Compare commits
9 commits
0d3dda6646
...
6a02df9e1f
Author | SHA1 | Date | |
---|---|---|---|
Gabriel Simmer | 6a02df9e1f | ||
Gabriel Simmer | d9d9da4bf7 | ||
Gabriel Simmer | 42dc3dafad | ||
Gabriel Simmer | c0dddf0cb9 | ||
Gabriel Simmer | 7dfc818b6c | ||
Gabriel Simmer | cd5536c15a | ||
Gabriel Simmer | fdde3dbbbb | ||
Gabriel Simmer | a3780cae33 | ||
Gabriel Simmer | 91ae8b665f |
76
flake.lock
76
flake.lock
|
@ -134,11 +134,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1698882062,
|
"lastModified": 1701473968,
|
||||||
"narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
|
"narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-parts",
|
"repo": "flake-parts",
|
||||||
"rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
|
"rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -167,11 +167,11 @@
|
||||||
"systems": "systems_2"
|
"systems": "systems_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694529238,
|
"lastModified": 1701680307,
|
||||||
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
|
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
|
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -223,11 +223,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699663185,
|
"lastModified": 1701728041,
|
||||||
"narHash": "sha256-hI3CZPINBWstkMN+ptyzWibw5eRtFCiEvO7zR61bGBs=",
|
"narHash": "sha256-x0pyrI1vC8evVDxCxyO6olOyr4wlFg9+VS3C3p4xFYQ=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "691cbcc03af6ad1b5384c0e0e0b5f2298f58c5ce",
|
"rev": "ac7216918cd65f3824ba7817dea8f22e61221eaf",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -244,11 +244,11 @@
|
||||||
"treefmt": "treefmt"
|
"treefmt": "treefmt"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699581775,
|
"lastModified": 1700116223,
|
||||||
"narHash": "sha256-Pld/UXlBcIDnQMY0JkDzChJkbof/zEcRkaiXtzvArEE=",
|
"narHash": "sha256-Pld/UXlBcIDnQMY0JkDzChJkbof/zEcRkaiXtzvArEE=",
|
||||||
"owner": "hall",
|
"owner": "hall",
|
||||||
"repo": "kubenix",
|
"repo": "kubenix",
|
||||||
"rev": "fceda8451461ee5e623815414f76885df77b7217",
|
"rev": "e4d036576436b9983216584a89388af3da995043",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -263,11 +263,11 @@
|
||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699186103,
|
"lastModified": 1701901779,
|
||||||
"narHash": "sha256-B13wpM9/sLYBO2TjxFYLhPUD9v3LVFVOmH12pGB3E0w=",
|
"narHash": "sha256-niromWK2vW1p/pzbsMjpBq2wi/yR1UgYXplvIG2EoI4=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "lib-aggregate",
|
"repo": "lib-aggregate",
|
||||||
"rev": "99ff947f29d9c89fe26072b1927e594ee45ccda0",
|
"rev": "967acb55282cb9fa9c3c91d4ca91c92b7befc7bb",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -284,11 +284,11 @@
|
||||||
"treefmt-nix": "treefmt-nix"
|
"treefmt-nix": "treefmt-nix"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699261003,
|
"lastModified": 1701852992,
|
||||||
"narHash": "sha256-wkOVJ2wkPpTYqipDF693bEAUQ838xjloUcs6WNsTMlw=",
|
"narHash": "sha256-9k+nGxwpxuyocsvitsx1Y2SGI/FScVzXjLyGsVjE/wo=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nix-eval-jobs",
|
"repo": "nix-eval-jobs",
|
||||||
"rev": "2b55f473c960d38a40678d9831fc1dcb87615a98",
|
"rev": "0f8e80f29287a7c01144603fb0030fdd7216dd98",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -306,11 +306,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1698974481,
|
"lastModified": 1701208414,
|
||||||
"narHash": "sha256-yPncV9Ohdz1zPZxYHQf47S8S0VrnhV7nNhCawY46hDA=",
|
"narHash": "sha256-xrQ0FyhwTZK6BwKhahIkUVZhMNk21IEI1nUcWSONtpo=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nix-github-actions",
|
"repo": "nix-github-actions",
|
||||||
"rev": "4bb5e752616262457bc7ca5882192a564c0472d2",
|
"rev": "93e39cc1a087d65bcf7a132e75a650c44dd2b734",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -360,11 +360,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696058303,
|
"lastModified": 1701689616,
|
||||||
"narHash": "sha256-eNqKWpF5zG0SrgbbtljFOrRgFgRzCc4++TMFADBMLnc=",
|
"narHash": "sha256-ewnfgvRy73HoP5KnYmy1Rcr4m4yShvsb6TCCaKoW8pc=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixos-generators",
|
"repo": "nixos-generators",
|
||||||
"rev": "150f38bd1e09e20987feacb1b0d5991357532fb5",
|
"rev": "246219bc21b943c6f6812bb7744218ba0df08600",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -391,11 +391,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-lib": {
|
"nixpkgs-lib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699145078,
|
"lastModified": 1701564385,
|
||||||
"narHash": "sha256-OO1b3jiMUGjafD2ErkbTPVgUlhmyWo2Z5i0k2kD1ViU=",
|
"narHash": "sha256-um5ce7hnsQ8Do+oKf90zGKVmEqufr4Q6T8zfY9Hon38=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs.lib",
|
"repo": "nixpkgs.lib",
|
||||||
"rev": "174d7dc67189bc4a53f1bffb4fb9d0f13b79cd3c",
|
"rev": "152c00fc19bc45af5dd65bd41d1d020c2ba0b4ca",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -414,11 +414,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699629370,
|
"lastModified": 1701902161,
|
||||||
"narHash": "sha256-HwoRInCXXdEUcfXEnlWb7v4nuQLUo5dT9ZWTb2C1Vik=",
|
"narHash": "sha256-xi5JKgNaNl5XG/tstZ+bA3KpgB+qSGasJinSJP37PBg=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs-wayland",
|
"repo": "nixpkgs-wayland",
|
||||||
"rev": "62a9b65dfb8c182530887d567a7c796fe2bb514e",
|
"rev": "916f946eb68f5ee3528c628752bd2e85366d8886",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -477,11 +477,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_5": {
|
"nixpkgs_5": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699343069,
|
"lastModified": 1701693815,
|
||||||
"narHash": "sha256-s7BBhyLA6MI6FuJgs4F/SgpntHBzz40/qV0xLPW6A1Q=",
|
"narHash": "sha256-7BkrXykVWfkn6+c1EhFA3ko4MLi3gVG0p9G96PNnKTM=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "ec750fd01963ab6b20ee1f0cb488754e8036d89d",
|
"rev": "09ec6a0881e1a36c29d67497693a67a16f4da573",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -493,11 +493,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_6": {
|
"nixpkgs_6": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699236715,
|
"lastModified": 1701847270,
|
||||||
"narHash": "sha256-oel+a6B5mBO7vA1A/I9A9VTK2jW5shnYAuu08RYhmxQ=",
|
"narHash": "sha256-ttPWHy1NZwJzSzY7OmofFNyrm9kWc+RFFHpJGeQ4kWw=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "0d93ec62e06faec6c52331a8a87bd5721b38ce14",
|
"rev": "9ed8ade77aef706a03d8cc3a5ad4f60848ac59a7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -631,11 +631,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1698438538,
|
"lastModified": 1701682826,
|
||||||
"narHash": "sha256-AWxaKTDL3MtxaVTVU5lYBvSnlspOS0Fjt8GxBgnU0Do=",
|
"narHash": "sha256-2lxeTUGs8Jzz/wjLgWYmZoXn60BYNRMzwHFtxNFUDLU=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"rev": "5deb8dc125a9f83b65ca86cf0c8167c46593e0b1",
|
"rev": "affe7fc3f5790e1d0b5ba51bcff0f7ebe465e92d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -77,33 +77,7 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
Reading = [
|
|
||||||
{ FreshRSS = {
|
|
||||||
icon = "freshrss.png";
|
|
||||||
href = "https://freshrss.gmem.ca";
|
|
||||||
description = "FreshRSS RSS Reader";
|
|
||||||
widget = {
|
|
||||||
type = "freshrss";
|
|
||||||
url = "https://freshrss.gmem.ca";
|
|
||||||
username = "arch";
|
|
||||||
password = "{{HOMEPAGE_VAR_FRESHRSS_PASSWORD}}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{ "Lobste.rs" = {
|
|
||||||
href = "https://lobste.rs";
|
|
||||||
description = "News aggregator";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{ "Hacker News" = {
|
|
||||||
href = "https://news.ycombinator.com";
|
|
||||||
description = "VC news aggregator";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
"Personal Infrastructure" = [
|
"Personal Infrastructure" = [
|
||||||
{ authentik = {
|
{ authentik = {
|
||||||
icon = "authentik.png";
|
icon = "authentik.png";
|
||||||
|
@ -111,6 +85,30 @@
|
||||||
description = "OIDC SSO";
|
description = "OIDC SSO";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
{ Tailscale = {
|
||||||
|
icon = "tailscale.png";
|
||||||
|
href = "https://login.tailscale.com";
|
||||||
|
description = "VPN provider";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{ Git = {
|
||||||
|
icon = "forgejo.png";
|
||||||
|
href = "https://git.gmem.ca";
|
||||||
|
description = "Git forge";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{ Grafana = {
|
||||||
|
icon = "grafana.png";
|
||||||
|
href = "https://grafana.gmem.ca";
|
||||||
|
description = "Monitoring & metrics";
|
||||||
|
widget = {
|
||||||
|
type = "grafana";
|
||||||
|
url = "https://grafana.gmem.ca";
|
||||||
|
username = "api@localhost";
|
||||||
|
password = "{{HOMEPAGE_VAR_GRAFANA_PASSWORD}}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
{ NextDNS = {
|
{ NextDNS = {
|
||||||
icon = "nextdns.png";
|
icon = "nextdns.png";
|
||||||
href = "https://my.nextdns.io";
|
href = "https://my.nextdns.io";
|
||||||
|
@ -134,16 +132,30 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{ Tailscale = {
|
];
|
||||||
icon = "tailscale.png";
|
}
|
||||||
href = "https://login.tailscale.com";
|
{
|
||||||
description = "VPN provider";
|
Reading = [
|
||||||
|
{ FreshRSS = {
|
||||||
|
icon = "freshrss.png";
|
||||||
|
href = "https://freshrss.gmem.ca";
|
||||||
|
description = "FreshRSS RSS Reader";
|
||||||
|
widget = {
|
||||||
|
type = "freshrss";
|
||||||
|
url = "https://freshrss.gmem.ca";
|
||||||
|
username = "arch";
|
||||||
|
password = "{{HOMEPAGE_VAR_FRESHRSS_PASSWORD}}";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{ Git = {
|
{ "Lobste.rs" = {
|
||||||
icon = "forgejo.png";
|
href = "https://lobste.rs";
|
||||||
href = "https://git.gmem.ca";
|
description = "News aggregator";
|
||||||
description = "Git forge";
|
};
|
||||||
|
}
|
||||||
|
{ "Hacker News" = {
|
||||||
|
href = "https://news.ycombinator.com";
|
||||||
|
description = "VC news aggregator";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
@ -248,6 +260,8 @@
|
||||||
base = "https://home.gmem.ca";
|
base = "https://home.gmem.ca";
|
||||||
layout.Media.style = "row";
|
layout.Media.style = "row";
|
||||||
layout.Media.columns = "3";
|
layout.Media.columns = "3";
|
||||||
|
layout."Personal Infrastructure".style = "row";
|
||||||
|
layout."Personal Infrastructure".columns = "3";
|
||||||
layout."Backup Status".style = "row";
|
layout."Backup Status".style = "row";
|
||||||
layout."Backup Status".columns = "3";
|
layout."Backup Status".columns = "3";
|
||||||
};
|
};
|
||||||
|
|
|
@ -4,5 +4,6 @@
|
||||||
(import ./nginx.nix)
|
(import ./nginx.nix)
|
||||||
(import ./tclip.nix)
|
(import ./tclip.nix)
|
||||||
(import ./vrchat-prometheus-exporter.nix)
|
(import ./vrchat-prometheus-exporter.nix)
|
||||||
|
(import ./overseerr.nix)
|
||||||
(import ./homepage.nix) ];
|
(import ./homepage.nix) ];
|
||||||
}
|
}
|
||||||
|
|
78
homelab/overseerr.nix
Normal file
78
homelab/overseerr.nix
Normal file
|
@ -0,0 +1,78 @@
|
||||||
|
let
|
||||||
|
appName = "overseerr";
|
||||||
|
appImage = "sctx/overseerr";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
kubernetes.resources.services.overseerr = {
|
||||||
|
spec = {
|
||||||
|
selector.app = appName;
|
||||||
|
ports.http = {
|
||||||
|
port = 5055;
|
||||||
|
targetPort = 5055;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
kubernetes.resources.statefulSets.overseerr.spec = {
|
||||||
|
selector.matchLabels.app = appName;
|
||||||
|
serviceName = appName;
|
||||||
|
template = {
|
||||||
|
metadata.labels.app = appName;
|
||||||
|
spec = {
|
||||||
|
volumes = {
|
||||||
|
config.configMap.name = "overseerr";
|
||||||
|
};
|
||||||
|
containers = {
|
||||||
|
overseerr = {
|
||||||
|
image = appImage;
|
||||||
|
volumeMounts = [
|
||||||
|
{ name = "data"; mountPath = "/app/config"; }
|
||||||
|
];
|
||||||
|
ports.metrics.containerPort = 5055;
|
||||||
|
resources = {
|
||||||
|
requests = {
|
||||||
|
cpu = "50m";
|
||||||
|
memory = "32Mi";
|
||||||
|
};
|
||||||
|
limits = {
|
||||||
|
cpu = "500m";
|
||||||
|
memory = "256Mi";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
volumeClaimTemplates = [
|
||||||
|
{ metadata.name = "data";
|
||||||
|
spec = {
|
||||||
|
storageClassName = "nfs-client";
|
||||||
|
accessModes = [ "ReadWriteOnce" ];
|
||||||
|
resources.requests.storage = "1Gi";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
kubernetes.resources.ingresses.overseerr = {
|
||||||
|
metadata = {
|
||||||
|
name = appName;
|
||||||
|
annotations = {
|
||||||
|
"cert-manager.io/issuer" = "le-issuer";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
spec = {
|
||||||
|
tls = [ { hosts = [ "request-media.gmem.ca" ]; secretName = "gmem-ca-wildcard"; } ];
|
||||||
|
rules = [
|
||||||
|
{
|
||||||
|
host = "request-media.gmem.ca";
|
||||||
|
http.paths = [
|
||||||
|
{ path = "/"; pathType = "Prefix";
|
||||||
|
backend.service = {
|
||||||
|
name = appName;
|
||||||
|
port.name = "http"; };
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -19,7 +19,14 @@ spec:
|
||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
backups:
|
backups:
|
||||||
pgbackrest:
|
pgbackrest:
|
||||||
|
manual:
|
||||||
|
repoName: repo1
|
||||||
|
options:
|
||||||
|
- --type=full
|
||||||
image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.47-1
|
image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.47-1
|
||||||
|
global:
|
||||||
|
repo1-retention-full: "14"
|
||||||
|
repo1-retention-full-type: time
|
||||||
repos:
|
repos:
|
||||||
- name: repo1
|
- name: repo1
|
||||||
volume:
|
volume:
|
||||||
|
@ -29,6 +36,9 @@ spec:
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
|
schedules:
|
||||||
|
full: "0 1 * * 0"
|
||||||
|
differential: "0 1 * * 1-6"
|
||||||
monitoring:
|
monitoring:
|
||||||
pgmonitor:
|
pgmonitor:
|
||||||
exporter:
|
exporter:
|
||||||
|
|
|
@ -236,14 +236,20 @@ $env.config = {
|
||||||
use_kitty_protocol: true # enables keyboard enhancement protocol implemented by kitty console, only if your terminal support this
|
use_kitty_protocol: true # enables keyboard enhancement protocol implemented by kitty console, only if your terminal support this
|
||||||
|
|
||||||
hooks: {
|
hooks: {
|
||||||
pre_prompt: [{ null }] # run before the prompt is shown
|
|
||||||
pre_execution: [{ null }] # run before the repl input is run
|
pre_execution: [{ null }] # run before the repl input is run
|
||||||
env_change: {
|
env_change: {
|
||||||
PWD: [{|before, after| null }] # run if the PWD environment is different since the last repl input
|
PWD: [{|before, after| null }] # run if the PWD environment is different since the last repl input
|
||||||
}
|
}
|
||||||
display_output: "if (term size).columns >= 100 { table -e } else { table }" # run to display the output of a pipeline
|
display_output: "if (term size).columns >= 100 { table -e } else { table }" # run to display the output of a pipeline
|
||||||
command_not_found: { null } # return an error message when a command is not found
|
command_not_found: { null } # return an error message when a command is not found
|
||||||
}
|
pre_prompt: [{ ||
|
||||||
|
if (which direnv | is-empty) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
direnv export json | from json | default {} | load-env
|
||||||
|
}]
|
||||||
|
}
|
||||||
|
|
||||||
menus: [
|
menus: [
|
||||||
# Configuration for default nushell menus
|
# Configuration for default nushell menus
|
||||||
|
|
|
@ -9,32 +9,18 @@
|
||||||
# Bootloader
|
# Bootloader
|
||||||
boot = {
|
boot = {
|
||||||
loader = {
|
loader = {
|
||||||
grub = {
|
systemd-boot.enable = true;
|
||||||
enable = true;
|
|
||||||
device = "nodev";
|
|
||||||
useOSProber = true;
|
|
||||||
efiSupport = true;
|
|
||||||
enableCryptodisk = true;
|
|
||||||
};
|
|
||||||
efi = {
|
efi = {
|
||||||
canTouchEfiVariables = true;
|
canTouchEfiVariables = true;
|
||||||
efiSysMountPoint = "/boot/efi";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
tmp.cleanOnBoot = true;
|
||||||
binfmt.emulatedSystems = [ "aarch64-linux" ];
|
binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||||
extraModulePackages = [
|
extraModulePackages = [
|
||||||
config.boot.kernelPackages.v4l2loopback
|
config.boot.kernelPackages.v4l2loopback
|
||||||
];
|
];
|
||||||
kernelPackages = pkgs.linuxPackages_zen;
|
kernelPackages = pkgs.linuxPackages_zen;
|
||||||
kernelModules = [ "amdgpu" "coretemp" "kvm-amd" "v4l2loopback" ];
|
kernelModules = [ "amdgpu" "coretemp" "kvm-amd" "v4l2loopback" ];
|
||||||
|
|
||||||
initrd.secrets = {
|
|
||||||
"/crypto_keyfile.bin" = null;
|
|
||||||
};
|
|
||||||
initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1" = {
|
|
||||||
device = "/dev/disk/by-uuid/63100442-37df-4579-a787-cb2f2c67b3d1";
|
|
||||||
keyFile = "/crypto_keyfile.bin";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
time.hardwareClockInLocalTime = true;
|
time.hardwareClockInLocalTime = true;
|
||||||
|
@ -54,15 +40,16 @@
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
systemd.services.NetworkManager-wait-online.enable = false;
|
systemd.services.NetworkManager-wait-online.enable = false;
|
||||||
networking = {
|
networking = {
|
||||||
|
hostId = "3c26267f";
|
||||||
hostName = "LONDON";
|
hostName = "LONDON";
|
||||||
networkmanager.enable = true;
|
networkmanager.enable = true;
|
||||||
firewall = {
|
firewall = {
|
||||||
enable = true;
|
enable = true;
|
||||||
allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
|
allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
|
||||||
allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
|
allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
|
||||||
allowedTCPPorts = [ 7000 7100 22000 8000 ];
|
allowedTCPPorts = [ 7000 7100 22000 8000 3000 ];
|
||||||
allowedUDPPorts = [ 6000 6001 7011 41641 3478 22000 21027 ];
|
allowedUDPPorts = [ 6000 6001 7011 41641 3478 22000 21027 ];
|
||||||
trustedInterfaces = [ "tailscale0" ];
|
trustedInterfaces = [ "enp4s0" "tailscale0" "docker0" ];
|
||||||
checkReversePath = "loose";
|
checkReversePath = "loose";
|
||||||
};
|
};
|
||||||
nftables.enable = true;
|
nftables.enable = true;
|
||||||
|
@ -108,12 +95,12 @@
|
||||||
overrideFolders = false;
|
overrideFolders = false;
|
||||||
user = "gsimmer";
|
user = "gsimmer";
|
||||||
dataDir = "/home/gsimmer";
|
dataDir = "/home/gsimmer";
|
||||||
guiAddress = "100.93.188.51:8384";
|
guiAddress = "100.98.191.127:8384";
|
||||||
};
|
};
|
||||||
usbmuxd.enable = true;
|
usbmuxd.enable = true;
|
||||||
prometheus.exporters.node = {
|
prometheus.exporters.node = {
|
||||||
enable = true;
|
enable = true;
|
||||||
listenAddress = "100.93.188.51";
|
listenAddress = "100.98.191.127";
|
||||||
enabledCollectors = [
|
enabledCollectors = [
|
||||||
"systemd" "processes"
|
"systemd" "processes"
|
||||||
];
|
];
|
||||||
|
@ -176,6 +163,7 @@
|
||||||
xdg.portal.enable = true;
|
xdg.portal.enable = true;
|
||||||
|
|
||||||
programs = {
|
programs = {
|
||||||
|
sway.enable = true;
|
||||||
gamemode.enable = true;
|
gamemode.enable = true;
|
||||||
zsh.enable = true;
|
zsh.enable = true;
|
||||||
fish.enable = true;
|
fish.enable = true;
|
||||||
|
@ -218,10 +206,10 @@
|
||||||
|
|
||||||
fonts = {
|
fonts = {
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
ibm-plex
|
ibm-plex
|
||||||
jetbrains-mono
|
jetbrains-mono
|
||||||
emojione
|
emojione
|
||||||
font-awesome
|
font-awesome
|
||||||
];
|
];
|
||||||
enableDefaultPackages = true;
|
enableDefaultPackages = true;
|
||||||
};
|
};
|
||||||
|
@ -248,6 +236,7 @@
|
||||||
glmark2
|
glmark2
|
||||||
libnotify
|
libnotify
|
||||||
emojione
|
emojione
|
||||||
|
swtpm
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -16,14 +16,14 @@
|
||||||
[
|
[
|
||||||
(import (builtins.fetchTarball {
|
(import (builtins.fetchTarball {
|
||||||
url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
|
url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
|
||||||
sha256 = "156jbn5s9rv7qjy5q6d9yq56zmxv07i5viqs0ryvhazdg1lzw311";
|
sha256 = "03nrh6axxckjsdy8jykqpdsvq7dik0x04pybvwxxy9sd04b8kdh2";
|
||||||
})) discordOverlay];
|
})) discordOverlay];
|
||||||
};
|
};
|
||||||
home = {
|
home = {
|
||||||
username = "gsimmer";
|
username = "gsimmer";
|
||||||
homeDirectory = "/home/gsimmer";
|
homeDirectory = "/home/gsimmer";
|
||||||
};
|
};
|
||||||
|
|
||||||
services.pueue = {
|
services.pueue = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
|
@ -86,7 +86,6 @@
|
||||||
|
|
||||||
eza = {
|
eza = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableAliases = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
bat = {
|
bat = {
|
||||||
|
@ -124,6 +123,7 @@
|
||||||
discord
|
discord
|
||||||
mangohud
|
mangohud
|
||||||
comma
|
comma
|
||||||
|
looking-glass-client
|
||||||
];
|
];
|
||||||
|
|
||||||
# This value determines the Home Manager release that your
|
# This value determines the Home Manager release that your
|
||||||
|
|
|
@ -8,30 +8,23 @@
|
||||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
|
boot.initrd.availableKernelModules = [ "nvme" "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
|
||||||
boot.initrd.kernelModules = [ ];
|
boot.initrd.kernelModules = [ ];
|
||||||
boot.kernelModules = [ "kvm-amd" ];
|
boot.kernelModules = [ "kvm-amd" ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" =
|
||||||
{ device = "/dev/disk/by-uuid/cd6f3e34-65ce-4be5-b4d4-6818e70dcff3";
|
{ device = "/dev/disk/by-uuid/736c20e1-f11a-4af7-88f2-bba7b0f09939";
|
||||||
fsType = "ext4";
|
fsType = "xfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.initrd.luks.devices."luks-0cd5d85e-e232-4f75-a8b3-087737657fef".device = "/dev/disk/by-uuid/0cd5d85e-e232-4f75-a8b3-087737657fef";
|
fileSystems."/boot" =
|
||||||
|
{ device = "/dev/disk/by-uuid/2A2C-A8CE";
|
||||||
fileSystems."/boot/efi" =
|
|
||||||
{ device = "/dev/disk/by-uuid/AB23-FA19";
|
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/home/gsimmer/FHG" = {
|
|
||||||
device = "/dev/disk/by-label/FHG";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices =
|
swapDevices =
|
||||||
[ { device = "/dev/disk/by-uuid/c50f2d93-2f31-4afc-ad26-4730a8f4b7f0"; }
|
[ { device = "/dev/disk/by-uuid/41c7d0e1-e015-4d78-a0fb-f039a7f648ef"; }
|
||||||
];
|
];
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
@ -39,9 +32,9 @@
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
networking.useDHCP = lib.mkDefault true;
|
networking.useDHCP = lib.mkDefault true;
|
||||||
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
|
# networking.interfaces.enp14s0.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.wlp15s0.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
# high-resolution display
|
|
||||||
# hardware.video.hidpi.enable = lib.mkDefault true;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,37 +0,0 @@
|
||||||
let
|
|
||||||
# RTX 3070 Ti
|
|
||||||
gpuIDs = [
|
|
||||||
"10de:1b81" # Graphics
|
|
||||||
"10de:10f0" # Audio
|
|
||||||
];
|
|
||||||
in { pkgs, lib, config, ... }: {
|
|
||||||
options.vfio.enable = with lib;
|
|
||||||
mkEnableOption "Configure the machine for VFIO";
|
|
||||||
|
|
||||||
config = let cfg = config.vfio;
|
|
||||||
in {
|
|
||||||
boot = {
|
|
||||||
initrd.kernelModules = [
|
|
||||||
"vfio_pci"
|
|
||||||
"vfio"
|
|
||||||
"vfio_iommu_type1"
|
|
||||||
|
|
||||||
"nvidia"
|
|
||||||
"nvidia_modeset"
|
|
||||||
"nvidia_uvm"
|
|
||||||
"nvidia_drm"
|
|
||||||
];
|
|
||||||
|
|
||||||
kernelParams = [
|
|
||||||
# enable IOMMU
|
|
||||||
"amd_iommu=on"
|
|
||||||
"pcie_acs_override=downstream,multifunction"
|
|
||||||
] ++ lib.optional cfg.enable
|
|
||||||
# isolate the GPU
|
|
||||||
("vfio-pci.ids=" + lib.concatStringsSep "," gpuIDs);
|
|
||||||
};
|
|
||||||
|
|
||||||
hardware.opengl.enable = true;
|
|
||||||
virtualisation.spiceUSBRedirection.enable = true;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -286,6 +286,12 @@
|
||||||
port = 9001;
|
port = 9001;
|
||||||
extraFlags = [ "--web.enable-remote-write-receiver" ];
|
extraFlags = [ "--web.enable-remote-write-receiver" ];
|
||||||
scrapeConfigs = [
|
scrapeConfigs = [
|
||||||
|
{
|
||||||
|
job_name = "proxmox";
|
||||||
|
metrics_path = "/pve";
|
||||||
|
params = { "target" = [ "localhost" ]; };
|
||||||
|
static_configs = [ { targets = [ "proxmox:9221" ]; } ];
|
||||||
|
}
|
||||||
{
|
{
|
||||||
job_name = "personal_hardware";
|
job_name = "personal_hardware";
|
||||||
static_configs = [ { targets = [ "london:9100" "vancouver:9100" "localhost:9100" ]; } ];
|
static_configs = [ { targets = [ "london:9100" "vancouver:9100" "localhost:9100" ]; } ];
|
||||||
|
|
|
@ -84,8 +84,8 @@
|
||||||
environmentFile = config.age.secrets.restic-b2-credentials.path;
|
environmentFile = config.age.secrets.restic-b2-credentials.path;
|
||||||
repository = "s3:s3.us-west-000.backblazeb2.com/gsimmer-backup";
|
repository = "s3:s3.us-west-000.backblazeb2.com/gsimmer-backup";
|
||||||
paths = [
|
paths = [
|
||||||
"/tank/gabriel/projects"
|
"/tank/gsimmer/projects"
|
||||||
"/tank/gabriel/org"
|
"/tank/gsimmer/org"
|
||||||
"/tank/gsimmer/Backup/Pictures"
|
"/tank/gsimmer/Backup/Pictures"
|
||||||
"/tank/gsimmer/Photos"
|
"/tank/gsimmer/Photos"
|
||||||
"/tank/shared"
|
"/tank/shared"
|
||||||
|
@ -313,23 +313,6 @@
|
||||||
proxyPass = "http://127.0.0.1:8973/";
|
proxyPass = "http://127.0.0.1:8973/";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
virtualHosts."request-media.gmem.ca" = {
|
|
||||||
enableACME = true;
|
|
||||||
addSSL = true;
|
|
||||||
acmeRoot = null;
|
|
||||||
locations."/" = {
|
|
||||||
extraConfig =
|
|
||||||
''
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
|
|
||||||
client_max_body_size 100M;
|
|
||||||
'';
|
|
||||||
proxyPass = "http://127.0.0.1:5055/";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
virtualHosts."flood.gmem.ca" = {
|
virtualHosts."flood.gmem.ca" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
addSSL = true;
|
addSSL = true;
|
||||||
|
@ -344,7 +327,7 @@
|
||||||
|
|
||||||
client_max_body_size 100M;
|
client_max_body_size 100M;
|
||||||
'';
|
'';
|
||||||
proxyPass = "http://192.168.122.185:3000/";
|
proxyPass = "http://192.168.50.205:3000/";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -433,7 +416,7 @@
|
||||||
daily = 2;
|
daily = 2;
|
||||||
monthly = 2;
|
monthly = 2;
|
||||||
};
|
};
|
||||||
"Primary/gitea" = {
|
"Primary/forgejo" = {
|
||||||
autoprune = true;
|
autoprune = true;
|
||||||
autosnap = true;
|
autosnap = true;
|
||||||
daily = 2;
|
daily = 2;
|
||||||
|
@ -483,7 +466,6 @@
|
||||||
cifs-utils
|
cifs-utils
|
||||||
cloudflared
|
cloudflared
|
||||||
bat
|
bat
|
||||||
virtiofsd
|
|
||||||
gnupg
|
gnupg
|
||||||
pinentry
|
pinentry
|
||||||
];
|
];
|
||||||
|
@ -548,7 +530,6 @@
|
||||||
setSocketVariable = true;
|
setSocketVariable = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
libvirtd.enable = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
virtualisation.oci-containers.containers = {
|
virtualisation.oci-containers.containers = {
|
||||||
|
|
|
@ -18,13 +18,6 @@
|
||||||
tailscale
|
tailscale
|
||||||
];
|
];
|
||||||
|
|
||||||
services.coder = {
|
|
||||||
enable = true;
|
|
||||||
group = "docker";
|
|
||||||
listenAddress = "0.0.0.0:3000";
|
|
||||||
package = (pkgs.callPackage ./coder.nix {});
|
|
||||||
};
|
|
||||||
|
|
||||||
services.gitea-actions-runner = {
|
services.gitea-actions-runner = {
|
||||||
package = pkgs.forgejo-actions-runner;
|
package = pkgs.forgejo-actions-runner;
|
||||||
instances = {
|
instances = {
|
||||||
|
@ -35,7 +28,7 @@
|
||||||
"debian-latest-arm:docker://node:18-bullseye"
|
"debian-latest-arm:docker://node:18-bullseye"
|
||||||
];
|
];
|
||||||
url = "https://git.gmem.ca";
|
url = "https://git.gmem.ca";
|
||||||
token = "rclEuf0ZKhWKe7IhvWZqgJpb1y84iYBJsJi7Wslh";
|
token = "dcSqNPRfeAFjAA2NUzZRbO4Q2k1L2WOOCAEAhPR4";
|
||||||
settings = {
|
settings = {
|
||||||
cache.port = 4328;
|
cache.port = 4328;
|
||||||
};
|
};
|
||||||
|
@ -62,9 +55,13 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users = {
|
users.users = {
|
||||||
root.openssh.authorizedKeys.keys = [
|
root.openssh.authorizedKeys.keys = let
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr"
|
authorizedKeys = pkgs.fetchurl {
|
||||||
];
|
url = "https://gmem.ca/ssh";
|
||||||
|
hash = "sha256-7PpFDgWVfp26c9PuW+2s3O8MBAODtHr4q7WU/l3BoG4=";
|
||||||
|
};
|
||||||
|
in pkgs.lib.splitString "\n" (builtins.readFile
|
||||||
|
authorizedKeys);
|
||||||
};
|
};
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
docker = {
|
docker = {
|
||||||
|
|
Loading…
Reference in a new issue