cy/nixos-config
cy/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: cy:21a07b1e3c174a0f732b233c2966262b5aea9b2d
Branches Tags
cy:main
cy:update
cy:2025-04-14
cy:2025-04-07
cy:2025-04-05
cy:2025-04-04
cy:staging
cy:dogfood-nixcp
cy:no-follows
cy:workflow-test
cy:update_flake_lock_action
cy:caddy-s3
cy:workflow-copy
cy:workflow-lix
cy:test-s3-cache
cy:temp
cy:attic
cy:helix
cy:test
cy:lix-test
cy:bitwarden-patch
cy:chromium
cy:new-attic
cy:canary
cy:downgrade-kernel
cy:soju
cy:kde
cy:shiori
cy:caddy-module
cy:anki-overlay
cy:nixpkgs-master
cy:lix
cy:pan-home
cy:pi
cy:pancake
cy:pancake-sd-image
cy:arm
cy:lix-404
cy:customize-kernel
cy:blueprint
cy:flake-utils
cy:conduwuit-flake
cy:ghostty
cy:zen
cy:lact-fix-test
cy:alvr-test
cy:workflow-refactor
cy:bump-conduwuit
cy:gollum
cy:build
cy:nginx
cy:iso
cy:flake-parts
cy:codespace
cy:sway
cy:minio
cy:garage-module
cy:garage-test
cy:vscode
cy:purge
cy:create-pull-request/patch
cy:garage
cy:harmonia
cy:impermanence
..
compare: cy:2ed6e5a87f4f8033b48c2d336e767320ed284dfc
Branches Tags
cy:main
cy:update
cy:2025-04-14
cy:2025-04-07
cy:2025-04-05
cy:2025-04-04
cy:staging
cy:dogfood-nixcp
cy:no-follows
cy:workflow-test
cy:update_flake_lock_action
cy:caddy-s3
cy:workflow-copy
cy:workflow-lix
cy:test-s3-cache
cy:temp
cy:attic
cy:helix
cy:test
cy:lix-test
cy:bitwarden-patch
cy:chromium
cy:new-attic
cy:canary
cy:downgrade-kernel
cy:soju
cy:kde
cy:shiori
cy:caddy-module
cy:anki-overlay
cy:nixpkgs-master
cy:lix
cy:pan-home
cy:pi
cy:pancake
cy:pancake-sd-image
cy:arm
cy:lix-404
cy:customize-kernel
cy:blueprint
cy:flake-utils
cy:conduwuit-flake
cy:ghostty
cy:zen
cy:lact-fix-test
cy:alvr-test
cy:workflow-refactor
cy:bump-conduwuit
cy:gollum
cy:build
cy:nginx
cy:iso
cy:flake-parts
cy:codespace
cy:sway
cy:minio
cy:garage-module
cy:garage-test
cy:vscode
cy:purge
cy:create-pull-request/patch
cy:garage
cy:harmonia
cy:impermanence

6 commits
21a07b1e3c ... 2ed6e5a87f

Author SHA1 Message Date
cy
2ed6e5a87f
flake.lock: Update 
Flake lock file updates:

• Updated input 'conduwuit':
    'github:girlbossceo/conduwuit/4e5b87d0cd16f3d015f4b61285b369d027bb909d' (2025-04-04)
  → 'github:girlbossceo/conduwuit/d8311a5ff672fdc4729d956af5e3af8646b0670d' (2025-04-09)
• Updated input 'home-manager':
    'github:nix-community/home-manager/ef3b2a6b602c3f1a80c6897d6de3ee62339a3eb7' (2025-04-06)
  → 'github:nix-community/home-manager/273ad32fbb4769ac56e15caccdbdaad2c2e6b88a' (2025-04-14)
• Updated input 'nix-index-database':
    'github:nix-community/nix-index-database/a36f6a7148aec2c77d78e4466215cceb2f5f4bfb' (2025-04-06)
  → 'github:nix-community/nix-index-database/4fc9ea78c962904f4ea11046f3db37c62e8a02fd' (2025-04-13)
• Updated input 'nix-ld':
    'github:nix-community/nix-ld/140451db1cadeef1e7e9e054332b67b7be808916' (2025-03-31)
  → 'github:nix-community/nix-ld/9a3812797e25def1d4aed62b517606b7b93989dc' (2025-04-14)
• Updated input 'rust-overlay':
    'github:oxalica/rust-overlay/9d00c6b69408dd40d067603012938d9fbe95cfcd' (2025-04-06)
  → 'github:oxalica/rust-overlay/fd6795d3d28f956de01a0458b6fa7baae5c793b4' (2025-04-14)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/523f58a4faff6c67f5f685bed33a7721e984c304' (2025-04-06)
  → 'github:Mic92/sops-nix/7e147a1ae90f0d4a374938cdc3df3cdaecb9d388' (2025-04-13)
• Updated input 'vscode-extensions':
    'github:nix-community/nix-vscode-extensions/da51d4cab526bef885e8c95ab2b9455bfe0940d4' (2025-04-06)
  → 'github:nix-community/nix-vscode-extensions/ea3fe071c83dae7e6a485f7f648b4914eabea683' (2025-04-14)
 2025-04-14 13:37:55 -04:00
cy
892f42ed2a
use nixpkgs unstable 2025-04-14 13:37:13 -04:00
cy
1573032ace
try not using lix 2025-04-14 13:29:51 -04:00
cy
e452f2b753
just don't use matrix anymore 2025-04-14 13:29:51 -04:00
cy
1d851c93f1
install nil 2025-04-14 13:29:51 -04:00
cy
fecdb66f77
use lix from nixpkgs 2025-04-14 10:45:00 -04:00
9 changed files with 775 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

46
.github/workflows/build-machines-and-homes.yml vendored
View file

@ -8,8 +8,6 @@ env:
TERM: ansi TERM: ansi
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets. AWS_SECRET_ACCESS_KEY }} AWS_SECRET_ACCESS_KEY: ${{ secrets. AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-1
AWS_ENDPOINT_URL: https://s3.cy7.sh
jobs: jobs:
build-machines: build-machines:
@ -37,7 +35,7 @@ jobs:
build-mount-path: /nix build-mount-path: /nix
- name: setup binary cache key - name: setup binary cache key
run: echo -n "${{ secrets.NIX_CACHE_SECRET_KEY }}" | xxd -p -r > ${{ runner.temp }}/cache-priv-key.pem run: echo "${{ secrets.NIX_CACHE_SECRET_KEY }}" >> /home/runner/cache-priv-key.pem
- name: Install Nix - name: Install Nix
uses: cachix/install-nix-action@v30 uses: cachix/install-nix-action@v30
@ -48,9 +46,16 @@ jobs:
experimental-features = nix-command flakes experimental-features = nix-command flakes
accept-flake-config = true accept-flake-config = true
system-features = nixos-test benchmark big-parallel kvm system-features = nixos-test benchmark big-parallel kvm
secret-key-files = ${{ runner.temp }}/cache-priv-key.pem secret-key-files = /home/runner/cache-priv-key.pem
extra-substituters = https://nixcache.cy7.sh extra-substituters = https://nixcache.cy7.sh https://cache.lix.systems
extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=
- name: Install Lix
run: |
sudo --preserve-env=PATH $(which nix) run \
'git+https://git.lix.systems/lix-project/lix?ref=refs/tags/2.92.0' -- \
upgrade-nix
nix --version
- name: Sync repository - name: Sync repository
uses: actions/checkout@v4 uses: actions/checkout@v4
@ -68,11 +73,10 @@ jobs:
if: '!cancelled()' if: '!cancelled()'
run: | run: |
package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel" package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel"
nix run github:cything/nixcp/2025-04-12 -- \ nix run git+https://git.cy7.sh/cy/nixcp.git -- \
push \ --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=zstd' \
--bucket nixcache \
--signing-key ${{ runner.temp }}/cache-priv-key.pem \
-u https://nix-community.cachix.org \ -u https://nix-community.cachix.org \
-u https://nixcache.web.cy7.sh \
$package $package
build-homes: build-homes:
@ -101,7 +105,7 @@ jobs:
build-mount-path: /nix build-mount-path: /nix
- name: setup binary cache key - name: setup binary cache key
run: echo -n "${{ secrets.NIX_CACHE_SECRET_KEY }}" | xxd -p -r > ${{ runner.temp }}/cache-priv-key.pem run: echo "${{ secrets.NIX_CACHE_SECRET_KEY }}" >> /home/runner/cache-priv-key.pem
- name: Install Nix - name: Install Nix
uses: cachix/install-nix-action@v30 uses: cachix/install-nix-action@v30
@ -112,9 +116,16 @@ jobs:
experimental-features = nix-command flakes experimental-features = nix-command flakes
accept-flake-config = true accept-flake-config = true
system-features = nixos-test benchmark big-parallel kvm system-features = nixos-test benchmark big-parallel kvm
secret-key-files = ${{ runner.temp }}/cache-priv-key.pem secret-key-files = /home/runner/cache-priv-key.pem
extra-substituters = https://nixcache.cy7.sh extra-substituters = https://nixcache.cy7.sh https://cache.lix.systems
extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=
- name: Install Lix
run: |
sudo --preserve-env=PATH $(which nix) run \
'git+https://git.lix.systems/lix-project/lix?ref=refs/tags/2.92.0' -- \
upgrade-nix
nix --version
- name: Sync repository - name: Sync repository
uses: actions/checkout@v4 uses: actions/checkout@v4
@ -131,9 +142,8 @@ jobs:
if: '!cancelled()' if: '!cancelled()'
run: | run: |
package=".#homeConfigurations."${{ matrix.home }}".activationPackage" package=".#homeConfigurations."${{ matrix.home }}".activationPackage"
nix run github:cything/nixcp/2025-04-12 -- \ nix run git+https://git.cy7.sh/cy/nixcp.git -- \
push \ --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=zstd' \
--bucket nixcache \
--signing-key ${{ runner.temp }}/cache-priv-key.pem \
-u https://nix-community.cachix.org \ -u https://nix-community.cachix.org \
-u https://nixcache.web.cy7.sh \
$package $package

33
.github/workflows/build-packages.yml vendored
View file

@ -11,8 +11,6 @@ env:
TERM: ansi TERM: ansi
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets. AWS_SECRET_ACCESS_KEY }} AWS_SECRET_ACCESS_KEY: ${{ secrets. AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-1
AWS_ENDPOINT_URL: https://s3.cy7.sh
jobs: jobs:
build-packages: build-packages:
@ -24,13 +22,13 @@ jobs:
os: os:
- ubuntu-latest - ubuntu-latest
- ubuntu-24.04-arm - ubuntu-24.04-arm
- macos-latest # - macos-latest
- macos-13 # - macos-13
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: setup binary cache key - name: setup binary cache key
run: echo -n "${{ secrets.NIX_CACHE_SECRET_KEY }}" | xxd -p -r > ${{ runner.temp }}/cache-priv-key.pem run: echo "${{ secrets.NIX_CACHE_SECRET_KEY }}" >> /home/runner/cache-priv-key.pem
- name: Install Nix - name: Install Nix
uses: cachix/install-nix-action@v30 uses: cachix/install-nix-action@v30
@ -41,9 +39,21 @@ jobs:
experimental-features = nix-command flakes experimental-features = nix-command flakes
accept-flake-config = true accept-flake-config = true
system-features = nixos-test benchmark big-parallel kvm system-features = nixos-test benchmark big-parallel kvm
secret-key-files = ${{ runner.temp }}/cache-priv-key.pem secret-key-files = /home/runner/cache-priv-key.pem
extra-substituters = https://nixcache.cy7.sh extra-substituters = https://nixcache.cy7.sh https://cache.lix.systems
extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=
- name: Install Lix
run: |
sudo --preserve-env=PATH $(which nix) run \
'git+https://git.lix.systems/lix-project/lix?ref=refs/tags/2.92.0' -- \
upgrade-nix
nix --version
- name: Sync repository
uses: actions/checkout@v4
with:
persist-credentials: false
- run: nix build -L ${{ matrix.package }} - run: nix build -L ${{ matrix.package }}
@ -51,11 +61,10 @@ jobs:
# https://stackoverflow.com/a/58859404 # https://stackoverflow.com/a/58859404
if: '!cancelled()' if: '!cancelled()'
run: | run: |
nix run github:cything/nixcp/2025-04-12 -- \ nix run git+https://git.cy7.sh/cy/nixcp.git -- \
push \ --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=zstd' \
--bucket nixcache \
--signing-key ${{ runner.temp }}/cache-priv-key.pem \
-u https://nix-community.cachix.org \ -u https://nix-community.cachix.org \
-u https://nixcache.web.cy7.sh \
"${{ matrix.package }}" "${{ matrix.package }}"
- name: prepare tarball to upload - name: prepare tarball to upload

1
README
View file

@ -1 +0,0 @@
this is only open source for free ci

40
README.md Normal file
View file

@ -0,0 +1,40 @@
# infra
## ./home
- [home-manager](https://github.com/nix-community/home-manager) configuration files
- foot, tmux, and zsh are configured in Nix
- nvim, rofi, sway, waybar are configured in their own literature and symlinked to $XDG_CONFIG_HOME with home-manager
## ./hosts
- [`hosts/common.nix`](hosts/common.nix): configuration that makes sense on all computers
- [`hosts/zsh.nix`](hosts/zsh.nix): for computers that have the power to run zsh
### ./hosts/ytnix
- personal laptop
- a single [`default.nix`](hosts/ytnix/default.nix) that could be modularized but works for now
### ./hosts/chunk
- the overworked server with 5% SLA
- very short and concise [`default.nix`](hosts/chunk/default.nix)
- services organized in their modules
- some services run through `virtualisation.oci-containers`:
- [immich](hosts/chunk/immich.nix)
- [conduwuit](hosts/chunk/conduwuit.nix)
### ./hosts/titan
- got this cause chunk would go down way too often :(
- hosted on azure for "reliability"
- runs:
- [ghost](hosts/titan/ghost.nix) (through `virtualisation.oci-containers`)
- [uptime-kuma](hosts/titan/uptime-kuma.nix)
- [ntfy-sh](hosts/titan/ntfy.nix)
## ./secrets
- secrets
- see [`.sops.yaml`](.sops.yaml) for who privy to what
## backups
- hourly borgbackup to [rsync.net](https://rsync.net)
- see [modules/backup](modules/backup.nix)
## monitoring
- [status.cything.io](https://status.cything.io/): uptime kuma (reliable)
- [grafana.cything.io](https://grafana.cything.io/): some real-time metrics here; unlike the status page this will go kaput often

702
flake.lock generated
View file

@ -1,6 +1,171 @@
{ {
"nodes": { "nodes": {
"attic": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"nix-github-actions": "nix-github-actions",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1738524606,
"narHash": "sha256-hPYEJ4juK3ph7kbjbvv7PlU1D9pAkkhl+pwx8fZY53U=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "ff8a897d1f4408ebbf4d45fa9049c06b3e1e3f4e",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"ref": "main",
"repo": "attic",
"type": "github"
}
},
"cachix": {
"inputs": {
"devenv": "devenv",
"flake-compat": "flake-compat_2",
"git-hooks": "git-hooks",
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1737621947,
"narHash": "sha256-8HFvG7fvIFbgtaYAY2628Tb89fA55nPm2jSiNs0/Cws=",
"owner": "cachix",
"repo": "cachix",
"rev": "f65a3cd5e339c223471e64c051434616e18cc4f5",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "master",
"repo": "cachix",
"type": "github"
}
},
"cachix_2": {
"inputs": {
"devenv": [
"conduwuit",
"cachix",
"devenv"
],
"flake-compat": [
"conduwuit",
"cachix",
"devenv"
],
"git-hooks": [
"conduwuit",
"cachix",
"devenv"
],
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1728672398,
"narHash": "sha256-KxuGSoVUFnQLB2ZcYODW7AVPAh9JqRlD5BrfsC/Q4qs=",
"owner": "cachix",
"repo": "cachix",
"rev": "aac51f698309fd0f381149214b7eee213c66ef0a",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "latest",
"repo": "cachix",
"type": "github"
}
},
"complement": {
"flake": false,
"locked": {
"lastModified": 1741891349,
"narHash": "sha256-YvrzOWcX7DH1drp5SGa+E/fc7wN3hqFtPbqPjZpOu1Q=",
"owner": "girlbossceo",
"repo": "complement",
"rev": "e587b3df569cba411aeac7c20b6366d03c143745",
"type": "github"
},
"original": {
"owner": "girlbossceo",
"ref": "main",
"repo": "complement",
"type": "github"
}
},
"conduwuit": {
"inputs": {
"attic": "attic",
"cachix": "cachix",
"complement": "complement",
"crane": "crane_2",
"fenix": "fenix",
"flake-compat": "flake-compat_3",
"flake-utils": "flake-utils",
"liburing": "liburing",
"nix-filter": "nix-filter",
"nixpkgs": [
"nixpkgs"
],
"rocksdb": "rocksdb"
},
"locked": {
"lastModified": 1744169934,
"narHash": "sha256-5YyHmPUUrXXrczWayji9327knihVTKnmjX+vX6+p6d0=",
"owner": "girlbossceo",
"repo": "conduwuit",
"rev": "d8311a5ff672fdc4729d956af5e3af8646b0670d",
"type": "github"
},
"original": {
"owner": "girlbossceo",
"repo": "conduwuit",
"type": "github"
}
},
"crane": { "crane": {
"inputs": {
"nixpkgs": [
"conduwuit",
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722960479,
"narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=",
"owner": "ipetkov",
"repo": "crane",
"rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"crane_2": {
"locked": {
"lastModified": 1739936662,
"narHash": "sha256-x4syUjNUuRblR07nDPeLDP7DpphaBVbUaSoeZkFbGSk=",
"owner": "ipetkov",
"repo": "crane",
"rev": "19de14aaeb869287647d9461cbd389187d8ecdb7",
"type": "github"
},
"original": {
"owner": "ipetkov",
"ref": "master",
"repo": "crane",
"type": "github"
}
},
"crane_3": {
"locked": { "locked": {
"lastModified": 1737689766, "lastModified": 1737689766,
"narHash": "sha256-ivVXYaYlShxYoKfSo5+y5930qMKKJ8CLcAoIBPQfJ6s=", "narHash": "sha256-ivVXYaYlShxYoKfSo5+y5930qMKKJ8CLcAoIBPQfJ6s=",
@ -15,7 +180,7 @@
"type": "github" "type": "github"
} }
}, },
"crane_2": { "crane_4": {
"locked": { "locked": {
"lastModified": 1741148495, "lastModified": 1741148495,
"narHash": "sha256-EV8KUaIZ2/CdBXlutXrHoZYbWPeB65p5kKZk71gvDRI=", "narHash": "sha256-EV8KUaIZ2/CdBXlutXrHoZYbWPeB65p5kKZk71gvDRI=",
@ -30,17 +195,75 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat": { "devenv": {
"inputs": {
"cachix": "cachix_2",
"flake-compat": [
"conduwuit",
"cachix",
"flake-compat"
],
"git-hooks": [
"conduwuit",
"cachix",
"git-hooks"
],
"nix": "nix",
"nixpkgs": [
"conduwuit",
"cachix",
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1717312683, "lastModified": 1733323168,
"narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=", "narHash": "sha256-d5DwB4MZvlaQpN6OQ4SLYxb5jA4UH5EtV5t5WOtjLPU=",
"owner": "cachix",
"repo": "devenv",
"rev": "efa9010b8b1cfd5dd3c7ed1e172a470c3b84a064",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
"conduwuit",
"nixpkgs"
],
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1740724364,
"narHash": "sha256-D1jLIueJx1dPrP09ZZwTrPf4cubV+TsFMYbpYYTVj6A=",
"owner": "nix-community", "owner": "nix-community",
"repo": "flake-compat", "repo": "fenix",
"rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea", "rev": "edf7d9e431cda8782e729253835f178a356d3aab",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "main",
"repo": "fenix",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"type": "github" "type": "github"
} }
@ -61,7 +284,101 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"ref": "master",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_4": {
"locked": {
"lastModified": 1717312683,
"narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_5": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": {
"nixpkgs-lib": [
"conduwuit",
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722555600,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"conduwuit",
"cachix",
"devenv",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"lanzaboote", "lanzaboote",
@ -96,6 +413,7 @@
}, },
"original": { "original": {
"owner": "numtide", "owner": "numtide",
"ref": "main",
"repo": "flake-utils", "repo": "flake-utils",
"type": "github" "type": "github"
} }
@ -136,11 +454,29 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_4": {
"inputs": {
"systems": "systems_4"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"garage": { "garage": {
"inputs": { "inputs": {
"crane": "crane", "crane": "crane_3",
"flake-compat": "flake-compat", "flake-compat": "flake-compat_4",
"flake-utils": "flake-utils", "flake-utils": "flake-utils_2",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
@ -160,7 +496,59 @@
"type": "github" "type": "github"
} }
}, },
"git-hooks": {
"inputs": {
"flake-compat": [
"conduwuit",
"cachix",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"conduwuit",
"cachix",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1733318908,
"narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "6f4e2a2112050951a314d2733a994fbab94864c6",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": { "gitignore": {
"inputs": {
"nixpkgs": [
"conduwuit",
"cachix",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"lanzaboote", "lanzaboote",
@ -189,11 +577,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1744833442, "lastModified": 1744650422,
"narHash": "sha256-BBMWW2m64Grcc5FlXz74+vdkUyCJOfUGnl+VcS/4x44=", "narHash": "sha256-m3/FzlNbLzfbZ1F0PUm8oEHNjGgea+bXT5uvAodt4t4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "c6b75d69b6994ba68ec281bd36faebcc56097800", "rev": "273ad32fbb4769ac56e15caccdbdaad2c2e6b88a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -204,9 +592,9 @@
}, },
"lanzaboote": { "lanzaboote": {
"inputs": { "inputs": {
"crane": "crane_2", "crane": "crane_4",
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_5",
"flake-parts": "flake-parts", "flake-parts": "flake-parts_3",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
@ -228,9 +616,42 @@
"type": "github" "type": "github"
} }
}, },
"libgit2": {
"flake": false,
"locked": {
"lastModified": 1697646580,
"narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=",
"owner": "libgit2",
"repo": "libgit2",
"rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5",
"type": "github"
},
"original": {
"owner": "libgit2",
"repo": "libgit2",
"type": "github"
}
},
"liburing": {
"flake": false,
"locked": {
"lastModified": 1740613216,
"narHash": "sha256-NpPOBqNND3Qe9IwqYs0mJLGTmIx7e6FgUEBAnJ+1ZLA=",
"owner": "axboe",
"repo": "liburing",
"rev": "e1003e496e66f9b0ae06674869795edf772d5500",
"type": "github"
},
"original": {
"owner": "axboe",
"ref": "master",
"repo": "liburing",
"type": "github"
}
},
"nil": { "nil": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils_3",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
@ -250,6 +671,85 @@
"type": "github" "type": "github"
} }
}, },
"nix": {
"inputs": {
"flake-compat": [
"conduwuit",
"cachix",
"devenv"
],
"flake-parts": "flake-parts_2",
"libgit2": "libgit2",
"nixpkgs": "nixpkgs_3",
"nixpkgs-23-11": [
"conduwuit",
"cachix",
"devenv"
],
"nixpkgs-regression": [
"conduwuit",
"cachix",
"devenv"
],
"pre-commit-hooks": [
"conduwuit",
"cachix",
"devenv"
]
},
"locked": {
"lastModified": 1727438425,
"narHash": "sha256-X8ES7I1cfNhR9oKp06F6ir4Np70WGZU5sfCOuNBEwMg=",
"owner": "domenkozar",
"repo": "nix",
"rev": "f6c5ae4c1b2e411e6b1e6a8181cc84363d6a7546",
"type": "github"
},
"original": {
"owner": "domenkozar",
"ref": "devenv-2.24",
"repo": "nix",
"type": "github"
}
},
"nix-filter": {
"locked": {
"lastModified": 1731533336,
"narHash": "sha256-oRam5PS1vcrr5UPgALW0eo1m/5/pls27Z/pabHNy2Ms=",
"owner": "numtide",
"repo": "nix-filter",
"rev": "f7653272fd234696ae94229839a99b73c9ab7de0",
"type": "github"
},
"original": {
"owner": "numtide",
"ref": "main",
"repo": "nix-filter",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"conduwuit",
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1729742964,
"narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nix-index-database": { "nix-index-database": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -291,6 +791,102 @@
} }
}, },
"nixpkgs": { "nixpkgs": {
"locked": {
"lastModified": 1726042813,
"narHash": "sha256-LnNKCCxnwgF+575y0pxUdlGZBO/ru1CtGHIqQVfvjlA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "159be5db480d1df880a0135ca0bfed84c2f88353",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1724316499,
"narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1730741070,
"narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d063c1dd113c91ab27959ba540c0d9753409edf3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1730531603,
"narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1717432640,
"narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "88269ab3044128b7c2f4c7d68448b2fb50456870",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1733212471,
"narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "55d15ad12a74eb7d4646254e13638ad0c4128776",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1744463964, "lastModified": 1744463964,
"narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=",
@ -312,7 +908,7 @@
"lanzaboote", "lanzaboote",
"flake-compat" "flake-compat"
], ],
"gitignore": "gitignore", "gitignore": "gitignore_2",
"nixpkgs": [ "nixpkgs": [
"lanzaboote", "lanzaboote",
"nixpkgs" "nixpkgs"
@ -332,20 +928,55 @@
"type": "github" "type": "github"
} }
}, },
"rocksdb": {
"flake": false,
"locked": {
"lastModified": 1741308171,
"narHash": "sha256-YdBvdQ75UJg5ffwNjxizpviCVwVDJnBkM8ZtGIduMgY=",
"owner": "girlbossceo",
"repo": "rocksdb",
"rev": "3ce04794bcfbbb0d2e6f81ae35fc4acf688b6986",
"type": "github"
},
"original": {
"owner": "girlbossceo",
"ref": "v9.11.1",
"repo": "rocksdb",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"conduwuit": "conduwuit",
"garage": "garage", "garage": "garage",
"home-manager": "home-manager", "home-manager": "home-manager",
"lanzaboote": "lanzaboote", "lanzaboote": "lanzaboote",
"nil": "nil", "nil": "nil",
"nix-index-database": "nix-index-database", "nix-index-database": "nix-index-database",
"nix-ld": "nix-ld", "nix-ld": "nix-ld",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs_5",
"rust-overlay": "rust-overlay_4", "rust-overlay": "rust-overlay_4",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"vscode-extensions": "vscode-extensions" "vscode-extensions": "vscode-extensions"
} }
}, },
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1740691488,
"narHash": "sha256-Fs6vBrByuiOf2WO77qeMDMTXcTGzrIMqLBv+lNeywwM=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "fe3eda77d3a7ce212388bda7b6cec8bffcc077e5",
"type": "github"
},
"original": {
"owner": "rust-lang",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"rust-overlay": { "rust-overlay": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -417,11 +1048,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1744803954, "lastModified": 1744599145,
"narHash": "sha256-f+gE6JtLhPzyDWOCEHbN/S30GEGHMtXEt41+Va7wzEU=", "narHash": "sha256-yzaDPkJwZdUtRj/dzdOeB74yryWzpngYaD7BedqFKk8=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "c564fb830c7d5b3e4fde5ea829a62f0e41e43a20", "rev": "fd6795d3d28f956de01a0458b6fa7baae5c793b4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -437,11 +1068,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1744669848, "lastModified": 1744518500,
"narHash": "sha256-pXyanHLUzLNd3MX9vsWG+6Z2hTU8niyphWstYEP3/GU=", "narHash": "sha256-lv52pnfiRGp5+xkZEgWr56DWiRgkMFXpiGba3eJ3krE=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "61154300d945f0b147b30d24ddcafa159148026a", "rev": "7e147a1ae90f0d4a374938cdc3df3cdaecb9d388",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -495,19 +1126,34 @@
"type": "github" "type": "github"
} }
}, },
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"vscode-extensions": { "vscode-extensions": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_4",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1744768710, "lastModified": 1744595919,
"narHash": "sha256-ow0HDShvAe9gkM3Ww5aoJo1lDLpC5pYQ7qLtnTaHoyI=", "narHash": "sha256-lFuezewhTch2FFZfB6Bx31Ls3+ixt2UYp7rJtpOlgFI=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-vscode-extensions", "repo": "nix-vscode-extensions",
"rev": "47bd3dc652c4a02dc565a9360fe828af38bea287", "rev": "ea3fe071c83dae7e6a485f7f648b4914eabea683",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
flake.nix
View file

@ -11,6 +11,8 @@
lanzaboote.inputs.nixpkgs.follows = "nixpkgs"; lanzaboote.inputs.nixpkgs.follows = "nixpkgs";
rust-overlay.url = "github:oxalica/rust-overlay"; rust-overlay.url = "github:oxalica/rust-overlay";
rust-overlay.inputs.nixpkgs.follows = "nixpkgs"; rust-overlay.inputs.nixpkgs.follows = "nixpkgs";
conduwuit.url = "github:girlbossceo/conduwuit";
conduwuit.inputs.nixpkgs.follows = "nixpkgs";
nix-ld.url = "github:nix-community/nix-ld"; nix-ld.url = "github:nix-community/nix-ld";
nix-ld.inputs.nixpkgs.follows = "nixpkgs"; nix-ld.inputs.nixpkgs.follows = "nixpkgs";
nil.url = "github:oxalica/nil"; nil.url = "github:oxalica/nil";

6
garnix.yaml Normal file
View file

@ -0,0 +1,6 @@
builds:
include:
- 'nixosConfigurations.*'
- 'homeConfigurations.*'
- '*.aarch64-linux.*'
- '*.x86_64-linux.*'

2
hosts/chunk/default.nix
View file

@ -184,7 +184,7 @@
my.containerization.enable = true; my.containerization.enable = true;
my.authelia.enable = true; my.authelia.enable = true;
my.karakeep = { my.karakeep = {
enable = false; enable = true;
dataDir = "/opt/karakeep"; dataDir = "/opt/karakeep";
}; };
} }

3
overlay/default.nix
View file

@ -7,6 +7,9 @@
pkgFrom = flake: pkg: flake.packages.${prev.system}.${pkg}; pkgFrom = flake: pkg: flake.packages.${prev.system}.${pkg};
in in
{ {
conduwuit = pkgFrom inputs.conduwuit "default";
attic-server = pkgFrom inputs.attic "attic-server";
attic = pkgFrom inputs.attic "attic";
garage = ( garage = (
(pkgFrom inputs.garage "default").overrideAttrs { (pkgFrom inputs.garage "default").overrideAttrs {
meta.mainProgram = "garage"; meta.mainProgram = "garage";