Formatting
This commit is contained in:
parent
8986d88304
commit
227ee9d92c
32
flake.nix
32
flake.nix
|
@ -163,26 +163,26 @@
|
|||
libraries = [
|
||||
pkgs.python3Packages.requests
|
||||
];
|
||||
flakeIgnore = [ "E501" ];
|
||||
flakeIgnore = ["E501"];
|
||||
}
|
||||
''
|
||||
import json
|
||||
import requests
|
||||
import os
|
||||
import json
|
||||
import requests
|
||||
import os
|
||||
|
||||
auth = os.getenv("NEXTDNS_API_KEY")
|
||||
g
|
||||
with open('${self.packages.x86_64-linux.nextdns-rewrites}', 'r') as file:
|
||||
rewrites = json.load(file)
|
||||
auth = os.getenv("NEXTDNS_API_KEY")
|
||||
|
||||
for profile in rewrites:
|
||||
for rewrite in rewrites[profile]:
|
||||
print(json.dumps(rewrite))
|
||||
req = requests.post(
|
||||
f'https://api.nextdns.io/profiles/{profile}/rewrites', data=json.dumps(rewrite),
|
||||
headers={'X-Api-Key': auth, 'Content-Type': 'application/json'}
|
||||
)
|
||||
print(req.text)
|
||||
with open('${self.packages.x86_64-linux.nextdns-rewrites}', 'r') as file:
|
||||
rewrites = json.load(file)
|
||||
|
||||
for profile in rewrites:
|
||||
for rewrite in rewrites[profile]:
|
||||
print(json.dumps(rewrite))
|
||||
req = requests.post(
|
||||
f'https://api.nextdns.io/profiles/{profile}/rewrites', data=json.dumps(rewrite),
|
||||
headers={'X-Api-Key': auth, 'Content-Type': 'application/json'}
|
||||
)
|
||||
print(req.text)
|
||||
'');
|
||||
};
|
||||
|
||||
|
|
|
@ -2,35 +2,35 @@ let
|
|||
appName = "nitter-bot";
|
||||
appImage = "git.gmem.ca/arch/nitter-bot:latest";
|
||||
in
|
||||
{
|
||||
lib,
|
||||
config,
|
||||
kubenix,
|
||||
...
|
||||
}: {
|
||||
kubernetes.resources.statefulSets.nitter-bot.spec = {
|
||||
selector.matchLabels.app = appName;
|
||||
serviceName = appName;
|
||||
template = {
|
||||
metadata.labels.app = appName;
|
||||
spec = {
|
||||
containers = {
|
||||
nitter-bot = {
|
||||
image = appImage;
|
||||
envFrom = [{secretRef.name = "nitter-bot";}];
|
||||
resources = {
|
||||
requests = {
|
||||
cpu = "1m";
|
||||
memory = "32Mi";
|
||||
};
|
||||
limits = {
|
||||
cpu = "1";
|
||||
memory = "128Mi";
|
||||
{
|
||||
lib,
|
||||
config,
|
||||
kubenix,
|
||||
...
|
||||
}: {
|
||||
kubernetes.resources.statefulSets.nitter-bot.spec = {
|
||||
selector.matchLabels.app = appName;
|
||||
serviceName = appName;
|
||||
template = {
|
||||
metadata.labels.app = appName;
|
||||
spec = {
|
||||
containers = {
|
||||
nitter-bot = {
|
||||
image = appImage;
|
||||
envFrom = [{secretRef.name = "nitter-bot";}];
|
||||
resources = {
|
||||
requests = {
|
||||
cpu = "1m";
|
||||
memory = "32Mi";
|
||||
};
|
||||
limits = {
|
||||
cpu = "1";
|
||||
memory = "128Mi";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -4,53 +4,52 @@ let
|
|||
"1002:ab30" # Audio
|
||||
];
|
||||
in
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
options.vfio.enable = with lib;
|
||||
mkEnableOption "Configure the machine for VFIO";
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
options.vfio.enable = with lib;
|
||||
mkEnableOption "Configure the machine for VFIO";
|
||||
|
||||
config = let
|
||||
cfg = config.vfio;
|
||||
in {
|
||||
boot = {
|
||||
kernelModules = [ "kvm-amd" "vfio_pci" "vfio" "vfio_iommu_type1" "kvmfr" ];
|
||||
extraModulePackages = with config.boot.kernelPackages; [
|
||||
kvmfr
|
||||
];
|
||||
extraModprobeConfig = ''
|
||||
# The memory size is calculates in the same way as VM's shmem.
|
||||
options kvmfr static_size_mb=64
|
||||
'';
|
||||
config = let
|
||||
cfg = config.vfio;
|
||||
in {
|
||||
boot = {
|
||||
kernelModules = ["kvm-amd" "vfio_pci" "vfio" "vfio_iommu_type1" "kvmfr"];
|
||||
extraModulePackages = with config.boot.kernelPackages; [
|
||||
kvmfr
|
||||
];
|
||||
extraModprobeConfig = ''
|
||||
# The memory size is calculates in the same way as VM's shmem.
|
||||
options kvmfr static_size_mb=64
|
||||
'';
|
||||
|
||||
kernelParams =
|
||||
[
|
||||
kernelParams = [
|
||||
"amd_iommu=on"
|
||||
"pcie_acs_override=downstream,multifunction"
|
||||
"vfio-pci.ids=1002:744c,1002:ab30"
|
||||
"pcie_aspm=off"
|
||||
"pcie_aspm=off"
|
||||
];
|
||||
};
|
||||
services.udev.extraRules = ''
|
||||
SUBSYSTEM=="kvmfr", OWNER="gsimmer", GROUP="kvm", MODE="0660"
|
||||
'';
|
||||
hardware.opengl.enable = true;
|
||||
virtualisation.spiceUSBRedirection.enable = true;
|
||||
virtualisation.libvirtd = {
|
||||
qemu = {
|
||||
verbatimConfig = ''
|
||||
cgroup_device_acl = [
|
||||
"/dev/null", "/dev/full", "/dev/zero",
|
||||
"/dev/random", "/dev/urandom",
|
||||
"/dev/ptmx", "/dev/kvm", "/dev/kqemu",
|
||||
"/dev/rtc","/dev/hpet", "/dev/vfio/vfio",
|
||||
"/dev/kvmfr0"
|
||||
]
|
||||
'';
|
||||
};
|
||||
services.udev.extraRules = ''
|
||||
SUBSYSTEM=="kvmfr", OWNER="gsimmer", GROUP="kvm", MODE="0660"
|
||||
'';
|
||||
hardware.opengl.enable = true;
|
||||
virtualisation.spiceUSBRedirection.enable = true;
|
||||
virtualisation.libvirtd = {
|
||||
qemu = {
|
||||
verbatimConfig = ''
|
||||
cgroup_device_acl = [
|
||||
"/dev/null", "/dev/full", "/dev/zero",
|
||||
"/dev/random", "/dev/urandom",
|
||||
"/dev/ptmx", "/dev/kvm", "/dev/kqemu",
|
||||
"/dev/rtc","/dev/hpet", "/dev/vfio/vfio",
|
||||
"/dev/kvmfr0"
|
||||
]
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,14 +1,16 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page, on
|
||||
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
age.secrets.dnsmasq-nextdns-profile = {
|
||||
file = ../../secrets/dnsmasq-nextdns-profile.age;
|
||||
|
@ -55,7 +57,7 @@
|
|||
no-resolv = true;
|
||||
bogus-priv = true;
|
||||
strict-order = true;
|
||||
server = ["2a07:a8c1::" "45.90.30.0" "2a07:a8c0::" "45.90.28.0" ];
|
||||
server = ["2a07:a8c1::" "45.90.30.0" "2a07:a8c0::" "45.90.28.0"];
|
||||
conf-file = "${config.age.secrets.dnsmasq-nextdns-profile.path}";
|
||||
};
|
||||
};
|
||||
|
@ -75,5 +77,4 @@
|
|||
};
|
||||
|
||||
system.stateVersion = "23.11"; # Did you read the comment?
|
||||
|
||||
}
|
||||
|
|
|
@ -1,32 +1,32 @@
|
|||
{
|
||||
disko.devices = {
|
||||
disk = {
|
||||
my-disk = {
|
||||
device = "/dev/sda";
|
||||
type = "disk";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
type = "EF00";
|
||||
size = "500M";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
disko.devices = {
|
||||
disk = {
|
||||
my-disk = {
|
||||
device = "/dev/sda";
|
||||
type = "disk";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
type = "EF00";
|
||||
size = "500M";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
};
|
||||
root = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
root = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,22 +1,26 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/profiles/qemu-guest.nix")
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
''${builtins.fetchTarball {
|
||||
url = "https://github.com/nix-community/disko/archive/master.tar.gz";
|
||||
sha256 = "0qyl65hs2j4f5ffj2lv5kb4hc1gradkqvv2j35hbdyiik155l4gn";
|
||||
}}/module.nix''
|
||||
./disk-config.nix
|
||||
];
|
||||
}}/module.nix''
|
||||
./disk-config.nix
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = [];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
|
|
|
@ -1,14 +1,16 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page, on
|
||||
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
age.secrets.dnsmasq-nextdns-profile = {
|
||||
file = ../../secrets/dnsmasq-nextdns-profile.age;
|
||||
|
@ -29,11 +31,13 @@
|
|||
hostName = "dnsmasq-cache"; # Define your hostname.
|
||||
useDHCP = false;
|
||||
|
||||
interfaces.enp6s18.ipv4.addresses = [ {
|
||||
address = "192.168.50.87";
|
||||
prefixLength = 24;
|
||||
} ];
|
||||
nameservers = [ "1.1.1.1" "1.0.0.1" ];
|
||||
interfaces.enp6s18.ipv4.addresses = [
|
||||
{
|
||||
address = "192.168.50.87";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
nameservers = ["1.1.1.1" "1.0.0.1"];
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowedUDPPorts = [53];
|
||||
|
@ -63,7 +67,7 @@
|
|||
no-resolv = true;
|
||||
bogus-priv = true;
|
||||
strict-order = true;
|
||||
server = ["2a07:a8c1::" "45.90.30.0" "2a07:a8c0::" "45.90.28.0" ];
|
||||
server = ["2a07:a8c1::" "45.90.30.0" "2a07:a8c0::" "45.90.28.0"];
|
||||
conf-file = "${config.age.secrets.dnsmasq-nextdns-profile.path}";
|
||||
};
|
||||
};
|
||||
|
@ -83,5 +87,4 @@
|
|||
};
|
||||
|
||||
system.stateVersion = "23.11"; # Did you read the comment?
|
||||
|
||||
}
|
||||
|
|
|
@ -1,32 +1,32 @@
|
|||
{
|
||||
disko.devices = {
|
||||
disk = {
|
||||
my-disk = {
|
||||
device = "/dev/sda";
|
||||
type = "disk";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
type = "EF00";
|
||||
size = "500M";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
disko.devices = {
|
||||
disk = {
|
||||
my-disk = {
|
||||
device = "/dev/sda";
|
||||
type = "disk";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
type = "EF00";
|
||||
size = "500M";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
};
|
||||
root = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
root = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,22 +1,26 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/profiles/qemu-guest.nix")
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
''${builtins.fetchTarball {
|
||||
url = "https://github.com/nix-community/disko/archive/master.tar.gz";
|
||||
sha256 = "0qyl65hs2j4f5ffj2lv5kb4hc1gradkqvv2j35hbdyiik155l4gn";
|
||||
}}/module.nix''
|
||||
./disk-config.nix
|
||||
];
|
||||
}}/module.nix''
|
||||
./disk-config.nix
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = [];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
|
|
|
@ -104,7 +104,6 @@
|
|||
max_chunk_age = "1h";
|
||||
chunk_target_size = 999999;
|
||||
chunk_retain_period = "30s";
|
||||
max_transfer_retries = 0;
|
||||
};
|
||||
|
||||
schema_config = {
|
||||
|
@ -127,7 +126,6 @@
|
|||
active_index_directory = "/var/lib/loki/boltdb-shipper-active";
|
||||
cache_location = "/var/lib/loki/boltdb-shipper-cache";
|
||||
cache_ttl = "24h";
|
||||
shared_store = "filesystem";
|
||||
};
|
||||
|
||||
filesystem = {
|
||||
|
@ -140,10 +138,6 @@
|
|||
reject_old_samples_max_age = "168h";
|
||||
};
|
||||
|
||||
chunk_store_config = {
|
||||
max_look_back_period = "0s";
|
||||
};
|
||||
|
||||
table_manager = {
|
||||
retention_deletes_enabled = false;
|
||||
retention_period = "0s";
|
||||
|
@ -151,7 +145,6 @@
|
|||
|
||||
compactor = {
|
||||
working_directory = "/var/lib/loki";
|
||||
shared_store = "filesystem";
|
||||
compactor_ring = {
|
||||
kvstore = {
|
||||
store = "inmemory";
|
||||
|
@ -329,10 +322,6 @@
|
|||
job_name = "forgejo";
|
||||
static_configs = [{targets = ["git.gmem.ca"];}];
|
||||
}
|
||||
{
|
||||
job_name = "coredns";
|
||||
static_configs = [{targets = ["vancouver:9253"];}];
|
||||
}
|
||||
{
|
||||
job_name = "healthchecks";
|
||||
scrape_interval = "60s";
|
||||
|
@ -344,6 +333,11 @@
|
|||
scrape_interval = "60s";
|
||||
static_configs = [{targets = ["vancouver:6534"];}];
|
||||
}
|
||||
{
|
||||
job_name = "dnsmasq";
|
||||
scrape_interval = "10s";
|
||||
static_configs = [{targets = ["100.102.19.124:9153" "100.92.113.87:9153"];}];
|
||||
}
|
||||
{
|
||||
job_name = "blackbox_home";
|
||||
metrics_path = "/probe";
|
||||
|
|
Loading…
Reference in New Issue