Compare commits
4 commits
cb21b98997
...
d21c8fac35
Author | SHA1 | Date | |
---|---|---|---|
Gabriel Simmer | d21c8fac35 | ||
Gabriel Simmer | da290991d3 | ||
Gabriel Simmer | 82e593fd6c | ||
Gabriel Simmer | f714bff04f |
77
flake.lock
77
flake.lock
|
@ -134,11 +134,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696343447,
|
"lastModified": 1698882062,
|
||||||
"narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=",
|
"narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-parts",
|
"repo": "flake-parts",
|
||||||
"rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4",
|
"rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -223,11 +223,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1698479159,
|
"lastModified": 1699025595,
|
||||||
"narHash": "sha256-rJHBDwW4LbADEfhkgGHjKGfL2dF44NrlyXdXeZrQahs=",
|
"narHash": "sha256-e+o4PoSu2Z6Ww8y/AVUmMU200rNZoRK+p2opQ7Db8Rg=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "f92a54fef4eacdbe86b0a2054054dd58b0e2a2a4",
|
"rev": "8765d4e38aa0be53cdeee26f7386173e6c65618d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -263,11 +263,11 @@
|
||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1697976504,
|
"lastModified": 1699186103,
|
||||||
"narHash": "sha256-sU8q83TEaafIe5d7L6Dc2alRhWT898aB0+6EXcfao1I=",
|
"narHash": "sha256-B13wpM9/sLYBO2TjxFYLhPUD9v3LVFVOmH12pGB3E0w=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "lib-aggregate",
|
"repo": "lib-aggregate",
|
||||||
"rev": "2e96d2f9d80f80bd22cd7c603985f2b03cf186fc",
|
"rev": "99ff947f29d9c89fe26072b1927e594ee45ccda0",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -279,15 +279,16 @@
|
||||||
"nix-eval-jobs": {
|
"nix-eval-jobs": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-parts": "flake-parts",
|
"flake-parts": "flake-parts",
|
||||||
|
"nix-github-actions": "nix-github-actions",
|
||||||
"nixpkgs": "nixpkgs_6",
|
"nixpkgs": "nixpkgs_6",
|
||||||
"treefmt-nix": "treefmt-nix"
|
"treefmt-nix": "treefmt-nix"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1697679370,
|
"lastModified": 1699060277,
|
||||||
"narHash": "sha256-E4iEs004owoShYK0MBDD6uRXCgZdxl//hYijvSakg0k=",
|
"narHash": "sha256-As0PilG8NEQzIMOFIzfI3zkBNH2CJHZJXRL5Rc36Ojc=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nix-eval-jobs",
|
"repo": "nix-eval-jobs",
|
||||||
"rev": "01a606e119963957eefaf1b22ef92b69b90f5b85",
|
"rev": "20a24e8b1004d3293525334ccf3254c083d6fbaa",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -296,6 +297,28 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nix-github-actions": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs-wayland",
|
||||||
|
"nix-eval-jobs",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1698974481,
|
||||||
|
"narHash": "sha256-yPncV9Ohdz1zPZxYHQf47S8S0VrnhV7nNhCawY46hDA=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "nix-github-actions",
|
||||||
|
"rev": "4bb5e752616262457bc7ca5882192a564c0472d2",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "nix-github-actions",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixinate": {
|
"nixinate": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": "nixpkgs_4"
|
"nixpkgs": "nixpkgs_4"
|
||||||
|
@ -368,11 +391,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-lib": {
|
"nixpkgs-lib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1697935651,
|
"lastModified": 1699145078,
|
||||||
"narHash": "sha256-qOfWjQ2JQSQL15KLh6D7xQhx0qgZlYZTYlcEiRuAMMw=",
|
"narHash": "sha256-OO1b3jiMUGjafD2ErkbTPVgUlhmyWo2Z5i0k2kD1ViU=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs.lib",
|
"repo": "nixpkgs.lib",
|
||||||
"rev": "e1e11fdbb01113d85c7f41cada9d2847660e3902",
|
"rev": "174d7dc67189bc4a53f1bffb4fb9d0f13b79cd3c",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -391,11 +414,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1698459598,
|
"lastModified": 1699222410,
|
||||||
"narHash": "sha256-2etAvtTLoPsvEJ4P6rKnHE8Ipp6MVNMGlik1JqHdqL0=",
|
"narHash": "sha256-qGuDXk991Mlws0f8DXNua82G+22jMBwoFG80o1sF66M=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs-wayland",
|
"repo": "nixpkgs-wayland",
|
||||||
"rev": "bcadcb13f0248fa7e6355a35c3c263fc76edc632",
|
"rev": "74717cb06fc24dbf57002bb1cf6d36fc50293d34",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -454,11 +477,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_5": {
|
"nixpkgs_5": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1698336494,
|
"lastModified": 1699186365,
|
||||||
"narHash": "sha256-sO72WDBKyijYD1GcKPlGsycKbMBiTJMBCnmOxLAs880=",
|
"narHash": "sha256-Pxrw5U8mBsL3NlrJ6q1KK1crzvSUcdfwb9083sKDrcU=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "808c0d8c53c7ae50f82aca8e7df263225cf235bf",
|
"rev": "a0b3b06b7a82c965ae0bb1d59f6e386fe755001d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -470,11 +493,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_6": {
|
"nixpkgs_6": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1697677194,
|
"lastModified": 1698977350,
|
||||||
"narHash": "sha256-lN2eJCsOzjhxrvTQsNcW7r0E9hMJ7ABrKDQWpmYFRkM=",
|
"narHash": "sha256-OUDOHWrX3EjX/MlOoCHEb3JMONklbpu4Wa+Xf5s/U+s=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "18e505d654892d057f308c817d220faf962dbf23",
|
"rev": "4285a2a67daf39e63d9564a47773a1c2081c36a8",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -608,11 +631,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1697388351,
|
"lastModified": 1698438538,
|
||||||
"narHash": "sha256-63N2eBpKaziIy4R44vjpUu8Nz5fCJY7okKrkixvDQmY=",
|
"narHash": "sha256-AWxaKTDL3MtxaVTVU5lYBvSnlspOS0Fjt8GxBgnU0Do=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"rev": "aae39f64f5ecbe89792d05eacea5cb241891292a",
|
"rev": "5deb8dc125a9f83b65ca86cf0c8167c46593e0b1",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -3,7 +3,7 @@ kind: ConfigMap
|
||||||
metadata:
|
metadata:
|
||||||
name: freshrss-config
|
name: freshrss-config
|
||||||
data:
|
data:
|
||||||
CRON_MIN: "*/15"
|
CRON_MIN: "1,31"
|
||||||
# OIDC_ENABLED: "1"
|
# OIDC_ENABLED: "1"
|
||||||
OIDC_PROVIDER_METADATA_URL: https://authentik.gmem.ca/application/o/freshrss/.well-known/openid-configuration
|
OIDC_PROVIDER_METADATA_URL: https://authentik.gmem.ca/application/o/freshrss/.well-known/openid-configuration
|
||||||
OIDC_REMOTE_USER_CLAIM: preferred_username
|
OIDC_REMOTE_USER_CLAIM: preferred_username
|
||||||
|
|
|
@ -14,13 +14,16 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: freshrss
|
- name: freshrss
|
||||||
image: freshrss/freshrss:arm
|
image: freshrss/freshrss:1.22.1-arm
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
memory: "256Mi"
|
memory: "256Mi"
|
||||||
cpu: "500m"
|
cpu: "500m"
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
|
env:
|
||||||
|
- name: CRON_MIN
|
||||||
|
value: 1,31
|
||||||
envFrom:
|
envFrom:
|
||||||
- configMapRef:
|
- configMapRef:
|
||||||
name: freshrss-config
|
name: freshrss-config
|
||||||
|
|
|
@ -129,11 +129,8 @@
|
||||||
xkbVariant = "";
|
xkbVariant = "";
|
||||||
videoDrivers = [ "nvidia" ];
|
videoDrivers = [ "nvidia" ];
|
||||||
enable = true;
|
enable = true;
|
||||||
displayManager = {
|
|
||||||
gdm.wayland = true;
|
|
||||||
sddm.enable = true;
|
|
||||||
};
|
|
||||||
desktopManager.plasma5.enable = true;
|
desktopManager.plasma5.enable = true;
|
||||||
|
displayManager.sddm.enable = true;
|
||||||
};
|
};
|
||||||
pipewire = {
|
pipewire = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -174,23 +171,9 @@
|
||||||
pulseaudio.enable = false;
|
pulseaudio.enable = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
xdg = {
|
xdg.portal.enable = true;
|
||||||
portal = {
|
|
||||||
enable = true;
|
|
||||||
extraPortals = with pkgs; [
|
|
||||||
xdg-desktop-portal-wlr
|
|
||||||
xdg-desktop-portal-gtk
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
environment.sessionVariables = {
|
|
||||||
NIXOS_OZONE_WL = "1";
|
|
||||||
};
|
|
||||||
programs = {
|
programs = {
|
||||||
hyprland = {
|
|
||||||
enable = true;
|
|
||||||
enableNvidiaPatches = true;
|
|
||||||
};
|
|
||||||
gamemode.enable = true;
|
gamemode.enable = true;
|
||||||
zsh.enable = true;
|
zsh.enable = true;
|
||||||
fish.enable = true;
|
fish.enable = true;
|
||||||
|
@ -198,8 +181,8 @@
|
||||||
dconf.enable = true;
|
dconf.enable = true;
|
||||||
steam = {
|
steam = {
|
||||||
enable = true;
|
enable = true;
|
||||||
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
|
remotePlay.openFirewall = true;
|
||||||
dedicatedServer.openFirewall = false; # Open ports in the firewall for Source Dedicated Server
|
dedicatedServer.openFirewall = false;
|
||||||
};
|
};
|
||||||
gnupg.agent = {
|
gnupg.agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -261,15 +244,21 @@
|
||||||
glxinfo
|
glxinfo
|
||||||
vulkan-tools
|
vulkan-tools
|
||||||
glmark2
|
glmark2
|
||||||
waybar
|
|
||||||
waypipe
|
|
||||||
rofi-wayland
|
|
||||||
mako
|
|
||||||
libnotify
|
libnotify
|
||||||
hyprpaper
|
emojione
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
environment.plasma5.excludePackages = with pkgs.libsForQt5; [
|
||||||
|
elisa
|
||||||
|
okular
|
||||||
|
oxygen
|
||||||
|
khelpcenter
|
||||||
|
konsole
|
||||||
|
plasma-browser-integration
|
||||||
|
print-manager
|
||||||
|
];
|
||||||
|
|
||||||
security = {
|
security = {
|
||||||
polkit.enable = true;
|
polkit.enable = true;
|
||||||
rtkit.enable = true;
|
rtkit.enable = true;
|
||||||
|
|
|
@ -10,13 +10,13 @@
|
||||||
overlays =
|
overlays =
|
||||||
let
|
let
|
||||||
discordOverlay = self: super: {
|
discordOverlay = self: super: {
|
||||||
discord = super.discord.override { };
|
discord = super.discord.override { withVencord = true; withOpenASAR = true; };
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
[
|
[
|
||||||
(import (builtins.fetchTarball {
|
(import (builtins.fetchTarball {
|
||||||
url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
|
url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
|
||||||
sha256 = "0lqk8xl3bpwmfdv8p9147rag1jxa8r0k8sibhyrvsnyp3q5lvxdx";
|
sha256 = "0w50a5dwphqkvlyi4h0bp3fssjkilyr92f9zgdhdxish3dzn4y0d";
|
||||||
})) discordOverlay];
|
})) discordOverlay];
|
||||||
};
|
};
|
||||||
home = {
|
home = {
|
||||||
|
@ -557,6 +557,17 @@ $env.config = {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Prevent clobbering SSH_AUTH_SOCK
|
||||||
|
home.sessionVariables = {
|
||||||
|
SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/yubikey-agent/yubikey-agent.sock";
|
||||||
|
};
|
||||||
|
|
||||||
|
# Disable gnome-keyring ssh-agent
|
||||||
|
xdg.configFile."autostart/gnome-keyring-ssh.desktop".text = ''
|
||||||
|
${lib.fileContents "${pkgs.gnome3.gnome-keyring}/etc/xdg/autostart/gnome-keyring-ssh.desktop"}
|
||||||
|
Hidden=true
|
||||||
|
'';
|
||||||
|
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
bitwarden-cli
|
bitwarden-cli
|
||||||
vlc
|
vlc
|
||||||
|
@ -576,7 +587,6 @@ $env.config = {
|
||||||
discord
|
discord
|
||||||
mangohud
|
mangohud
|
||||||
comma
|
comma
|
||||||
grimblast
|
|
||||||
];
|
];
|
||||||
|
|
||||||
# This value determines the Home Manager release that your
|
# This value determines the Home Manager release that your
|
||||||
|
|
82
nix/oracle-gitea-runner/coder.nix
Normal file
82
nix/oracle-gitea-runner/coder.nix
Normal file
|
@ -0,0 +1,82 @@
|
||||||
|
{ lib
|
||||||
|
, fetchurl
|
||||||
|
, installShellFiles
|
||||||
|
, makeWrapper
|
||||||
|
, terraform
|
||||||
|
, stdenvNoCC
|
||||||
|
, unzip
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
inherit (stdenvNoCC.hostPlatform) system;
|
||||||
|
in
|
||||||
|
|
||||||
|
stdenvNoCC.mkDerivation rec {
|
||||||
|
pname = "coder";
|
||||||
|
version = "2.3.3";
|
||||||
|
|
||||||
|
src = fetchurl {
|
||||||
|
sha256 = {
|
||||||
|
x86_64-linux = "sha256-3gO71Eii3KBjn/oQ1Q3OCJ7S6H12iDYjOfqf43ph1nQ=";
|
||||||
|
x86_64-darwin = lib.fakeHash;
|
||||||
|
aarch64-linux = "sha256-v7S22I62EKPcHO9yZGciKKftRlzIowfAeVgnccOdlSs=";
|
||||||
|
aarch64-darwin = "";
|
||||||
|
}.${system};
|
||||||
|
|
||||||
|
url =
|
||||||
|
let
|
||||||
|
systemName = {
|
||||||
|
x86_64-linux = "linux_amd64";
|
||||||
|
aarch64-linux = "linux_arm64";
|
||||||
|
x86_64-darwin = "darwin_amd64";
|
||||||
|
aarch64-darwin = "darwin_arm64";
|
||||||
|
}.${system};
|
||||||
|
|
||||||
|
ext = {
|
||||||
|
x86_64-linux = "tar.gz";
|
||||||
|
aarch64-linux = "tar.gz";
|
||||||
|
x86_64-darwin = "zip";
|
||||||
|
aarch64-darwin = "zip";
|
||||||
|
}.${system};
|
||||||
|
in
|
||||||
|
"https://github.com/coder/coder/releases/download/v${version}/coder_${version}_${systemName}.${ext}";
|
||||||
|
};
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
installShellFiles
|
||||||
|
makeWrapper
|
||||||
|
unzip
|
||||||
|
];
|
||||||
|
|
||||||
|
unpackPhase = ''
|
||||||
|
printf 'Decompressing %s\n' "$src"
|
||||||
|
case $src in
|
||||||
|
*.tar.gz) tar -xz -f "$src" ;;
|
||||||
|
*.zip) unzip "$src" ;;
|
||||||
|
esac
|
||||||
|
'';
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/bin
|
||||||
|
cp coder $out/bin
|
||||||
|
'';
|
||||||
|
|
||||||
|
postInstall = ''
|
||||||
|
installShellCompletion --cmd coder \
|
||||||
|
--bash <($out/bin/coder completion bash) \
|
||||||
|
--fish <($out/bin/coder completion fish) \
|
||||||
|
--zsh <($out/bin/coder completion zsh)
|
||||||
|
|
||||||
|
wrapProgram $out/bin/coder --prefix PATH : ${lib.makeBinPath [ terraform ]}
|
||||||
|
'';
|
||||||
|
|
||||||
|
# integration tests require network access
|
||||||
|
doCheck = false;
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
description = "Provision software development environments via Terraform on Linux, macOS, Windows, X86, ARM, and of course, Kubernetes";
|
||||||
|
homepage = "https://coder.com";
|
||||||
|
license = lib.licenses.agpl3;
|
||||||
|
maintainers = [ lib.maintainers.ghuntley lib.maintainers.urandom ];
|
||||||
|
broken = false;
|
||||||
|
};
|
||||||
|
}
|
|
@ -5,6 +5,8 @@
|
||||||
[ # Include the results of the hardware scan.
|
[ # Include the results of the hardware scan.
|
||||||
./hardware.nix
|
./hardware.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||||
boot.tmp.cleanOnBoot = true;
|
boot.tmp.cleanOnBoot = true;
|
||||||
zramSwap.enable = true;
|
zramSwap.enable = true;
|
||||||
|
@ -16,6 +18,13 @@
|
||||||
tailscale
|
tailscale
|
||||||
];
|
];
|
||||||
|
|
||||||
|
services.coder = {
|
||||||
|
enable = true;
|
||||||
|
group = "docker";
|
||||||
|
listenAddress = "0.0.0.0:3000";
|
||||||
|
package = (pkgs.callPackage ./coder.nix {});
|
||||||
|
};
|
||||||
|
|
||||||
services.gitea-actions-runner = {
|
services.gitea-actions-runner = {
|
||||||
package = pkgs.forgejo-actions-runner;
|
package = pkgs.forgejo-actions-runner;
|
||||||
instances = {
|
instances = {
|
||||||
|
|
Loading…
Reference in a new issue