Compare commits
No commits in common. "a8372897206d97ef82bed710f9be8c8cf1ea25a2" and "99ff6f1f96d315afafb290c404b978c58eeac053" have entirely different histories.
a837289720
...
99ff6f1f96
146
dns/dns.nix
146
dns/dns.nix
|
@ -3,25 +3,36 @@
|
||||||
zones = {
|
zones = {
|
||||||
"gmem.ca" =
|
"gmem.ca" =
|
||||||
{
|
{
|
||||||
"grafana" = {
|
"test" = {
|
||||||
a.data = ["91.107.206.145"];
|
aaaa = {
|
||||||
aaaa.data = ["2a01:4f8:c012:5ec6::"];
|
ttl = 0;
|
||||||
|
data = ["100::"];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"uptime" = {
|
||||||
|
a = {
|
||||||
|
data = ["91.107.206.145"];
|
||||||
|
};
|
||||||
|
aaaa = {
|
||||||
|
data = ["2a01:4f8:c012:5ec6::"];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
"uptime".cname.data = "grafana.gmem.ca";
|
|
||||||
"healthchecks".cname.data = "grafana.gmem.ca";
|
|
||||||
"truenas".a.data = ["192.168.50.229"];
|
|
||||||
"docs" = {
|
"docs" = {
|
||||||
a.data = ["100.116.48.47"];
|
a = {
|
||||||
aaaa.data = ["fd7a:115c:a1e0:ab12:4843:cd96:6274:302f"];
|
data = ["100.116.48.47"];
|
||||||
|
};
|
||||||
|
aaaa = {
|
||||||
|
data = ["fd7a:115c:a1e0:ab12:4843:cd96:6274:302f"];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
"cluster" = {
|
"cluster" = {
|
||||||
a = {
|
a = {
|
||||||
ttl = 3600;
|
data = ["100.77.43.133"];
|
||||||
data = ["100.87.208.14"];
|
|
||||||
};
|
};
|
||||||
aaaa = {
|
aaaa = {
|
||||||
ttl = 3600;
|
data = [
|
||||||
data = ["fd7a:115c:a1e0::2001:d00e"];
|
"fd7a:115c:a1e0:ab12:4843:cd96:624d:2b85"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"newcluster" = {
|
"newcluster" = {
|
||||||
|
@ -31,106 +42,25 @@
|
||||||
};
|
};
|
||||||
aaaa = {
|
aaaa = {
|
||||||
ttl = 3600;
|
ttl = 3600;
|
||||||
data = ["fd7a:115c:a1e0::2001:d00e"];
|
data = [ "fd7a:115c:a1e0::2001:d00e" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"homelab".a.data = ["192.168.50.45"];
|
"homelab" = {
|
||||||
"_acme-challenge.router".txt.data = ["CJKnxKczldLEAy6zPkST0xeJ5Cy-xdT_ElzqMxhNh5E"];
|
|
||||||
|
|
||||||
"osc-triggers" = {
|
|
||||||
a.data = ["46.23.81.157"];
|
|
||||||
aaaa.data = ["2a03:6000:1813:1337::157"];
|
|
||||||
};
|
|
||||||
|
|
||||||
"mitu.camera".a.data = ["192.168.50.121"];
|
|
||||||
|
|
||||||
"ns1" = {
|
|
||||||
a = {
|
a = {
|
||||||
ttl = 300;
|
data = ["192.168.50.45"];
|
||||||
data = ["162.159.1.247"];
|
|
||||||
};
|
|
||||||
aaaa = {
|
|
||||||
ttl = 300;
|
|
||||||
data = ["2400:cb00:2049:1::a29f:1f7"];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"ns2" = {
|
"_acme-challenge.router" = {
|
||||||
a = {
|
txt = {
|
||||||
ttl = 300;
|
data = ["CJKnxKczldLEAy6zPkST0xeJ5Cy-xdT_ElzqMxhNh5E"];
|
||||||
data = ["162.159.2.232"];
|
|
||||||
};
|
|
||||||
aaaa = {
|
|
||||||
ttl = 300;
|
|
||||||
data = ["2400:cb00:2049:1::a29f:2e8"];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"ns3" = {
|
|
||||||
a = {
|
|
||||||
ttl = 300;
|
|
||||||
data = ["162.159.3.252"];
|
|
||||||
};
|
|
||||||
aaaa = {
|
|
||||||
ttl = 300;
|
|
||||||
data = ["2400:cb00:2049:1::a29f:3fc"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"ns4" = {
|
|
||||||
a = {
|
|
||||||
ttl = 300;
|
|
||||||
data = ["162.159.5.243"];
|
|
||||||
};
|
|
||||||
aaaa = {
|
|
||||||
ttl = 300;
|
|
||||||
data = ["2400:cb00:2049:1::a29f:5f3"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
"vancouver" = {
|
|
||||||
a.data = ["100.116.48.47"];
|
|
||||||
aaaa.data = ["fd7a:115c:a1e0:ab12:4843:cd96:6274:302f"];
|
|
||||||
};
|
|
||||||
|
|
||||||
"" = {
|
|
||||||
aaaa.data = ["100::"];
|
|
||||||
aaaa.ttl = 0;
|
|
||||||
mx.data = [
|
|
||||||
{
|
|
||||||
exchange = "in1-smtp.messagingengine.com";
|
|
||||||
preference = 10;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
exchange = "in2-smtp.messagingengine.com";
|
|
||||||
preference = 20;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
txt.data = [
|
|
||||||
"v=spf1 include:spf.messagingengine.com include:spf.mushu.services.floofy.tech -all"
|
|
||||||
"google-site-verification=NrdjjQmhVjOj2s_CV8IdLkhAYCZ1tC3zrkIjn_-ny2o"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
"postal-d6u33j._domainkey".txt.data = ["v=DKIM1; t=s; h=sha256; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCoSvi65zRk8yn0IySfXWyNzeQpz8DEg8ZnmR/Kqq+Ga890KoINkQHB0toQu/iURjmLo+2mYKMxkAMWZPEsKaNsBCLBB55NCvq3/jeJdjOKYLplc51KSdxSb3AGokGqwCDhQ8u+MJty/R3QOHbzndddQTnSG0ApDkJNiPdFVnXnewIDAQAB;"];
|
|
||||||
"_discord".txt.data = ["dh=28112e71a152f2126fb224a14d80d5816ea5916e"];
|
|
||||||
"_dmarc".txt.data = ["v=DMARC1; p=reject; rua=mailto:f2c1db0a7b6041e593961a3057be4d49@dmarc-reports.cloudflare.net"];
|
|
||||||
|
|
||||||
"fm1._domainkey".cname.data = "fm1.gmem.ca.dkim.fmhosted.com";
|
|
||||||
"fm2._domainkey".cname.data = "fm2.gmem.ca.dkim.fmhosted.com";
|
|
||||||
"fm3._domainkey".cname.data = "fm3.gmem.ca.dkim.fmhosted.com";
|
|
||||||
|
|
||||||
"cdn".cname = {
|
|
||||||
ttl = 0;
|
|
||||||
data = "public.r2.dev";
|
|
||||||
};
|
|
||||||
"fursona".cname = {
|
|
||||||
ttl = 0;
|
|
||||||
data = "well-known-fursona.pages.dev";
|
|
||||||
};
|
|
||||||
"bgnet0".cname = {
|
|
||||||
ttl = 0;
|
|
||||||
data = "bgnet0.pages.dev";
|
|
||||||
};
|
|
||||||
|
|
||||||
"stream".a.data = ["141.147.109.157"];
|
|
||||||
}
|
}
|
||||||
|
// lib.attrsets.genAttrs [
|
||||||
|
# Internally hosted applications
|
||||||
|
"netboot"
|
||||||
|
"changedetect"
|
||||||
|
] (name: {cname.data = "cluster";})
|
||||||
// lib.attrsets.genAttrs [
|
// lib.attrsets.genAttrs [
|
||||||
# Internally hosted applications
|
# Internally hosted applications
|
||||||
"atuin"
|
"atuin"
|
||||||
|
@ -145,9 +75,7 @@
|
||||||
"rss"
|
"rss"
|
||||||
"request-media"
|
"request-media"
|
||||||
"ntfy"
|
"ntfy"
|
||||||
"metube"
|
] (name: {cname.data = "newcluster";})
|
||||||
"search"
|
|
||||||
] (name: {cname.data = "cluster.gmem.ca";})
|
|
||||||
// lib.attrsets.genAttrs [
|
// lib.attrsets.genAttrs [
|
||||||
# Externally hosted applications with Tunnels
|
# Externally hosted applications with Tunnels
|
||||||
"authentik"
|
"authentik"
|
||||||
|
@ -159,12 +87,10 @@
|
||||||
"photos"
|
"photos"
|
||||||
"proxmox"
|
"proxmox"
|
||||||
"tokyo"
|
"tokyo"
|
||||||
"ci"
|
|
||||||
"paste"
|
|
||||||
] (name: {
|
] (name: {
|
||||||
cname = {
|
cname = {
|
||||||
ttl = 0;
|
ttl = 0;
|
||||||
data = "a1544154-d851-44ee-8d3a-9fa245867745.cfargotunnel.com";
|
data = "a1544154-d851-44ee-8d3a-9fa245867745.cfargotunnel.com.";
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
|
@ -9,7 +9,6 @@
|
||||||
"pw"
|
"pw"
|
||||||
"tokyo"
|
"tokyo"
|
||||||
"nitter"
|
"nitter"
|
||||||
"paste"
|
|
||||||
] (name: {
|
] (name: {
|
||||||
name = name + ".gmem.ca";
|
name = name + ".gmem.ca";
|
||||||
content = "newcluster.gmem.ca";
|
content = "newcluster.gmem.ca";
|
||||||
|
@ -38,9 +37,7 @@
|
||||||
"request-media"
|
"request-media"
|
||||||
"tools"
|
"tools"
|
||||||
"ytproxy"
|
"ytproxy"
|
||||||
"metube"
|
"changedetect"
|
||||||
"search"
|
|
||||||
"paste"
|
|
||||||
] (name: {
|
] (name: {
|
||||||
name = name + ".gmem.ca";
|
name = name + ".gmem.ca";
|
||||||
content = "homelab.gmem.ca";
|
content = "homelab.gmem.ca";
|
||||||
|
|
168
flake.lock
168
flake.lock
|
@ -180,7 +180,7 @@
|
||||||
},
|
},
|
||||||
"flake-utils_2": {
|
"flake-utils_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_2"
|
"systems": "systems_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1710146030,
|
"lastModified": 1710146030,
|
||||||
|
@ -197,24 +197,6 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils_3": {
|
"flake-utils_3": {
|
||||||
"inputs": {
|
|
||||||
"systems": "systems_4"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1710146030,
|
|
||||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils_4": {
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1634851050,
|
"lastModified": 1634851050,
|
||||||
"narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=",
|
"narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=",
|
||||||
|
@ -229,21 +211,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flakey-profile": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1712898590,
|
|
||||||
"narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=",
|
|
||||||
"owner": "lf-",
|
|
||||||
"repo": "flakey-profile",
|
|
||||||
"rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "lf-",
|
|
||||||
"repo": "flakey-profile",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"home-manager": {
|
"home-manager": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -272,11 +239,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715930644,
|
"lastModified": 1714515075,
|
||||||
"narHash": "sha256-W9pyM3/vePxrffHtzlJI6lDS3seANQ+Nqp+i58O46LI=",
|
"narHash": "sha256-azMK7aWH0eUc3IqU4Fg5rwZdB9WZBvimOGG3piqvtsY=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "e3ad5108f54177e6520535768ddbf1e6af54b59d",
|
"rev": "6d3b6dc9222c12b951169becdf4b0592ee9576ef",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -293,11 +260,11 @@
|
||||||
"treefmt": "treefmt"
|
"treefmt": "treefmt"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715211269,
|
"lastModified": 1711480255,
|
||||||
"narHash": "sha256-bO1n41QjfdFNoEih0csMe/MUB42DdOuwlT+6LGpUCSc=",
|
"narHash": "sha256-CPF0+ZW3biHoWHE88bZt6a7G65X5Bxtgvw7xwLGrDJ4=",
|
||||||
"owner": "hall",
|
"owner": "hall",
|
||||||
"repo": "kubenix",
|
"repo": "kubenix",
|
||||||
"rev": "060f4757292e1e7172cc9ebcb16f38d89cb707ab",
|
"rev": "5692af23e0835e7b21ec4e2f362b5ef9ff96d893",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -308,15 +275,15 @@
|
||||||
},
|
},
|
||||||
"lib-aggregate": {
|
"lib-aggregate": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_3",
|
"flake-utils": "flake-utils_2",
|
||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715515815,
|
"lastModified": 1714306226,
|
||||||
"narHash": "sha256-yaLScMHNFCH6SbB0HSA/8DWDgK0PyOhCXoFTdHlWkhk=",
|
"narHash": "sha256-CA7bfnDt9TcFc7I8eKHf72DodYUEETDPgmBFXBRP9/E=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "lib-aggregate",
|
"repo": "lib-aggregate",
|
||||||
"rev": "09883ca828e8cfaacdb09e29190a7b84ad1d9925",
|
"rev": "49d9b510614b9bd137e067eb31445a8feca83313",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -325,48 +292,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"lix": {
|
|
||||||
"flake": false,
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1714955862,
|
|
||||||
"narHash": "sha256-REWlo2RYHfJkxnmZTEJu3Cd/2VM+wjjpPy7Xi4BdDTQ=",
|
|
||||||
"ref": "refs/tags/2.90-beta.1",
|
|
||||||
"rev": "b6799ab0374a8e1907a48915d3187e07da41d88c",
|
|
||||||
"revCount": 15501,
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://git@git.lix.systems/lix-project/lix"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"ref": "refs/tags/2.90-beta.1",
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://git@git.lix.systems/lix-project/lix"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"lix-module": {
|
|
||||||
"inputs": {
|
|
||||||
"flake-utils": "flake-utils_2",
|
|
||||||
"flakey-profile": "flakey-profile",
|
|
||||||
"lix": [
|
|
||||||
"lix"
|
|
||||||
],
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1715885250,
|
|
||||||
"narHash": "sha256-IUFYAl3158Ig5vySnRBHoPReb2/S97bjodCo6FhzJv4=",
|
|
||||||
"ref": "refs/heads/main",
|
|
||||||
"rev": "53d713eb486f21d653af3ef3528e9a19ecfc45e5",
|
|
||||||
"revCount": 81,
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://git.lix.systems/lix-project/nixos-module"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://git.lix.systems/lix-project/nixos-module"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nix-eval-jobs": {
|
"nix-eval-jobs": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-parts": "flake-parts",
|
"flake-parts": "flake-parts",
|
||||||
|
@ -375,11 +300,11 @@
|
||||||
"treefmt-nix": "treefmt-nix_2"
|
"treefmt-nix": "treefmt-nix_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715804156,
|
"lastModified": 1713858845,
|
||||||
"narHash": "sha256-GtIHP86Cz1kD9xZO/cKbNQACHKdoT9WFbLJAq6W2EDY=",
|
"narHash": "sha256-StJq7Zy+/iVBUAKFzhHWlsirFucZ3gNtzXhAYXAsNnw=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nix-eval-jobs",
|
"repo": "nix-eval-jobs",
|
||||||
"rev": "bb95091f6c6f38f6cfc215a1797a2dd466312c8b",
|
"rev": "7b6640f2a10701bf0db16aff048070f400e8ea7c",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -449,15 +374,15 @@
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
"systems": "systems_3",
|
"systems": "systems_2",
|
||||||
"treefmt-nix": "treefmt-nix"
|
"treefmt-nix": "treefmt-nix"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715321534,
|
"lastModified": 1713393417,
|
||||||
"narHash": "sha256-cDTRRrLj08k867/lajKXkCg9HTNWuoYGfgr8wyAVaTY=",
|
"narHash": "sha256-YriEUgA8u37V859nbSpqeYlL/GiezzeBIyBAAzhxZaI=",
|
||||||
"owner": "Janik-Haag",
|
"owner": "Janik-Haag",
|
||||||
"repo": "nixos-dns",
|
"repo": "nixos-dns",
|
||||||
"rev": "c4f734d771038db15700a61a8703d0da5f993b3a",
|
"rev": "1cf30ea07873b291fc39265d4c6dc63bfdf67ad7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -489,11 +414,11 @@
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716034089,
|
"lastModified": 1714465198,
|
||||||
"narHash": "sha256-QBfab6V4TeQ6Y4NiXVrEATdQuhCNFNaXt/L1K/Zw+zc=",
|
"narHash": "sha256-ySkEJvS0gPz2UhXm0H3P181T8fUxvDVcoUyGn0Kc5AI=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "b55712de78725c8fcde422ee0a0fe682046e73c3",
|
"rev": "68d680c1b7c0e67a9b2144d6776583ee83664ef4",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -521,11 +446,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-lib": {
|
"nixpkgs-lib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715474941,
|
"lastModified": 1714265296,
|
||||||
"narHash": "sha256-CNCqCGOHdxuiVnVkhTpp2WcqSSmSfeQjubhDOcgwGjU=",
|
"narHash": "sha256-jVnKiCOoFulPT1zDdA4jfG/lnEnngdth5CT6rVDXEJ4=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs.lib",
|
"repo": "nixpkgs.lib",
|
||||||
"rev": "58e03b95f65dfdca21979a081aa62db0eed6b1d8",
|
"rev": "ade4fb7bbf04cd52bc1705734d5dc67755d77ec9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -544,11 +469,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716052422,
|
"lastModified": 1714525911,
|
||||||
"narHash": "sha256-9zObaIzZ3OnW4nMdNzMmrjUrGhqhAZhn1VQnxWUlKts=",
|
"narHash": "sha256-XYARtyCpKeL0IosMSzeHl6YFblV3n4y7plM+K9fg4N4=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs-wayland",
|
"repo": "nixpkgs-wayland",
|
||||||
"rev": "0c6afa4c3c068730a90ce20762bf0fdfac23e64b",
|
"rev": "4cbf82124f2c03fa5b1b669771c48f9927264684",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -607,11 +532,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_5": {
|
"nixpkgs_5": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715996989,
|
"lastModified": 1714314149,
|
||||||
"narHash": "sha256-ObD9YSelkwCAylEXJHcNjrn3hLOfIVScB1tPz9zeDN8=",
|
"narHash": "sha256-yNAevSKF4krRWacmLUsLK7D7PlfuY3zF0lYnGYNi9vQ=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "63d3e5d82edf5a138e7d0872231cc23ed4e740fd",
|
"rev": "cf8cc1201be8bc71b7cbbbdaf349b22f4f99c7ae",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -623,11 +548,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_6": {
|
"nixpkgs_6": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715037484,
|
"lastModified": 1713805509,
|
||||||
"narHash": "sha256-OUt8xQFmBU96Hmm4T9tOWTu4oCswCzoVl+pxSq/kiFc=",
|
"narHash": "sha256-YgSEan4CcrjivCNO5ZNzhg7/8ViLkZ4CB/GrGBVSudo=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "ad7efee13e0d216bf29992311536fce1d3eefbef",
|
"rev": "1e1dc66fe68972a76679644a5577828b6a7e8be4",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -658,8 +583,6 @@
|
||||||
"alertmanager-ntfy": "alertmanager-ntfy",
|
"alertmanager-ntfy": "alertmanager-ntfy",
|
||||||
"home-manager": "home-manager_2",
|
"home-manager": "home-manager_2",
|
||||||
"kubenix": "kubenix",
|
"kubenix": "kubenix",
|
||||||
"lix": "lix",
|
|
||||||
"lix-module": "lix-module",
|
|
||||||
"nixinate": "nixinate",
|
"nixinate": "nixinate",
|
||||||
"nixos-dns": "nixos-dns",
|
"nixos-dns": "nixos-dns",
|
||||||
"nixos-generators": "nixos-generators",
|
"nixos-generators": "nixos-generators",
|
||||||
|
@ -684,21 +607,6 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"systems_2": {
|
"systems_2": {
|
||||||
"locked": {
|
|
||||||
"lastModified": 1681028828,
|
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"systems_3": {
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681028828,
|
"lastModified": 1681028828,
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
@ -712,7 +620,7 @@
|
||||||
"type": "indirect"
|
"type": "indirect"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"systems_4": {
|
"systems_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681028828,
|
"lastModified": 1681028828,
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
@ -731,7 +639,7 @@
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"bats-assert": "bats-assert",
|
"bats-assert": "bats-assert",
|
||||||
"bats-support": "bats-support",
|
"bats-support": "bats-support",
|
||||||
"flake-utils": "flake-utils_4",
|
"flake-utils": "flake-utils_3",
|
||||||
"nixpkgs": "nixpkgs_7",
|
"nixpkgs": "nixpkgs_7",
|
||||||
"terranix-examples": "terranix-examples"
|
"terranix-examples": "terranix-examples"
|
||||||
},
|
},
|
||||||
|
@ -793,11 +701,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1714058656,
|
"lastModified": 1711963903,
|
||||||
"narHash": "sha256-Qv4RBm4LKuO4fNOfx9wl40W2rBbv5u5m+whxRYUMiaA=",
|
"narHash": "sha256-N3QDhoaX+paWXHbEXZapqd1r95mdshxToGowtjtYkGI=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"rev": "c6aaf729f34a36c445618580a9f95a48f5e4e03f",
|
"rev": "49dc4a92b02b8e68798abd99184f228243b6e3ac",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
24
flake.nix
24
flake.nix
|
@ -22,21 +22,11 @@
|
||||||
alertmanager-ntfy.url = "github:alexbakker/alertmanager-ntfy";
|
alertmanager-ntfy.url = "github:alexbakker/alertmanager-ntfy";
|
||||||
kubenix.url = "github:hall/kubenix";
|
kubenix.url = "github:hall/kubenix";
|
||||||
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
||||||
lix = {
|
|
||||||
url = "git+https://git@git.lix.systems/lix-project/lix?ref=refs/tags/2.90-beta.1";
|
|
||||||
flake = false;
|
|
||||||
};
|
|
||||||
lix-module = {
|
|
||||||
url = "git+https://git.lix.systems/lix-project/nixos-module";
|
|
||||||
inputs.lix.follows = "lix";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = {
|
outputs = {
|
||||||
self,
|
self,
|
||||||
nixpkgs,
|
nixpkgs,
|
||||||
lix-module,
|
|
||||||
nixos-generators,
|
nixos-generators,
|
||||||
nixinate,
|
nixinate,
|
||||||
home-manager,
|
home-manager,
|
||||||
|
@ -47,7 +37,6 @@
|
||||||
kubenix,
|
kubenix,
|
||||||
nixos-dns,
|
nixos-dns,
|
||||||
nixos-hardware,
|
nixos-hardware,
|
||||||
...
|
|
||||||
} @ inputs: let
|
} @ inputs: let
|
||||||
pkgs = nixpkgs.legacyPackages.x86_64-linux;
|
pkgs = nixpkgs.legacyPackages.x86_64-linux;
|
||||||
tf = terranix.lib.terranixConfiguration {
|
tf = terranix.lib.terranixConfiguration {
|
||||||
|
@ -95,7 +84,6 @@
|
||||||
terraform-ls
|
terraform-ls
|
||||||
kubernetes-helm
|
kubernetes-helm
|
||||||
nil
|
nil
|
||||||
talosctl
|
|
||||||
(octodns.withProviders (ps: [
|
(octodns.withProviders (ps: [
|
||||||
octodns-providers.bind
|
octodns-providers.bind
|
||||||
octodns-cloudflare
|
octodns-cloudflare
|
||||||
|
@ -137,6 +125,9 @@
|
||||||
inherit dnsConfig;
|
inherit dnsConfig;
|
||||||
config = {
|
config = {
|
||||||
processors = {
|
processors = {
|
||||||
|
ownership = {
|
||||||
|
class = "octodns.processor.ownership.OwnershipProcessor";
|
||||||
|
};
|
||||||
ttl-to-proxy = {
|
ttl-to-proxy = {
|
||||||
class = "octodns_cloudflare.processor.ttl.TtlToProxy";
|
class = "octodns_cloudflare.processor.ttl.TtlToProxy";
|
||||||
ttl = 0;
|
ttl = 0;
|
||||||
|
@ -150,15 +141,12 @@
|
||||||
class = "octodns_cloudflare.CloudflareProvider";
|
class = "octodns_cloudflare.CloudflareProvider";
|
||||||
token = "env/CLOUDFLARE_API_TOKEN";
|
token = "env/CLOUDFLARE_API_TOKEN";
|
||||||
min_ttl = 0;
|
min_ttl = 0;
|
||||||
update_pcent_threshold = 0.5;
|
|
||||||
delete_pcent_threshold = 0.5;
|
|
||||||
auto_ttl_target = 300;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
zones = {
|
zones = {
|
||||||
"gmem.ca." = {
|
"gmem.ca." = {
|
||||||
processors = ["ttl-to-proxy"];
|
processors = ["ownership" "ttl-to-proxy"];
|
||||||
sources = ["config"];
|
sources = ["config"];
|
||||||
targets = ["cloudflare"];
|
targets = ["cloudflare"];
|
||||||
};
|
};
|
||||||
|
@ -189,11 +177,12 @@
|
||||||
|
|
||||||
for profile in rewrites:
|
for profile in rewrites:
|
||||||
for rewrite in rewrites[profile]:
|
for rewrite in rewrites[profile]:
|
||||||
|
print(json.dumps(rewrite))
|
||||||
req = requests.post(
|
req = requests.post(
|
||||||
f'https://api.nextdns.io/profiles/{profile}/rewrites', data=json.dumps(rewrite),
|
f'https://api.nextdns.io/profiles/{profile}/rewrites', data=json.dumps(rewrite),
|
||||||
headers={'X-Api-Key': auth, 'Content-Type': 'application/json'}
|
headers={'X-Api-Key': auth, 'Content-Type': 'application/json'}
|
||||||
)
|
)
|
||||||
print(f'done {rewrite["name"]} -> {rewrite["content"]}')
|
print(req.text)
|
||||||
'');
|
'');
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -262,7 +251,6 @@
|
||||||
london = nixpkgs.lib.nixosSystem {
|
london = nixpkgs.lib.nixosSystem {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
modules = [
|
modules = [
|
||||||
lix-module.nixosModules.default
|
|
||||||
(import ./nix/london/configuration.nix)
|
(import ./nix/london/configuration.nix)
|
||||||
(import ./modules/cloudflare-warp.nix)
|
(import ./modules/cloudflare-warp.nix)
|
||||||
(import ./modules/vfio.nix)
|
(import ./modules/vfio.nix)
|
||||||
|
|
|
@ -112,6 +112,4 @@ data:
|
||||||
service: http://ibiza.endpoints.svc.cluster.local:8000
|
service: http://ibiza.endpoints.svc.cluster.local:8000
|
||||||
- hostname: chat.gmem.ca
|
- hostname: chat.gmem.ca
|
||||||
service: tcp://192.168.50.45:443
|
service: tcp://192.168.50.45:443
|
||||||
- hostname: paste.gmem.ca
|
|
||||||
service: http://tclip.tclip.svc.cluster.local:8080
|
|
||||||
- service: http_status:404
|
- service: http_status:404
|
||||||
|
|
|
@ -22,14 +22,14 @@
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
Jellyseerr = {
|
Overseerr = {
|
||||||
icon = "jellyseerr.png";
|
icon = "overseerr.png";
|
||||||
href = "https://request-media.gmem.ca";
|
href = "https://request-media.gmem.ca";
|
||||||
description = "Request movies and TV shows";
|
description = "Request movies and TV shows";
|
||||||
widget = {
|
widget = {
|
||||||
type = "jellyseerr";
|
type = "overseerr";
|
||||||
url = "https://request-media.gmem.ca";
|
url = "https://request-media.gmem.ca";
|
||||||
key = "{{HOMEPAGE_VAR_JELLYSEERR_KEY}}";
|
key = "{{HOMEPAGE_VAR_OVERSEERR_KEY}}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
};
|
};
|
||||||
# arbitrary attrset passed as values to the helm release
|
# arbitrary attrset passed as values to the helm release
|
||||||
values = {
|
values = {
|
||||||
image.tag = "v1.105.1";
|
image.tag = "v1.102.3";
|
||||||
machine-learning.enabled = false;
|
machine-learning.enabled = false;
|
||||||
immich.persistence.library.existingClaim = "immich";
|
immich.persistence.library.existingClaim = "immich";
|
||||||
redis = {
|
redis = {
|
||||||
|
|
|
@ -26,7 +26,5 @@
|
||||||
(import ./nitter-bot.nix)
|
(import ./nitter-bot.nix)
|
||||||
(import ./miniflux.nix)
|
(import ./miniflux.nix)
|
||||||
# (import ./snikket.nix)
|
# (import ./snikket.nix)
|
||||||
(import ./metube.nix)
|
|
||||||
(import ./searxng.nix)
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,64 +0,0 @@
|
||||||
let
|
|
||||||
appName = "metube";
|
|
||||||
appImage = "ghcr.io/alexta69/metube";
|
|
||||||
in {
|
|
||||||
kubernetes.resources.services.metube = {
|
|
||||||
metadata.namespace = "metube";
|
|
||||||
spec = {
|
|
||||||
selector.app = "metube";
|
|
||||||
ports.http = {
|
|
||||||
port = 8081;
|
|
||||||
targetPort = 8081;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
kubernetes.resources.deployments.metube = {
|
|
||||||
metadata.namespace = "metube";
|
|
||||||
spec = {
|
|
||||||
selector.matchLabels.app = "metube";
|
|
||||||
template = {
|
|
||||||
metadata.labels.app = "metube";
|
|
||||||
spec = {
|
|
||||||
containers = {
|
|
||||||
metube = {
|
|
||||||
image = appImage;
|
|
||||||
imagePullPolicy = "Always";
|
|
||||||
ports.http.containerPort = 8081;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
kubernetes.resources.ingresses.metube = {
|
|
||||||
metadata.namespace = "metube";
|
|
||||||
metadata.annotations = {
|
|
||||||
"cert-manager.io/cluster-issuer" = "le-issuer";
|
|
||||||
};
|
|
||||||
spec = {
|
|
||||||
tls = [
|
|
||||||
{
|
|
||||||
hosts = ["metube.gmem.ca"];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
rules = [
|
|
||||||
{
|
|
||||||
host = "metube.gmem.ca";
|
|
||||||
http.paths = [
|
|
||||||
{
|
|
||||||
path = "/";
|
|
||||||
pathType = "Prefix";
|
|
||||||
backend.service = {
|
|
||||||
name = "metube";
|
|
||||||
port.number = 8081;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
|
|
@ -73,7 +73,7 @@
|
||||||
kubernetes.resources.cronJobs.piped-refresh = {
|
kubernetes.resources.cronJobs.piped-refresh = {
|
||||||
metadata.namespace = "piped";
|
metadata.namespace = "piped";
|
||||||
spec = {
|
spec = {
|
||||||
schedule = "*/30 * * * *";
|
schedule = "*/10 * * * *";
|
||||||
jobTemplate.spec.template.spec = {
|
jobTemplate.spec.template.spec = {
|
||||||
restartPolicy = "Never";
|
restartPolicy = "Never";
|
||||||
containers.refresh-subscriptions = {
|
containers.refresh-subscriptions = {
|
||||||
|
@ -84,14 +84,12 @@
|
||||||
"-c"
|
"-c"
|
||||||
''
|
''
|
||||||
apt update && apt install -y postgresql-client curl
|
apt update && apt install -y postgresql-client curl
|
||||||
curl -o /dev/null "https://healthchecks.gmem.ca/ping/$HEALTHCHECKS_UUID/start"
|
|
||||||
export PGPASSWORD=$password &&
|
export PGPASSWORD=$password &&
|
||||||
export subs=$(psql -U piped -h 192.168.50.236 -qtAX -c 'select id from public.pubsub;') &&
|
export subs=$(psql -U piped -h 192.168.50.236 -qtAX -c 'select id from public.pubsub;') &&
|
||||||
while IFS= read -r line; do
|
while IFS= read -r line; do
|
||||||
echo "refreshing $line"
|
echo "refreshing $line"
|
||||||
curl -k -o /dev/null "http://piped-backend:8080/channel/$line"
|
curl -k -o /dev/null "http://piped-backend:8080/channel/$line"
|
||||||
done < <(printf '%s' "$subs")
|
done < <(printf '%s' "$subs")
|
||||||
curl -o /dev/null "https://healthchecks.gmem.ca/ping/$HEALTHCHECKS_UUID"
|
|
||||||
''
|
''
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
|
@ -21,7 +21,6 @@ prometheus:
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
- 192.168.50.236:9187
|
- 192.168.50.236:9187
|
||||||
- 192.168.50.62:9187
|
|
||||||
grafana:
|
grafana:
|
||||||
enabled: false
|
enabled: false
|
||||||
alertmanager:
|
alertmanager:
|
||||||
|
|
|
@ -1,140 +0,0 @@
|
||||||
let
|
|
||||||
appName = "searxng";
|
|
||||||
appImage = "docker.io/searxng/searxng:latest";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
kubenix,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
kubernetes.resources.services.searxng = {
|
|
||||||
metadata.namespace = "searxng";
|
|
||||||
metadata.labels.app = appName;
|
|
||||||
spec = {
|
|
||||||
selector.app = appName;
|
|
||||||
ports.http = {
|
|
||||||
port = 8080;
|
|
||||||
targetPort = 8080;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
kubernetes.resources.deployments.searxng = {
|
|
||||||
metadata.namespace = "searxng";
|
|
||||||
spec = {
|
|
||||||
selector.matchLabels.app = appName;
|
|
||||||
template = {
|
|
||||||
metadata.labels.app = appName;
|
|
||||||
spec = {
|
|
||||||
volumes = {
|
|
||||||
config.configMap.name = "searxng";
|
|
||||||
};
|
|
||||||
containers = {
|
|
||||||
searxng = {
|
|
||||||
image = appImage;
|
|
||||||
imagePullPolicy = "Always";
|
|
||||||
volumeMounts = [
|
|
||||||
{
|
|
||||||
name = "config";
|
|
||||||
mountPath = "/etc/searxng/settings.yml";
|
|
||||||
subPath = "settings.yml";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
name = "config";
|
|
||||||
mountPath = "/etc/searxng/limiter.toml";
|
|
||||||
subPath = "limiter.toml";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
envFrom = [{secretRef.name = "searxng";}];
|
|
||||||
ports.http.containerPort = 8080;
|
|
||||||
resources = {
|
|
||||||
requests = {
|
|
||||||
cpu = "100m";
|
|
||||||
memory = "512Mi";
|
|
||||||
};
|
|
||||||
limits = {
|
|
||||||
memory = "1Gi";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
kubernetes.resources.configMaps.searxng = {
|
|
||||||
metadata.namespace = "searxng";
|
|
||||||
data."settings.yml" = ''
|
|
||||||
use_default_settings: true
|
|
||||||
server:
|
|
||||||
image_proxy: true
|
|
||||||
http_protocol_version: "1.1"
|
|
||||||
method: "GET"
|
|
||||||
ui:
|
|
||||||
static_use_hash: true
|
|
||||||
redis:
|
|
||||||
url: redis://searxng-redis-master:6379/0
|
|
||||||
general:
|
|
||||||
instance_name: search.gmem.ca
|
|
||||||
hostname_replace:
|
|
||||||
'(.*\.)?youtube\.com$': 'piped.gmem.ca'
|
|
||||||
'(.*\.)?youtu\.be$': 'piped.gmem.ca'
|
|
||||||
'(.*\.)?youtube-noocookie\.com$': 'piped.gmem.ca'
|
|
||||||
'(www\.)?twitter\.com$': 'nitter.gmem.ca'
|
|
||||||
'(www\.)?x\.com$': 'nitter.gmem.ca'
|
|
||||||
'';
|
|
||||||
data."limiter.toml" = ''
|
|
||||||
# This configuration file updates the default configuration file
|
|
||||||
# See https://github.com/searxng/searxng/blob/master/searx/botdetection/limiter.toml
|
|
||||||
|
|
||||||
[botdetection.ip_limit]
|
|
||||||
# activate link_token method in the ip_limit method
|
|
||||||
link_token = true
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
kubernetes.helm.releases.searxng-redis = {
|
|
||||||
namespace = "searxng";
|
|
||||||
chart = kubenix.lib.helm.fetch {
|
|
||||||
repo = "https://charts.bitnami.com/bitnami";
|
|
||||||
chart = "redis";
|
|
||||||
version = "18.6.1";
|
|
||||||
sha256 = "CyvGHc1v1BtbzDx6hbbPah2uWpUhlNIUQowephT6hmM=";
|
|
||||||
};
|
|
||||||
values = {
|
|
||||||
auth.enabled = false;
|
|
||||||
architecture = "standalone";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
kubernetes.resources.ingresses.searxng = {
|
|
||||||
metadata = {
|
|
||||||
name = appName;
|
|
||||||
namespace = "searxng";
|
|
||||||
annotations = {
|
|
||||||
"cert-manager.io/cluster-issuer" = "le-issuer";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
spec = {
|
|
||||||
tls = [
|
|
||||||
{
|
|
||||||
hosts = ["search.gmem.ca"];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
rules = [
|
|
||||||
{
|
|
||||||
host = "search.gmem.ca";
|
|
||||||
http.paths = [
|
|
||||||
{
|
|
||||||
path = "/";
|
|
||||||
pathType = "Prefix";
|
|
||||||
backend.service = {
|
|
||||||
name = appName;
|
|
||||||
port.name = "http";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -23,16 +23,7 @@ in {
|
||||||
name = "USE_FUNNEL";
|
name = "USE_FUNNEL";
|
||||||
value = "true";
|
value = "true";
|
||||||
}
|
}
|
||||||
{
|
|
||||||
name = "HTTP_PORT";
|
|
||||||
value = "8080";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
name = "ENABLE_METRICS";
|
|
||||||
value = "true";
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
ports.http.containerPort = 8080;
|
|
||||||
envFrom = [{secretRef.name = "tclip";}];
|
envFrom = [{secretRef.name = "tclip";}];
|
||||||
volumeMounts = [
|
volumeMounts = [
|
||||||
{
|
{
|
||||||
|
@ -56,45 +47,4 @@ in {
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
kubernetes.resources.services.tclip = {
|
|
||||||
metadata.namespace = "tclip";
|
|
||||||
spec = {
|
|
||||||
selector.app = appName;
|
|
||||||
ports.http = {
|
|
||||||
port = 8080;
|
|
||||||
targetPort = 8080;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
kubernetes.resources.ingresses.tclip = {
|
|
||||||
metadata = {
|
|
||||||
name = appName;
|
|
||||||
namespace = "tclip";
|
|
||||||
annotations = {
|
|
||||||
"cert-manager.io/cluster-issuer" = "le-issuer";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
spec = {
|
|
||||||
tls = [
|
|
||||||
{
|
|
||||||
hosts = ["paste.gmem.ca"];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
rules = [
|
|
||||||
{
|
|
||||||
host = "paste.gmem.ca";
|
|
||||||
http.paths = [
|
|
||||||
{
|
|
||||||
path = "/";
|
|
||||||
pathType = "Prefix";
|
|
||||||
backend.service = {
|
|
||||||
name = appName;
|
|
||||||
port.name = "http";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
(modulesPath + "/profiles/qemu-guest.nix")
|
(modulesPath + "/profiles/qemu-guest.nix")
|
||||||
''${builtins.fetchTarball {
|
''${builtins.fetchTarball {
|
||||||
url = "https://github.com/nix-community/disko/archive/master.tar.gz";
|
url = "https://github.com/nix-community/disko/archive/master.tar.gz";
|
||||||
sha256 = "1wg3nnh8lrc8q8q4qyk9yynsa24qqj9126h3cy0ijq93mz46i1k7";
|
sha256 = "1dk4xi79lvm8hv1raf2snm3j8y4q23csm6d3siljg4cpf2y4wyl7";
|
||||||
}}/module.nix''
|
}}/module.nix''
|
||||||
./disk-config.nix
|
./disk-config.nix
|
||||||
];
|
];
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
(modulesPath + "/profiles/qemu-guest.nix")
|
(modulesPath + "/profiles/qemu-guest.nix")
|
||||||
''${builtins.fetchTarball {
|
''${builtins.fetchTarball {
|
||||||
url = "https://github.com/nix-community/disko/archive/master.tar.gz";
|
url = "https://github.com/nix-community/disko/archive/master.tar.gz";
|
||||||
sha256 = "1wg3nnh8lrc8q8q4qyk9yynsa24qqj9126h3cy0ijq93mz46i1k7";
|
sha256 = "1dk4xi79lvm8hv1raf2snm3j8y4q23csm6d3siljg4cpf2y4wyl7";
|
||||||
}}/module.nix''
|
}}/module.nix''
|
||||||
./disk-config.nix
|
./disk-config.nix
|
||||||
];
|
];
|
||||||
|
|
|
@ -28,7 +28,7 @@
|
||||||
theme = "breeze";
|
theme = "breeze";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
powerManagement.enable = true;
|
|
||||||
time.hardwareClockInLocalTime = true;
|
time.hardwareClockInLocalTime = true;
|
||||||
hardware = {
|
hardware = {
|
||||||
cpu.amd.updateMicrocode = true;
|
cpu.amd.updateMicrocode = true;
|
||||||
|
@ -53,9 +53,7 @@
|
||||||
hostName = "LONDON";
|
hostName = "LONDON";
|
||||||
networkmanager.enable = true;
|
networkmanager.enable = true;
|
||||||
interfaces.enp14s0.useDHCP = true;
|
interfaces.enp14s0.useDHCP = true;
|
||||||
interfaces.enp14s0.wakeOnLan.enable = true;
|
|
||||||
interfaces.br0.useDHCP = true;
|
interfaces.br0.useDHCP = true;
|
||||||
interfaces.br0.wakeOnLan.enable = true;
|
|
||||||
bridges = {
|
bridges = {
|
||||||
"br0" = {
|
"br0" = {
|
||||||
interfaces = ["enp14s0"];
|
interfaces = ["enp14s0"];
|
||||||
|
|
|
@ -22,7 +22,7 @@
|
||||||
in [
|
in [
|
||||||
(import (builtins.fetchTarball {
|
(import (builtins.fetchTarball {
|
||||||
url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
|
url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
|
||||||
sha256 = "09rsdkn16al5qsyrl5fjrljw7ff0z5yb9ihskbipcdiffcn11kax";
|
sha256 = "0yy91pryh8pbq2sz07nzjb11s5ghrn9773v0vsh475an4g4p9933";
|
||||||
}))
|
}))
|
||||||
discordOverlay
|
discordOverlay
|
||||||
];
|
];
|
||||||
|
|
|
@ -414,11 +414,6 @@
|
||||||
scrape_interval = "10s";
|
scrape_interval = "10s";
|
||||||
static_configs = [{targets = ["100.87.208.14:8404"];}];
|
static_configs = [{targets = ["100.87.208.14:8404"];}];
|
||||||
}
|
}
|
||||||
{
|
|
||||||
job_name = "tclip";
|
|
||||||
scrape_interval = "15s";
|
|
||||||
static_configs = [{targets = ["paste"];}];
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
exporters.node = {
|
exporters.node = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -31,10 +31,6 @@
|
||||||
file = ../../secrets/cloudflare-dns.age;
|
file = ../../secrets/cloudflare-dns.age;
|
||||||
owner = "acme";
|
owner = "acme";
|
||||||
};
|
};
|
||||||
age.secrets.paperless-oauth = {
|
|
||||||
file = ../../secrets/paperless-oauth.age;
|
|
||||||
owner = "paperless";
|
|
||||||
};
|
|
||||||
nix = {
|
nix = {
|
||||||
settings = {
|
settings = {
|
||||||
auto-optimise-store = true;
|
auto-optimise-store = true;
|
||||||
|
@ -51,7 +47,7 @@
|
||||||
kernelModules = ["coretemp" "kvm-amd" "it87"];
|
kernelModules = ["coretemp" "kvm-amd" "it87"];
|
||||||
zfs.extraPools = ["tank"];
|
zfs.extraPools = ["tank"];
|
||||||
};
|
};
|
||||||
systemd.services.paperless-web.serviceConfig.EnvironmentFile = config.age.secrets.paperless-oauth.path;
|
|
||||||
services = {
|
services = {
|
||||||
paperless = {
|
paperless = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -30,7 +30,5 @@ in {
|
||||||
"secrets/monitoring-grafana-client-secret.age".publicKeys = [monitoring gsimmer];
|
"secrets/monitoring-grafana-client-secret.age".publicKeys = [monitoring gsimmer];
|
||||||
"secrets/k3s-token.age".publicKeys = k3s ++ users;
|
"secrets/k3s-token.age".publicKeys = k3s ++ users;
|
||||||
|
|
||||||
"secrets/paperless-oauth.age".publicKeys = [vancouver] ++ users;
|
|
||||||
|
|
||||||
"secrets/dnsmasq-nextdns-profile.age".publicKeys = dnsmasq ++ users;
|
"secrets/dnsmasq-nextdns-profile.age".publicKeys = dnsmasq ++ users;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue