dot013/spacestation
1
0
Fork 0
Code Issues Pull Requests Activity

chore: format files

Browse Source
This commit is contained in:
Gustavo "Guz" L. de Mello
2024-06-16 20:08:29 -03:00
parent 25af484bb9
commit c8247a3208
18 changed files with 265 additions and 247 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
configuration.nix
View File

@@ -1,8 +1,9 @@
{ config {
, lib config,
, inputs lib,
, pkgs inputs,
, ... pkgs,
...
}: { }: {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
@@ -17,13 +18,13 @@
profiles.locale.enable = true; profiles.locale.enable = true;
home-manager.extraSpecialArgs = { inherit inputs; }; home-manager.extraSpecialArgs = {inherit inputs;};
users.users."guz" = { users.users."guz" = {
shell = pkgs.zsh; shell = pkgs.zsh;
hashedPasswordFile = builtins.toString config.sops.secrets."guz/password".path; hashedPasswordFile = builtins.toString config.sops.secrets."guz/password".path;
home = "/home/guz"; home = "/home/guz";
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "plugdev" ]; extraGroups = ["wheel" "networkmanager" "plugdev"];
}; };
home-manager.users."guz" = import ./homes/guz.nix; home-manager.users."guz" = import ./homes/guz.nix;
@@ -43,7 +44,7 @@
libinput libinput
]; ];
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = ["nix-command" "flakes"];
nix.package = pkgs.nixVersions.nix_2_21; nix.package = pkgs.nixVersions.nix_2_21;
networking = { networking = {

28
flake.nix
View File

@@ -21,21 +21,21 @@
dot013-environment.url = "github:dot013/environment"; dot013-environment.url = "github:dot013/environment";
}; };
outputs = outputs = {
{ nixpkgs nixpkgs,
, home-manager home-manager,
, ... ...
} @ inputs: { } @ inputs: {
nixosConfigurations = { nixosConfigurations = {
spacestation = nixpkgs.lib.nixosSystem { spacestation = nixpkgs.lib.nixosSystem {
specialArgs = { specialArgs = {
inherit inputs; inherit inputs;
};
modules = [
inputs.home-manager.nixosModules.default
./configuration.nix
];
}; };
modules = [
inputs.home-manager.nixosModules.default
./configuration.nix
];
}; };
}; };
};
} }

21
hardware-configuration.nix
View File

@@ -1,20 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config {
, lib config,
, pkgs lib,
, modulesPath pkgs,
, ... modulesPath,
...
}: { }: {
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" ]; boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/26878c61-60d2-4ac9-967f-30faffc0f21f"; device = "/dev/disk/by-uuid/26878c61-60d2-4ac9-967f-30faffc0f21f";
@@ -27,7 +28,7 @@
}; };
swapDevices = [ swapDevices = [
{ device = "/dev/disk/by-uuid/878a189a-e5df-4e1c-92d5-df6f77ff53bb"; } {device = "/dev/disk/by-uuid/878a189a-e5df-4e1c-92d5-df6f77ff53bb";}
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

11
homes/guz.nix
View File

@@ -1,8 +1,9 @@
{ config {
, pkgs config,
, inputs pkgs,
, lib inputs,
, ... lib,
...
}: { }: {
imports = [ imports = [
inputs.dot013-environment.homeManagerModule inputs.dot013-environment.homeManagerModule

63
modules/adguardhome.nix
View File

@@ -1,41 +1,40 @@
{ config
, lib
, ...
}:
let
cfg = config.services.adguardhome;
in
{ {
imports = [ ]; config,
lib,
...
}: let
cfg = config.services.adguardhome;
in {
imports = [];
options.services.adguardhome = with lib; options.services.adguardhome = with lib;
with lib.types; { with lib.types; {
dns.filters = mkOption { dns.filters = mkOption {
type = attrsOf (submodule ({ lib, ... }: { type = attrsOf (submodule ({lib, ...}: {
options = { options = {
name = mkOption { name = mkOption {
type = nullOr str; type = nullOr str;
default = null; default = null;
};
url = mkOption {
type = str;
};
enabled = mkOption {
type = bool;
default = true;
};
}; };
})); url = mkOption {
default = { }; type = str;
}; };
dns.rewrites = mkOption { enabled = mkOption {
type = attrsOf str; type = bool;
default = { }; default = true;
}; };
};
}));
default = {};
}; };
dns.rewrites = mkOption {
type = attrsOf str;
default = {};
};
};
config = with lib; config = with lib;
mkIf cfg.enable { mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [ 53 ]; networking.firewall.allowedTCPPorts = [53];
networking.firewall.allowedUDPPorts = [ 53 51820 ]; networking.firewall.allowedUDPPorts = [53 51820];
services.adguardhome = { services.adguardhome = {
settings = { settings = {

2
modules/default.nix
View File

@@ -1,4 +1,4 @@
{ ... }: { {...}: {
imports = [ imports = [
./adguardhome.nix ./adguardhome.nix
./forgejo ./forgejo

130
modules/forgejo/default.nix
View File

@@ -1,12 +1,12 @@
{ config {
, lib config,
, pkgs lib,
, utils pkgs,
, ... utils,
}: ...
let }: let
cfg = config.services.forgejo; cfg = config.services.forgejo;
yamlFormat = pkgs.formats.yaml { }; yamlFormat = pkgs.formats.yaml {};
users = builtins.attrValues (builtins.mapAttrs users = builtins.attrValues (builtins.mapAttrs
(username: info: { (username: info: {
name = name =
@@ -19,67 +19,67 @@ let
}) })
cfg.users); cfg.users);
initList = l: lib.strings.concatStringsSep "," l; initList = l: lib.strings.concatStringsSep "," l;
in in {
{ imports = [];
imports = [ ];
options.services.forgejo = with lib; options.services.forgejo = with lib;
with lib.types; { with lib.types; {
handleUndeclaredUsers = mkOption { handleUndeclaredUsers = mkOption {
type = bool; type = bool;
default = false; default = false;
}; };
users = mkOption { users = mkOption {
type = attrsOf (submodule ({ config type = attrsOf (submodule ({
, lib config,
, ... lib,
}: ...
with lib; }:
with lib.types; { with lib;
options = { with lib.types; {
name = mkOption { options = {
type = nullOr (either str path); name = mkOption {
default = null; type = nullOr (either str path);
}; default = null;
password = mkOption {
type = either str path;
};
email = mkOption {
type = either str path;
};
admin = mkOption {
type = bool;
default = false;
};
}; };
})); password = mkOption {
default = { }; type = either str path;
};
email = mkOption {
type = either str path;
};
admin = mkOption {
type = bool;
default = false;
};
};
}));
default = {};
};
actions = {
enable = mkOption {
type = bool;
default = cfg.enable;
}; };
actions = { token = mkOption {
enable = mkOption { type = str;
type = bool; };
default = cfg.enable; url = mkOption {
}; type = str;
token = mkOption { default = "http://localhost:${toString cfg.settings.server.HTTP_PORT}";
type = str; };
}; labels = mkOption {
url = mkOption { type = listOf str;
type = str; default = [
default = "http://localhost:${toString cfg.settings.server.HTTP_PORT}"; /*
};
labels = mkOption {
type = listOf str;
default = [
/*
Remember to install git on these images so actions/checkout can work, Remember to install git on these images so actions/checkout can work,
without it, the actions tries to use the /api/v3/repos/{user}/{repo}/tarball/{ref} without it, the actions tries to use the /api/v3/repos/{user}/{repo}/tarball/{ref}
api endpoint, which Gitea/Forgejo doesn't has. api endpoint, which Gitea/Forgejo doesn't has.
*/ */
"ubuntu-latest:docker://gitea/runner-images:ubuntu-latest-slim" "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest-slim"
"ubuntu-latest-full:docker://gitea/runner-images:ubuntu-latest" "ubuntu-latest-full:docker://gitea/runner-images:ubuntu-latest"
]; ];
};
}; };
}; };
};
config = with lib; config = with lib;
mkIf cfg.enable { mkIf cfg.enable {
networking.firewall.allowedTCPPorts = mkIf cfg.settings.actions.ENABLED [ networking.firewall.allowedTCPPorts = mkIf cfg.settings.actions.ENABLED [
@@ -94,9 +94,9 @@ in
useDefaultShell = true; useDefaultShell = true;
group = cfg.group; group = cfg.group;
isSystemUser = true; isSystemUser = true;
extraGroups = [ "wheel" "networkmanager" ]; extraGroups = ["wheel" "networkmanager"];
}; };
users.groups."${cfg.group}" = { }; users.groups."${cfg.group}" = {};
services.forgejo = { services.forgejo = {
user = mkDefault "git"; user = mkDefault "git";
@@ -193,8 +193,8 @@ in
'') '')
users)} users)}
''; '';
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
after = [ "forgejo.service" ]; after = ["forgejo.service"];
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
User = cfg.user; User = cfg.user;

85
modules/locales.nix
View File

@@ -1,50 +1,49 @@
{ config
, lib
, ...
}:
let
cfg = config.profiles.locale;
in
{ {
imports = [ ]; config,
lib,
...
}: let
cfg = config.profiles.locale;
in {
imports = [];
options.profiles.locale = with lib; options.profiles.locale = with lib;
with lib.types; { with lib.types; {
enable = mkEnableOption ""; enable = mkEnableOption "";
locale = mkOption { locale = mkOption {
type = str; type = str;
default = "en_US.UTF-8"; default = "en_US.UTF-8";
}; };
extraLocales = mkOption { extraLocales = mkOption {
type = attrsOf str; type = attrsOf str;
default = rec { default = rec {
LC_ADDRESS = "pt_BR.UTF-8"; LC_ADDRESS = "pt_BR.UTF-8";
LC_IDENTIFICATION = LC_ADDRESS; LC_IDENTIFICATION = LC_ADDRESS;
LC_MEASUREMENT = LC_ADDRESS; LC_MEASUREMENT = LC_ADDRESS;
LC_MONETARY = LC_ADDRESS; LC_MONETARY = LC_ADDRESS;
LC_NAME = LC_ADDRESS; LC_NAME = LC_ADDRESS;
LC_NUMERIC = LC_ADDRESS; LC_NUMERIC = LC_ADDRESS;
LC_PAPER = LC_ADDRESS; LC_PAPER = LC_ADDRESS;
LC_TELEPHONE = LC_ADDRESS; LC_TELEPHONE = LC_ADDRESS;
LC_TIME = LC_ADDRESS; LC_TIME = LC_ADDRESS;
};
};
keymap.layout = mkOption {
type = str;
default = "br";
};
keymap.variant = mkOption {
type = str;
default = "";
};
keymap.console = mkOption {
type = str;
default = "br-abnt2";
};
timeZone = mkOption {
type = str;
default = "America/Sao_Paulo";
}; };
}; };
keymap.layout = mkOption {
type = str;
default = "br";
};
keymap.variant = mkOption {
type = str;
default = "";
};
keymap.console = mkOption {
type = str;
default = "br-abnt2";
};
timeZone = mkOption {
type = str;
default = "America/Sao_Paulo";
};
};
config = { config = {
i18n = { i18n = {
defaultLocale = cfg.locale; defaultLocale = cfg.locale;

17
modules/nh/default.nix
View File

@@ -1,9 +1,9 @@
{ config {
, lib config,
, pkgs lib,
, ... pkgs,
}: ...
let }: let
cfg = config.programs.nh; cfg = config.programs.nh;
wrapper = pkgs.writeShellScriptBin "nh" '' wrapper = pkgs.writeShellScriptBin "nh" ''
function alejandra() { ${pkgs.alejandra}/bin/alejandra "$@"; } function alejandra() { ${pkgs.alejandra}/bin/alejandra "$@"; }
@@ -16,9 +16,8 @@ let
${builtins.readFile ./wrapper.sh} ${builtins.readFile ./wrapper.sh}
''; '';
in in {
{ options.programs.nh = with lib; with lib.types; {};
options.programs.nh = with lib; with lib.types; { };
config = with lib; config = with lib;
mkIf cfg.enable { mkIf cfg.enable {
programs.nh.package = wrapper; programs.nh.package = wrapper;

55
modules/tailscale.nix
View File

@@ -1,33 +1,32 @@
{ config
, lib
, ...
}:
let
cfg = config.services.tailscale;
in
{ {
imports = [ ]; config,
lib,
...
}: let
cfg = config.services.tailscale;
in {
imports = [];
options.services.tailscale = with lib; options.services.tailscale = with lib;
with lib.types; { with lib.types; {
exitNode = mkOption { exitNode = mkOption {
type = bool; type = bool;
default = false; default = false;
};
tailnetName = mkOption {
type = str;
};
tailnetUrl = mkOption {
type = str;
default = "${config.services.tailscale.tailnetName}.ts.net";
};
deviceUrl = mkOption {
type = str;
default = "${config.networking.hostName}.${config.services.tailscale.tailnetUrl}";
};
deviceIp = mkOption {
type = str;
};
}; };
tailnetName = mkOption {
type = str;
};
tailnetUrl = mkOption {
type = str;
default = "${config.services.tailscale.tailnetName}.ts.net";
};
deviceUrl = mkOption {
type = str;
default = "${config.networking.hostName}.${config.services.tailscale.tailnetUrl}";
};
deviceIp = mkOption {
type = str;
};
};
config = with lib; config = with lib;
mkIf cfg.enable { mkIf cfg.enable {
services.tailscale = { services.tailscale = {
@@ -52,7 +51,7 @@ in
systemd.services."tailscaled" = mkIf config.services.caddy.enable (mkDefault { systemd.services."tailscaled" = mkIf config.services.caddy.enable (mkDefault {
serviceConfig = { serviceConfig = {
Environment = [ "TS_PERMIT_CERT_UID=caddy" ]; Environment = ["TS_PERMIT_CERT_UID=caddy"];
}; };
}); });

4
secrets/spacestation.lesser.json
View File

@@ -71,8 +71,8 @@
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnL3dCY1VLMmoxRFRmS0Ir\nV0ppTnI0RE5ZMjcvRGNPWkNxWFdJYTBDTG00ClRGQkh1UStGTmc0RE5aNy9nL3FI\nbHJIa3hLR0ZkTjd6WkFzOFkzeFdMNUEKLS0tIDBidk93Qy9LenFlSGZ2aEpuTUFt\nWVM2eS9UdXAvbzE4eEdKMjVEM3RLdm8KKeIhk+YOKVL9Y19lLyb6/Pxv8rbewK2e\nLm96jx+LOMOCFcQGxuFKWqQbTB4br/cPvRKSY5jFmFWqVg7pCPTAzQ==\n-----END AGE ENCRYPTED FILE-----\n" "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnL3dCY1VLMmoxRFRmS0Ir\nV0ppTnI0RE5ZMjcvRGNPWkNxWFdJYTBDTG00ClRGQkh1UStGTmc0RE5aNy9nL3FI\nbHJIa3hLR0ZkTjd6WkFzOFkzeFdMNUEKLS0tIDBidk93Qy9LenFlSGZ2aEpuTUFt\nWVM2eS9UdXAvbzE4eEdKMjVEM3RLdm8KKeIhk+YOKVL9Y19lLyb6/Pxv8rbewK2e\nLm96jx+LOMOCFcQGxuFKWqQbTB4br/cPvRKSY5jFmFWqVg7pCPTAzQ==\n-----END AGE ENCRYPTED FILE-----\n"
} }
], ],
"lastmodified": "2024-05-21T18:13:55Z", "lastmodified": "2024-06-16T23:07:47Z",
"mac": "ENC[AES256_GCM,data:P+tqLu/mY+qadDeyDwEYf/Mwv2tJOBEghvkBhRzLguaynCk4pLhy40P+eIvd8/DWfERW/CAnOH038kJRO9zG5qZiYKZgTB1MVFACnpPoF4Ek1a0+eSmQfiHBBLd45fvExfyYo3XLi6e0ZNZYiQOSL++WqBPGcSAz0N2bhxnPqFE=,iv:b7xEGJybByQwl2FfIdC3q2UVuDgOTHrVPPqZe/w8cmc=,tag:upZP6dukO70Qm5hb3odTWg==,type:str]", "mac": "ENC[AES256_GCM,data:Bf5CCuBVEidLk+7OW6g6ADfchxh+98D24p3Kk6vuwScTDsA77ADQVcWmd2wQkwwl6j1b2p/0Brr0nZEbjTJL+vsYhRmMYlWvqyXEu7e10Obl3gd8OlnMIifit9jNpbTGGvlE+ZYiLGpqOoYHOMJOAB9kJPz21FiQlsFMEcDQseI=,iv:hddyrPLcWBhu0mpbegpsAXLeXZt/W8LOnFg4TNvxyag=,tag:OKHVYFy2+aJEtfqq3tSNLA==,type:str]",
"pgp": null, "pgp": null,
"unencrypted_suffix": "_unencrypted", "unencrypted_suffix": "_unencrypted",
"version": "3.8.1" "version": "3.8.1"

15
services/adguardhome.nix
View File

@@ -1,13 +1,12 @@
{ config {
, lib config,
, pkgs lib,
, ... pkgs,
}: ...
let }: let
secrets = config.spacestation-secrets.lesser; secrets = config.spacestation-secrets.lesser;
deviceIp = config.services.tailscale.deviceIp; deviceIp = config.services.tailscale.deviceIp;
in in {
{
imports = [ imports = [
../modules/adguardhome.nix ../modules/adguardhome.nix
]; ];

20
services/caddy.nix Normal file
View File

@@ -0,0 +1,20 @@
{
config,
lib,
...
}: let
secrets = config.spacestation-secrets.lesser;
deviceIp = config.services.tailscale.deviceIp;
in {
imports = [];
services.caddy.enable = true;
services.caddy.virtualHosts =
lib.attrsets.mapAttrs'
(name: service: {
name = service.domain;
value = {extraConfig = "reverse_proxy ${deviceIp}:${toString service.port}";};
})
secrets.services;
networking.firewall.allowedTCPPorts = [80 433];
}

2
services/containers/default.nix
View File

@@ -1,4 +1,4 @@
{ ... }: { {...}: {
imports = [ imports = [
./prata-music.nix ./prata-music.nix
]; ];

11
services/containers/prata-music.nix
View File

@@ -1,9 +1,10 @@
{ config {
, lib config,
, pkgs lib,
, ... pkgs,
...
}: { }: {
imports = [ ]; imports = [];
virtualisation.oci-containers.containers.prata-music = { virtualisation.oci-containers.containers.prata-music = {
image = "codetheweb/muse:latest"; image = "codetheweb/muse:latest";
autoStart = true; autoStart = true;

1
services/default.nix
View File

@@ -1,6 +1,7 @@
{ ... }: { { ... }: {
imports = [ imports = [
./adguardhome.nix ./adguardhome.nix
./caddy.nix
./containers ./containers
./forgejo.nix ./forgejo.nix
./tailscale.nix ./tailscale.nix

15
services/forgejo.nix
View File

@@ -1,12 +1,11 @@
{ config
, lib
, pkgs
, ...
}:
let
secrets = config.spacestation-secrets.lesser;
in
{ {
config,
lib,
pkgs,
...
}: let
secrets = config.spacestation-secrets.lesser;
in {
imports = [ imports = [
../modules/forgejo ../modules/forgejo
]; ];

15
services/tailscale.nix
View File

@@ -1,12 +1,11 @@
{ config
, lib
, pkgs
, ...
}:
let
secrets = config.spacestation-secrets.lesser;
in
{ {
config,
lib,
pkgs,
...
}: let
secrets = config.spacestation-secrets.lesser;
in {
imports = [ imports = [
../modules/tailscale.nix ../modules/tailscale.nix
]; ];