcquDntrJwsZQ7O2sqtQ=",
"owner": "aristanetworks",
"repo": "nix-serve-ng",
"rev": "6e8d82a451fccbaa4714da8f7a3db5907bdfa96d",
"rev": "1d21f73a2d563ffbb924a4244c29b35e898caefe",
"type": "github"
},
"original": {
@ -61,28 +100,45 @@
"type": "github"
}
},
"nix2container": {
"flake": false,
"locked": {
"lastModified": 1724996935,
"narHash": "sha256-njRK9vvZ1JJsP8oV2OgkBrpJhgQezI03S7gzskCcHos=",
"owner": "nlewo",
"repo": "nix2container",
"rev": "fa6bb0a1159f55d071ba99331355955ae30b3401",
"type": "github"
},
"original": {
"owner": "nlewo",
"repo": "nix2container",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1741332913,
"narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=",
"lastModified": 1733348545,
"narHash": "sha256-b4JrUmqT0vFNx42aEN9LTWOHomkTKL/ayLopflVf81U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "20755fa05115c84be00b04690630cb38f0a203ad",
"rev": "9ecb50d2fae8680be74c08bb0a995c5383747f89",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-24.11",
"type": "indirect"
"owner": "NixOS",
"ref": "nixos-24.11-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1740877520,
"narHash": "sha256-oiwv/ZK/2FhGxrCkQkB83i7GnWXPPLzoqFHpDD3uYpk=",
"lastModified": 1751159883,
"narHash": "sha256-urW/Ylk9FIfvXfliA1ywh75yszAbiTEVgpPeinFyVZo=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "147dee35aab2193b174e4c0868bd80ead5ce755c",
"rev": "14a40a1d7fb9afa4739275ac642ed7301a9ba1ab",
"type": "github"
},
"original": {
@ -91,16 +147,47 @@
"type": "github"
}
},
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1753115646,
"narHash": "sha256-yLuz5cz5Z+sn8DRAfNkrd2Z1cV6DaYO9JMrEz4KZo/c=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "92c2e04a475523e723c67ef872d8037379073681",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-25.05",
"type": "indirect"
}
},
"parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1741352980,
"narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=",
"lastModified": 1753121425,
"narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9",
"rev": "644e0fc48951a860279da645ba77fe4a6e814c5e",
"type": "github"
},
"original": {
@ -109,11 +196,27 @@
"type": "github"
}
},
"pre-commit-hooks": {
"flake": false,
"locked": {
"lastModified": 1733318908,
"narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "6f4e2a2112050951a314d2733a994fbab94864c6",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"nix-serve-ng": "nix-serve-ng",
"nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_2",
"parts": "parts"
}
},

2
flake.nix
View File

@ -2,7 +2,7 @@
description = "eve-psr-nix0 - Home Server";
inputs = {
nixpkgs.url = "nixpkgs/nixos-24.11";
nixpkgs.url = "nixpkgs/nixos-25.05";
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";

8
nix/application/containers.nix
View File

@ -28,7 +28,7 @@
"/home/sezycei/srv/containerdata/gitea/config:/etc/gitea"
];
ports = [ "8027:3000" "23231:2222"];
environment =
environment =
{
GITEA_APP_INI = "/etc/gitea/app.ini";
GITEA_CUSTOM = "/var/lib/gitea/custom";
@ -48,13 +48,13 @@
"/home/sezycei/srv/containerdata/gitea/runner/data:/data"
"/run/podman/podman.sock:/var/run/docker.sock"
];
environment =
environment =
{
CONFIG_FILE = "/config.yaml";
GITEA_INSTANCE_URL = "https://git.eversole.co";
GITEA_RUNNER_REGISTRATION_TOKEN = "Rxl7OYPb4ysOmDZB3jnmzm7hJtQQYeaKHdn4jrbR";
GITEA_RUNNER_NAME = "nix0-primary";
};
};
@ -96,7 +96,7 @@
volumes = [
"/home/sezycei/srv/containerdata/purr/data:/app/data"
];
environment = {
environment = {
ENVIRONMENT = "production";
APPLICATIONHOST = "localhost";
APPLICATIONPORT = "3000";

9
nix/application/nginx.nix
View File

@ -88,6 +88,15 @@
'';
};
"jame.su" = static { dir = "/var/www/jame.su"; };
"llm.matri.cx" = proxiedLAN {
target = "http://192.168.0.94:11434";
extra = ''
proxy_connect_timeout 1800s;
proxy_send_timeout 1800s;
proxy_read_timeout 1800s;
send_timeout 1800s;
'';
};
"matri.cx" = static { dir = "/var/www/matri.cx"; };
"media.matri.cx" = proxied { target = "http://127.0.0.1:8096"; };
"purr.eversole.co" = proxied { target = "http://127.0.0.1:5195"; };

2
nix/system/backups.nix
View File

@ -13,7 +13,7 @@
"${config.users.users.sezycei.home}/keys"
"${config.users.users.sezycei.home}/dev"
];
exclude = [
"*minecraft/OLD*"
];

4
nix/system/dns.nix
View File

@ -12,7 +12,7 @@
mail.matri.cx {
template IN A {
answer "{{ .Name }} 0 IN A 149.28.112.101"
answer "{{ .Name }} 0 IN A 216.128.148.134"
}
}
@ -37,7 +37,7 @@
box.eversole.co {
template IN A {
answer "{{ .Name }} 0 IN A 149.28.112.101"
answer "{{ .Name }} 0 IN A 216.128.148.134"
}
}

4
nix/system/network.nix
View File

@ -2,8 +2,8 @@
networking = {
hostName = "eve-psr-nix0";
firewall = {
allowedTCPPorts = [ 22 80 443 5000 23231 23232 23233 ];
allowedUDPPorts = [ 53 51820 config.services.tailscale.port ];
allowedTCPPorts = [ 22 80 443 5000 23231 23232 23233 20443 ];
allowedUDPPorts = [ 53 51820 config.services.tailscale.port 20443 ];
extraCommands = ''
iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o enp1s0 -j MASQUERADE
'';

2
nix/system/nix-conf.nix
View File

@ -1,7 +1,7 @@
{ config, ... }: {
services = {
nix-serve = {
enable = true;
enable = false;
secretKeyFile = config.age.secrets.cache-key.path;
};
};