capytal/spacestation
1
0
Fork 0
mirror of http://code.capytal.cc/dot013/spacestation.git synced 2026-01-15 23:46:13 -03:00
Code Issues Activity

chore: format files

Browse Source
This commit is contained in:
Gustavo "Guz" L. de Mello
2024-06-16 20:08:29 -03:00
parent 25af484bb9
commit c8247a3208
18 changed files with 265 additions and 247 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
configuration.nix
View File

@@ -1,8 +1,9 @@
{ config
, lib
, inputs
, pkgs
, ...
{
config,
lib,
inputs,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
@@ -17,13 +18,13 @@
profiles.locale.enable = true;
home-manager.extraSpecialArgs = { inherit inputs; };
home-manager.extraSpecialArgs = {inherit inputs;};
users.users."guz" = {
shell = pkgs.zsh;
hashedPasswordFile = builtins.toString config.sops.secrets."guz/password".path;
home = "/home/guz";
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "plugdev" ];
extraGroups = ["wheel" "networkmanager" "plugdev"];
};
home-manager.users."guz" = import ./homes/guz.nix;
@@ -43,7 +44,7 @@
libinput
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.package = pkgs.nixVersions.nix_2_21;
networking = {

28
flake.nix
View File

@@ -21,21 +21,21 @@
dot013-environment.url = "github:dot013/environment";
};
outputs =
{ nixpkgs
, home-manager
, ...
} @ inputs: {
nixosConfigurations = {
spacestation = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs;
};
modules = [
inputs.home-manager.nixosModules.default
./configuration.nix
];
outputs = {
nixpkgs,
home-manager,
...
} @ inputs: {
nixosConfigurations = {
spacestation = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs;
};
modules = [
inputs.home-manager.nixosModules.default
./configuration.nix
];
};
};
};
}

21
hardware-configuration.nix
View File

@@ -1,20 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config
, lib
, pkgs
, modulesPath
, ...
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/26878c61-60d2-4ac9-967f-30faffc0f21f";
@@ -27,7 +28,7 @@
};
swapDevices = [
{ device = "/dev/disk/by-uuid/878a189a-e5df-4e1c-92d5-df6f77ff53bb"; }
{device = "/dev/disk/by-uuid/878a189a-e5df-4e1c-92d5-df6f77ff53bb";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

11
homes/guz.nix
View File

@@ -1,8 +1,9 @@
{ config
, pkgs
, inputs
, lib
, ...
{
config,
pkgs,
inputs,
lib,
...
}: {
imports = [
inputs.dot013-environment.homeManagerModule

63
modules/adguardhome.nix
View File

@@ -1,41 +1,40 @@
{ config
, lib
, ...
}:
let
cfg = config.services.adguardhome;
in
{
imports = [ ];
config,
lib,
...
}: let
cfg = config.services.adguardhome;
in {
imports = [];
options.services.adguardhome = with lib;
with lib.types; {
dns.filters = mkOption {
type = attrsOf (submodule ({ lib, ... }: {
options = {
name = mkOption {
type = nullOr str;
default = null;
};
url = mkOption {
type = str;
};
enabled = mkOption {
type = bool;
default = true;
};
with lib.types; {
dns.filters = mkOption {
type = attrsOf (submodule ({lib, ...}: {
options = {
name = mkOption {
type = nullOr str;
default = null;
};
}));
default = { };
};
dns.rewrites = mkOption {
type = attrsOf str;
default = { };
};
url = mkOption {
type = str;
};
enabled = mkOption {
type = bool;
default = true;
};
};
}));
default = {};
};
dns.rewrites = mkOption {
type = attrsOf str;
default = {};
};
};
config = with lib;
mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [ 53 ];
networking.firewall.allowedUDPPorts = [ 53 51820 ];
networking.firewall.allowedTCPPorts = [53];
networking.firewall.allowedUDPPorts = [53 51820];
services.adguardhome = {
settings = {

2
modules/default.nix
View File

@@ -1,4 +1,4 @@
{ ... }: {
{...}: {
imports = [
./adguardhome.nix
./forgejo

130
modules/forgejo/default.nix
View File

@@ -1,12 +1,12 @@
{ config
, lib
, pkgs
, utils
, ...
}:
let
{
config,
lib,
pkgs,
utils,
...
}: let
cfg = config.services.forgejo;
yamlFormat = pkgs.formats.yaml { };
yamlFormat = pkgs.formats.yaml {};
users = builtins.attrValues (builtins.mapAttrs
(username: info: {
name =
@@ -19,67 +19,67 @@ let
})
cfg.users);
initList = l: lib.strings.concatStringsSep "," l;
in
{
imports = [ ];
in {
imports = [];
options.services.forgejo = with lib;
with lib.types; {
handleUndeclaredUsers = mkOption {
type = bool;
default = false;
};
users = mkOption {
type = attrsOf (submodule ({ config
, lib
, ...
}:
with lib;
with lib.types; {
options = {
name = mkOption {
type = nullOr (either str path);
default = null;
};
password = mkOption {
type = either str path;
};
email = mkOption {
type = either str path;
};
admin = mkOption {
type = bool;
default = false;
};
with lib.types; {
handleUndeclaredUsers = mkOption {
type = bool;
default = false;
};
users = mkOption {
type = attrsOf (submodule ({
config,
lib,
...
}:
with lib;
with lib.types; {
options = {
name = mkOption {
type = nullOr (either str path);
default = null;
};
}));
default = { };
password = mkOption {
type = either str path;
};
email = mkOption {
type = either str path;
};
admin = mkOption {
type = bool;
default = false;
};
};
}));
default = {};
};
actions = {
enable = mkOption {
type = bool;
default = cfg.enable;
};
actions = {
enable = mkOption {
type = bool;
default = cfg.enable;
};
token = mkOption {
type = str;
};
url = mkOption {
type = str;
default = "http://localhost:${toString cfg.settings.server.HTTP_PORT}";
};
labels = mkOption {
type = listOf str;
default = [
/*
token = mkOption {
type = str;
};
url = mkOption {
type = str;
default = "http://localhost:${toString cfg.settings.server.HTTP_PORT}";
};
labels = mkOption {
type = listOf str;
default = [
/*
Remember to install git on these images so actions/checkout can work,
without it, the actions tries to use the /api/v3/repos/{user}/{repo}/tarball/{ref}
api endpoint, which Gitea/Forgejo doesn't has.
*/
"ubuntu-latest:docker://gitea/runner-images:ubuntu-latest-slim"
"ubuntu-latest-full:docker://gitea/runner-images:ubuntu-latest"
];
};
*/
"ubuntu-latest:docker://gitea/runner-images:ubuntu-latest-slim"
"ubuntu-latest-full:docker://gitea/runner-images:ubuntu-latest"
];
};
};
};
config = with lib;
mkIf cfg.enable {
networking.firewall.allowedTCPPorts = mkIf cfg.settings.actions.ENABLED [
@@ -94,9 +94,9 @@ in
useDefaultShell = true;
group = cfg.group;
isSystemUser = true;
extraGroups = [ "wheel" "networkmanager" ];
extraGroups = ["wheel" "networkmanager"];
};
users.groups."${cfg.group}" = { };
users.groups."${cfg.group}" = {};
services.forgejo = {
user = mkDefault "git";
@@ -193,8 +193,8 @@ in
'')
users)}
'';
wantedBy = [ "multi-user.target" ];
after = [ "forgejo.service" ];
wantedBy = ["multi-user.target"];
after = ["forgejo.service"];
serviceConfig = {
Type = "oneshot";
User = cfg.user;

85
modules/locales.nix
View File

@@ -1,50 +1,49 @@
{ config
, lib
, ...
}:
let
cfg = config.profiles.locale;
in
{
imports = [ ];
config,
lib,
...
}: let
cfg = config.profiles.locale;
in {
imports = [];
options.profiles.locale = with lib;
with lib.types; {
enable = mkEnableOption "";
locale = mkOption {
type = str;
default = "en_US.UTF-8";
};
extraLocales = mkOption {
type = attrsOf str;
default = rec {
LC_ADDRESS = "pt_BR.UTF-8";
LC_IDENTIFICATION = LC_ADDRESS;
LC_MEASUREMENT = LC_ADDRESS;
LC_MONETARY = LC_ADDRESS;
LC_NAME = LC_ADDRESS;
LC_NUMERIC = LC_ADDRESS;
LC_PAPER = LC_ADDRESS;
LC_TELEPHONE = LC_ADDRESS;
LC_TIME = LC_ADDRESS;
};
};
keymap.layout = mkOption {
type = str;
default = "br";
};
keymap.variant = mkOption {
type = str;
default = "";
};
keymap.console = mkOption {
type = str;
default = "br-abnt2";
};
timeZone = mkOption {
type = str;
default = "America/Sao_Paulo";
with lib.types; {
enable = mkEnableOption "";
locale = mkOption {
type = str;
default = "en_US.UTF-8";
};
extraLocales = mkOption {
type = attrsOf str;
default = rec {
LC_ADDRESS = "pt_BR.UTF-8";
LC_IDENTIFICATION = LC_ADDRESS;
LC_MEASUREMENT = LC_ADDRESS;
LC_MONETARY = LC_ADDRESS;
LC_NAME = LC_ADDRESS;
LC_NUMERIC = LC_ADDRESS;
LC_PAPER = LC_ADDRESS;
LC_TELEPHONE = LC_ADDRESS;
LC_TIME = LC_ADDRESS;
};
};
keymap.layout = mkOption {
type = str;
default = "br";
};
keymap.variant = mkOption {
type = str;
default = "";
};
keymap.console = mkOption {
type = str;
default = "br-abnt2";
};
timeZone = mkOption {
type = str;
default = "America/Sao_Paulo";
};
};
config = {
i18n = {
defaultLocale = cfg.locale;

17
modules/nh/default.nix
View File

@@ -1,9 +1,9 @@
{ config
, lib
, pkgs
, ...
}:
let
{
config,
lib,
pkgs,
...
}: let
cfg = config.programs.nh;
wrapper = pkgs.writeShellScriptBin "nh" ''
function alejandra() { ${pkgs.alejandra}/bin/alejandra "$@"; }
@@ -16,9 +16,8 @@ let
${builtins.readFile ./wrapper.sh}
'';
in
{
options.programs.nh = with lib; with lib.types; { };
in {
options.programs.nh = with lib; with lib.types; {};
config = with lib;
mkIf cfg.enable {
programs.nh.package = wrapper;

55
modules/tailscale.nix
View File

@@ -1,33 +1,32 @@
{ config
, lib
, ...
}:
let
cfg = config.services.tailscale;
in
{
imports = [ ];
config,
lib,
...
}: let
cfg = config.services.tailscale;
in {
imports = [];
options.services.tailscale = with lib;
with lib.types; {
exitNode = mkOption {
type = bool;
default = false;
};
tailnetName = mkOption {
type = str;
};
tailnetUrl = mkOption {
type = str;
default = "${config.services.tailscale.tailnetName}.ts.net";
};
deviceUrl = mkOption {
type = str;
default = "${config.networking.hostName}.${config.services.tailscale.tailnetUrl}";
};
deviceIp = mkOption {
type = str;
};
with lib.types; {
exitNode = mkOption {
type = bool;
default = false;
};
tailnetName = mkOption {
type = str;
};
tailnetUrl = mkOption {
type = str;
default = "${config.services.tailscale.tailnetName}.ts.net";
};
deviceUrl = mkOption {
type = str;
default = "${config.networking.hostName}.${config.services.tailscale.tailnetUrl}";
};
deviceIp = mkOption {
type = str;
};
};
config = with lib;
mkIf cfg.enable {
services.tailscale = {
@@ -52,7 +51,7 @@ in
systemd.services."tailscaled" = mkIf config.services.caddy.enable (mkDefault {
serviceConfig = {
Environment = [ "TS_PERMIT_CERT_UID=caddy" ];
Environment = ["TS_PERMIT_CERT_UID=caddy"];
};
});

4
secrets/spacestation.lesser.json
View File

@@ -71,8 +71,8 @@
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnL3dCY1VLMmoxRFRmS0Ir\nV0ppTnI0RE5ZMjcvRGNPWkNxWFdJYTBDTG00ClRGQkh1UStGTmc0RE5aNy9nL3FI\nbHJIa3hLR0ZkTjd6WkFzOFkzeFdMNUEKLS0tIDBidk93Qy9LenFlSGZ2aEpuTUFt\nWVM2eS9UdXAvbzE4eEdKMjVEM3RLdm8KKeIhk+YOKVL9Y19lLyb6/Pxv8rbewK2e\nLm96jx+LOMOCFcQGxuFKWqQbTB4br/cPvRKSY5jFmFWqVg7pCPTAzQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-05-21T18:13:55Z",
"mac": "ENC[AES256_GCM,data:P+tqLu/mY+qadDeyDwEYf/Mwv2tJOBEghvkBhRzLguaynCk4pLhy40P+eIvd8/DWfERW/CAnOH038kJRO9zG5qZiYKZgTB1MVFACnpPoF4Ek1a0+eSmQfiHBBLd45fvExfyYo3XLi6e0ZNZYiQOSL++WqBPGcSAz0N2bhxnPqFE=,iv:b7xEGJybByQwl2FfIdC3q2UVuDgOTHrVPPqZe/w8cmc=,tag:upZP6dukO70Qm5hb3odTWg==,type:str]",
"lastmodified": "2024-06-16T23:07:47Z",
"mac": "ENC[AES256_GCM,data:Bf5CCuBVEidLk+7OW6g6ADfchxh+98D24p3Kk6vuwScTDsA77ADQVcWmd2wQkwwl6j1b2p/0Brr0nZEbjTJL+vsYhRmMYlWvqyXEu7e10Obl3gd8OlnMIifit9jNpbTGGvlE+ZYiLGpqOoYHOMJOAB9kJPz21FiQlsFMEcDQseI=,iv:hddyrPLcWBhu0mpbegpsAXLeXZt/W8LOnFg4TNvxyag=,tag:OKHVYFy2+aJEtfqq3tSNLA==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"

15
services/adguardhome.nix
View File

@@ -1,13 +1,12 @@
{ config
, lib
, pkgs
, ...
}:
let
{
config,
lib,
pkgs,
...
}: let
secrets = config.spacestation-secrets.lesser;
deviceIp = config.services.tailscale.deviceIp;
in
{
in {
imports = [
../modules/adguardhome.nix
];

20
services/caddy.nix Normal file
View File

@@ -0,0 +1,20 @@
{
config,
lib,
...
}: let
secrets = config.spacestation-secrets.lesser;
deviceIp = config.services.tailscale.deviceIp;
in {
imports = [];
services.caddy.enable = true;
services.caddy.virtualHosts =
lib.attrsets.mapAttrs'
(name: service: {
name = service.domain;
value = {extraConfig = "reverse_proxy ${deviceIp}:${toString service.port}";};
})
secrets.services;
networking.firewall.allowedTCPPorts = [80 433];
}

2
services/containers/default.nix
View File

@@ -1,4 +1,4 @@
{ ... }: {
{...}: {
imports = [
./prata-music.nix
];

11
services/containers/prata-music.nix
View File

@@ -1,9 +1,10 @@
{ config
, lib
, pkgs
, ...
{
config,
lib,
pkgs,
...
}: {
imports = [ ];
imports = [];
virtualisation.oci-containers.containers.prata-music = {
image = "codetheweb/muse:latest";
autoStart = true;

1
services/default.nix
View File

@@ -1,6 +1,7 @@
{ ... }: {
imports = [
./adguardhome.nix
./caddy.nix
./containers
./forgejo.nix
./tailscale.nix

15
services/forgejo.nix
View File

@@ -1,12 +1,11 @@
{ config
, lib
, pkgs
, ...
}:
let
secrets = config.spacestation-secrets.lesser;
in
{
config,
lib,
pkgs,
...
}: let
secrets = config.spacestation-secrets.lesser;
in {
imports = [
../modules/forgejo
];

15
services/tailscale.nix
View File

@@ -1,12 +1,11 @@
{ config
, lib
, pkgs
, ...
}:
let
secrets = config.spacestation-secrets.lesser;
in
{
config,
lib,
pkgs,
...
}: let
secrets = config.spacestation-secrets.lesser;
in {
imports = [
../modules/tailscale.nix
];