Compare commits
No commits in common. "e687676b8fb4e600d0c79e8cb39d5649fa460933" and "4c46c0b825c257b06b8fd0d497baea6d92e49c27" have entirely different histories.
e687676b8f
...
4c46c0b825
85
flake.lock
85
flake.lock
|
@ -180,7 +180,7 @@
|
||||||
},
|
},
|
||||||
"flake-utils_2": {
|
"flake-utils_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_3"
|
"systems": "systems_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1710146030,
|
"lastModified": 1710146030,
|
||||||
|
@ -239,11 +239,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1713713092,
|
"lastModified": 1713294767,
|
||||||
"narHash": "sha256-rvyr6BBtn3cq5B/48rhJlbIOpxprwlO/71663sd9Gik=",
|
"narHash": "sha256-LmaabaQZdx52MPGKPRt9Opoc9Gd9RbwvCdysUUYQoXI=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "2846d5230a3c3923618eabb367deaf8885df580f",
|
"rev": "fa8c16e2452bf092ac76f09ee1fb1e9f7d0796e7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -279,11 +279,11 @@
|
||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1713701427,
|
"lastModified": 1713105314,
|
||||||
"narHash": "sha256-v6z8hz/UDaC/rbnkH+hxGFUxlNyseVntRetVpSxLU6c=",
|
"narHash": "sha256-X3URKbcgIy4UaQGrsy3DmY5x+fePQ5IYaa76YewoUE0=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "lib-aggregate",
|
"repo": "lib-aggregate",
|
||||||
"rev": "3b32a98eb3053f8c8ca55497d1881443ef2996e6",
|
"rev": "f347ed9a1cab12c27541ed4d173e2f2d5c9bc0bb",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -297,7 +297,7 @@
|
||||||
"flake-parts": "flake-parts",
|
"flake-parts": "flake-parts",
|
||||||
"nix-github-actions": "nix-github-actions",
|
"nix-github-actions": "nix-github-actions",
|
||||||
"nixpkgs": "nixpkgs_6",
|
"nixpkgs": "nixpkgs_6",
|
||||||
"treefmt-nix": "treefmt-nix_2"
|
"treefmt-nix": "treefmt-nix"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1705242886,
|
"lastModified": 1705242886,
|
||||||
|
@ -373,16 +373,14 @@
|
||||||
"flake-compat": "flake-compat_2",
|
"flake-compat": "flake-compat_2",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
]
|
||||||
"systems": "systems_2",
|
|
||||||
"treefmt-nix": "treefmt-nix"
|
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1713393417,
|
"lastModified": 1708022692,
|
||||||
"narHash": "sha256-YriEUgA8u37V859nbSpqeYlL/GiezzeBIyBAAzhxZaI=",
|
"narHash": "sha256-T2o3XwFWK5bYNnVqEYdW9JqmOtgpn26/GCgbrVJ47ls=",
|
||||||
"owner": "Janik-Haag",
|
"owner": "Janik-Haag",
|
||||||
"repo": "nixos-dns",
|
"repo": "nixos-dns",
|
||||||
"rev": "1cf30ea07873b291fc39265d4c6dc63bfdf67ad7",
|
"rev": "0205c8cc6b4f7f75689a922b0bf20730c64a51f4",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -414,11 +412,11 @@
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1713521961,
|
"lastModified": 1712909959,
|
||||||
"narHash": "sha256-EwR8wW9AqJhSIY+0oxWRybUZ32BVKuZ9bjlRh8SJvQ8=",
|
"narHash": "sha256-7/5ubuwdEbQ7Z+Vqd4u0mM5L2VMNDsBh54visp27CtQ=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "5d48925b815fd202781bfae8fb6f45c07112fdb2",
|
"rev": "f58b25254be441cd2a9b4b444ed83f1e51244f1f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -446,11 +444,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-lib": {
|
"nixpkgs-lib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1713660444,
|
"lastModified": 1713055793,
|
||||||
"narHash": "sha256-2bVnrEGyWJhRNKspzfTJmVD/fsH9HQURD4cWpz79Ulw=",
|
"narHash": "sha256-vIrZQykYW32RnlI2lT/gCcB59BOIqqrAmPirBdiirrc=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs.lib",
|
"repo": "nixpkgs.lib",
|
||||||
"rev": "6882347415e352cfc9c277cc01f73e0f5cb7b93c",
|
"rev": "361d8a4f443bbfab20bd6d222f9022b8c6665906",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -469,11 +467,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1713719682,
|
"lastModified": 1713349019,
|
||||||
"narHash": "sha256-d6YzWLGoHF3si3fHZ5qv587gR16Bgk7EQgrvgtCaoRM=",
|
"narHash": "sha256-H8FjOiATw0/k2fq2VcCE7Vov5Ic+S1x0h4nDImM1cUQ=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs-wayland",
|
"repo": "nixpkgs-wayland",
|
||||||
"rev": "df1a94e03aaf5324dd2d9fe6d965422d26d1e6e1",
|
"rev": "f8c128a08d5873682e8518af7c401512381cfd73",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -532,11 +530,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_5": {
|
"nixpkgs_5": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1713687659,
|
"lastModified": 1713254108,
|
||||||
"narHash": "sha256-Yd8KuOBpZ0Slau/NxFhMPJI0gBxeax0vq/FD0rqKwuQ=",
|
"narHash": "sha256-0TZIsfDbHG5zibtlw6x0yOp3jkInIGaJ35B7Y4G8Pec=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "f2d7a289c5a5ece8521dd082b81ac7e4a57c2c5c",
|
"rev": "2fd19c8be2551a61c1ddc3d9f86d748f4db94f00",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -607,20 +605,6 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"systems_2": {
|
"systems_2": {
|
||||||
"locked": {
|
|
||||||
"lastModified": 1681028828,
|
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"id": "systems",
|
|
||||||
"type": "indirect"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"systems_3": {
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681028828,
|
"lastModified": 1681028828,
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
@ -694,27 +678,6 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"treefmt-nix": {
|
"treefmt-nix": {
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixos-dns",
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1711963903,
|
|
||||||
"narHash": "sha256-N3QDhoaX+paWXHbEXZapqd1r95mdshxToGowtjtYkGI=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "treefmt-nix",
|
|
||||||
"rev": "49dc4a92b02b8e68798abd99184f228243b6e3ac",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "treefmt-nix",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"treefmt-nix_2": {
|
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs-wayland",
|
"nixpkgs-wayland",
|
||||||
|
|
36
flake.nix
36
flake.nix
|
@ -54,7 +54,7 @@
|
||||||
owner = "octodns";
|
owner = "octodns";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "main";
|
rev = "main";
|
||||||
sha256 = "sha256-cBdR6LCIivR4L9PePy5ZOOhV/JdanlujWgueCQma9fo=";
|
sha256 = "sha256-KVdH55wkTk2n2t/Y+n9+/5SCk3ml8vXIlFbtmOL4DlA=";
|
||||||
};
|
};
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
propagatedBuildInputs = with pkgs.python3Packages; [
|
propagatedBuildInputs = with pkgs.python3Packages; [
|
||||||
|
@ -171,7 +171,7 @@
|
||||||
import os
|
import os
|
||||||
|
|
||||||
auth = os.getenv("NEXTDNS_API_KEY")
|
auth = os.getenv("NEXTDNS_API_KEY")
|
||||||
|
g
|
||||||
with open('${self.packages.x86_64-linux.nextdns-rewrites}', 'r') as file:
|
with open('${self.packages.x86_64-linux.nextdns-rewrites}', 'r') as file:
|
||||||
rewrites = json.load(file)
|
rewrites = json.load(file)
|
||||||
|
|
||||||
|
@ -402,38 +402,6 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
dnsmasq = nixpkgs.lib.nixosSystem {
|
|
||||||
system = "x86_64-linux";
|
|
||||||
modules = [
|
|
||||||
agenix.nixosModules.default
|
|
||||||
(import ./nix/dnsmasq/configuration.nix)
|
|
||||||
{
|
|
||||||
_module.args.nixinate = {
|
|
||||||
host = "192.168.50.87";
|
|
||||||
sshUser = "root";
|
|
||||||
buildOn = "remote";
|
|
||||||
substituteOnTarget = true;
|
|
||||||
hermetic = false;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
dnsmasq-floof = nixpkgs.lib.nixosSystem {
|
|
||||||
system = "x86_64-linux";
|
|
||||||
modules = [
|
|
||||||
agenix.nixosModules.default
|
|
||||||
(import ./nix/dnsmasq-floof/configuration.nix)
|
|
||||||
{
|
|
||||||
_module.args.nixinate = {
|
|
||||||
host = "10.230.101.104";
|
|
||||||
sshUser = "root";
|
|
||||||
buildOn = "remote";
|
|
||||||
substituteOnTarget = true;
|
|
||||||
hermetic = false;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
12
friends/.editorconfig
Normal file
12
friends/.editorconfig
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
# http://editorconfig.org
|
||||||
|
root = true
|
||||||
|
|
||||||
|
[*]
|
||||||
|
indent_style = tab
|
||||||
|
end_of_line = lf
|
||||||
|
charset = utf-8
|
||||||
|
trim_trailing_whitespace = true
|
||||||
|
insert_final_newline = true
|
||||||
|
|
||||||
|
[*.yml]
|
||||||
|
indent_style = space
|
172
friends/.gitignore
vendored
Normal file
172
friends/.gitignore
vendored
Normal file
|
@ -0,0 +1,172 @@
|
||||||
|
# Logs
|
||||||
|
|
||||||
|
logs
|
||||||
|
_.log
|
||||||
|
npm-debug.log_
|
||||||
|
yarn-debug.log*
|
||||||
|
yarn-error.log*
|
||||||
|
lerna-debug.log*
|
||||||
|
.pnpm-debug.log*
|
||||||
|
|
||||||
|
# Diagnostic reports (https://nodejs.org/api/report.html)
|
||||||
|
|
||||||
|
report.[0-9]_.[0-9]_.[0-9]_.[0-9]_.json
|
||||||
|
|
||||||
|
# Runtime data
|
||||||
|
|
||||||
|
pids
|
||||||
|
_.pid
|
||||||
|
_.seed
|
||||||
|
\*.pid.lock
|
||||||
|
|
||||||
|
# Directory for instrumented libs generated by jscoverage/JSCover
|
||||||
|
|
||||||
|
lib-cov
|
||||||
|
|
||||||
|
# Coverage directory used by tools like istanbul
|
||||||
|
|
||||||
|
coverage
|
||||||
|
\*.lcov
|
||||||
|
|
||||||
|
# nyc test coverage
|
||||||
|
|
||||||
|
.nyc_output
|
||||||
|
|
||||||
|
# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
|
||||||
|
|
||||||
|
.grunt
|
||||||
|
|
||||||
|
# Bower dependency directory (https://bower.io/)
|
||||||
|
|
||||||
|
bower_components
|
||||||
|
|
||||||
|
# node-waf configuration
|
||||||
|
|
||||||
|
.lock-wscript
|
||||||
|
|
||||||
|
# Compiled binary addons (https://nodejs.org/api/addons.html)
|
||||||
|
|
||||||
|
build/Release
|
||||||
|
|
||||||
|
# Dependency directories
|
||||||
|
|
||||||
|
node_modules/
|
||||||
|
jspm_packages/
|
||||||
|
|
||||||
|
# Snowpack dependency directory (https://snowpack.dev/)
|
||||||
|
|
||||||
|
web_modules/
|
||||||
|
|
||||||
|
# TypeScript cache
|
||||||
|
|
||||||
|
\*.tsbuildinfo
|
||||||
|
|
||||||
|
# Optional npm cache directory
|
||||||
|
|
||||||
|
.npm
|
||||||
|
|
||||||
|
# Optional eslint cache
|
||||||
|
|
||||||
|
.eslintcache
|
||||||
|
|
||||||
|
# Optional stylelint cache
|
||||||
|
|
||||||
|
.stylelintcache
|
||||||
|
|
||||||
|
# Microbundle cache
|
||||||
|
|
||||||
|
.rpt2_cache/
|
||||||
|
.rts2_cache_cjs/
|
||||||
|
.rts2_cache_es/
|
||||||
|
.rts2_cache_umd/
|
||||||
|
|
||||||
|
# Optional REPL history
|
||||||
|
|
||||||
|
.node_repl_history
|
||||||
|
|
||||||
|
# Output of 'npm pack'
|
||||||
|
|
||||||
|
\*.tgz
|
||||||
|
|
||||||
|
# Yarn Integrity file
|
||||||
|
|
||||||
|
.yarn-integrity
|
||||||
|
|
||||||
|
# dotenv environment variable files
|
||||||
|
|
||||||
|
.env
|
||||||
|
.env.development.local
|
||||||
|
.env.test.local
|
||||||
|
.env.production.local
|
||||||
|
.env.local
|
||||||
|
|
||||||
|
# parcel-bundler cache (https://parceljs.org/)
|
||||||
|
|
||||||
|
.cache
|
||||||
|
.parcel-cache
|
||||||
|
|
||||||
|
# Next.js build output
|
||||||
|
|
||||||
|
.next
|
||||||
|
out
|
||||||
|
|
||||||
|
# Nuxt.js build / generate output
|
||||||
|
|
||||||
|
.nuxt
|
||||||
|
dist
|
||||||
|
|
||||||
|
# Gatsby files
|
||||||
|
|
||||||
|
.cache/
|
||||||
|
|
||||||
|
# Comment in the public line in if your project uses Gatsby and not Next.js
|
||||||
|
|
||||||
|
# https://nextjs.org/blog/next-9-1#public-directory-support
|
||||||
|
|
||||||
|
# public
|
||||||
|
|
||||||
|
# vuepress build output
|
||||||
|
|
||||||
|
.vuepress/dist
|
||||||
|
|
||||||
|
# vuepress v2.x temp and cache directory
|
||||||
|
|
||||||
|
.temp
|
||||||
|
.cache
|
||||||
|
|
||||||
|
# Docusaurus cache and generated files
|
||||||
|
|
||||||
|
.docusaurus
|
||||||
|
|
||||||
|
# Serverless directories
|
||||||
|
|
||||||
|
.serverless/
|
||||||
|
|
||||||
|
# FuseBox cache
|
||||||
|
|
||||||
|
.fusebox/
|
||||||
|
|
||||||
|
# DynamoDB Local files
|
||||||
|
|
||||||
|
.dynamodb/
|
||||||
|
|
||||||
|
# TernJS port file
|
||||||
|
|
||||||
|
.tern-port
|
||||||
|
|
||||||
|
# Stores VSCode versions used for testing VSCode extensions
|
||||||
|
|
||||||
|
.vscode-test
|
||||||
|
|
||||||
|
# yarn v2
|
||||||
|
|
||||||
|
.yarn/cache
|
||||||
|
.yarn/unplugged
|
||||||
|
.yarn/build-state.yml
|
||||||
|
.yarn/install-state.gz
|
||||||
|
.pnp.\*
|
||||||
|
|
||||||
|
# wrangler project
|
||||||
|
|
||||||
|
.dev.vars
|
||||||
|
.wrangler/
|
6
friends/.prettierrc
Normal file
6
friends/.prettierrc
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
{
|
||||||
|
"printWidth": 140,
|
||||||
|
"singleQuote": true,
|
||||||
|
"semi": true,
|
||||||
|
"useTabs": true
|
||||||
|
}
|
2930
friends/package-lock.json
generated
Normal file
2930
friends/package-lock.json
generated
Normal file
File diff suppressed because it is too large
Load diff
16
friends/package.json
Normal file
16
friends/package.json
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
{
|
||||||
|
"name": "friends",
|
||||||
|
"version": "0.0.0",
|
||||||
|
"private": true,
|
||||||
|
"scripts": {
|
||||||
|
"deploy": "wrangler deploy",
|
||||||
|
"dev": "wrangler dev",
|
||||||
|
"start": "wrangler dev",
|
||||||
|
"test": "vitest"
|
||||||
|
},
|
||||||
|
"devDependencies": {
|
||||||
|
"wrangler": "^3.0.0",
|
||||||
|
"vitest": "1.3.0",
|
||||||
|
"@cloudflare/vitest-pool-workers": "^0.1.0"
|
||||||
|
}
|
||||||
|
}
|
20
friends/src/index.html
Normal file
20
friends/src/index.html
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||||
|
<meta name="description" content="I'm a silly dog">
|
||||||
|
<title>friends of the arch.dog</title>
|
||||||
|
<link rel="stylesheet" href="/styles.css">
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<main><div id="error"></div>
|
||||||
|
<header>
|
||||||
|
<img src="/avatar.png" alt="A cute golden retriever with a stylish blue hairstyle and glasses">
|
||||||
|
<h1>Friends of Arch</h1>
|
||||||
|
</header>
|
||||||
|
<p>A collection of wonderful beans across the internet.</p>
|
||||||
|
<div id="friends"></div>
|
||||||
|
</main>
|
||||||
|
</body>
|
||||||
|
</html>
|
54
friends/src/index.js
Normal file
54
friends/src/index.js
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
import friendsPage from "./index.html";
|
||||||
|
|
||||||
|
export default {
|
||||||
|
async fetch(request, env, ctx) {
|
||||||
|
const renderFriends = async (error) => {
|
||||||
|
const friends = await env.FRIENDS.list();
|
||||||
|
const friendList = await Promise.all(friends.keys.map(async f => {
|
||||||
|
if (f.metadata && f.metadata.noImage) {
|
||||||
|
const value = await env.FRIENDS.get(f.name);
|
||||||
|
return `<a href="https://${f.name}"><p>${value}</p></a>`
|
||||||
|
}
|
||||||
|
return `<a href="https://${f.name}"><img src="./${f.name}" alt="${f.name}"></a>`
|
||||||
|
}));
|
||||||
|
|
||||||
|
return new HTMLRewriter()
|
||||||
|
.on("#friends", {
|
||||||
|
element(element) {
|
||||||
|
element.setInnerContent(friendList.join("\n"), { html: true });
|
||||||
|
},
|
||||||
|
})
|
||||||
|
.on("#error", {
|
||||||
|
element(element) {
|
||||||
|
if (error) {
|
||||||
|
element.setInnerContent(error);
|
||||||
|
} else {
|
||||||
|
element.remove();
|
||||||
|
}
|
||||||
|
},
|
||||||
|
})
|
||||||
|
.transform(
|
||||||
|
new Response(friendsPage, { headers: { "Content-Type": "text/html" } }),
|
||||||
|
);
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
const url = new URL(request.url);
|
||||||
|
|
||||||
|
const { pathname } = url;
|
||||||
|
const friend = pathname.replace("/friends", "", 1);
|
||||||
|
switch (friend) {
|
||||||
|
case "":
|
||||||
|
return Response.redirect("https://arch.dog/friends/", 301);
|
||||||
|
case "/":
|
||||||
|
return await renderFriends()
|
||||||
|
default:
|
||||||
|
const { value, metadata } = await env.FRIENDS.getWithMetadata(friend.replace("/", "", 1), { type: "stream" });
|
||||||
|
if (value === null) {
|
||||||
|
return new Response("not found", {status: 404});
|
||||||
|
}
|
||||||
|
|
||||||
|
return new Response(value, {});
|
||||||
|
}
|
||||||
|
},
|
||||||
|
};
|
20
friends/test/index.spec.js
Normal file
20
friends/test/index.spec.js
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
import { env, createExecutionContext, waitOnExecutionContext, SELF } from "cloudflare:test";
|
||||||
|
import { describe, it, expect } from "vitest";
|
||||||
|
import worker from "../src";
|
||||||
|
|
||||||
|
describe("Hello World worker", () => {
|
||||||
|
it("responds with Hello World! (unit style)", async () => {
|
||||||
|
const request = new Request("http://example.com");
|
||||||
|
// Create an empty context to pass to `worker.fetch()`.
|
||||||
|
const ctx = createExecutionContext();
|
||||||
|
const response = await worker.fetch(request, env, ctx);
|
||||||
|
// Wait for all `Promise`s passed to `ctx.waitUntil()` to settle before running test assertions
|
||||||
|
await waitOnExecutionContext(ctx);
|
||||||
|
expect(await response.text()).toMatchInlineSnapshot(`"Hello World!"`);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("responds with Hello World! (integration style)", async () => {
|
||||||
|
const response = await SELF.fetch("http://example.com");
|
||||||
|
expect(await response.text()).toMatchInlineSnapshot(`"Hello World!"`);
|
||||||
|
});
|
||||||
|
});
|
11
friends/vitest.config.js
Normal file
11
friends/vitest.config.js
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
import { defineWorkersConfig } from "@cloudflare/vitest-pool-workers/config";
|
||||||
|
|
||||||
|
export default defineWorkersConfig({
|
||||||
|
test: {
|
||||||
|
poolOptions: {
|
||||||
|
workers: {
|
||||||
|
wrangler: { configPath: "./wrangler.toml" },
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
});
|
20
friends/wrangler.toml
Normal file
20
friends/wrangler.toml
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
#:schema node_modules/wrangler/config-schema.json
|
||||||
|
name = "friends"
|
||||||
|
main = "src/index.js"
|
||||||
|
compatibility_date = "2024-04-05"
|
||||||
|
compatibility_flags = ["nodejs_compat"]
|
||||||
|
|
||||||
|
workers_dev = false
|
||||||
|
|
||||||
|
[limits]
|
||||||
|
cpu_ms = 10
|
||||||
|
|
||||||
|
kv_namespaces = [
|
||||||
|
{ binding = "FRIENDS", id = "4c7b1469a4cb4050b0c8b8b41a7396aa", preview_id = "4c7b1469a4cb4050b0c8b8b41a7396aa" }
|
||||||
|
]
|
||||||
|
|
||||||
|
routes = [
|
||||||
|
{ pattern = "arch.dog/friends", zone_name = "arch.dog" },
|
||||||
|
{ pattern = "arch.dog/friends/*", zone_name = "arch.dog" }
|
||||||
|
]
|
||||||
|
|
|
@ -1,49 +1,51 @@
|
||||||
|
image:
|
||||||
|
tag: 2024.2.1
|
||||||
|
|
||||||
authentik:
|
authentik:
|
||||||
error_reporting:
|
error_reporting:
|
||||||
enabled: false
|
enabled: false
|
||||||
global:
|
|
||||||
image:
|
|
||||||
tag: 2024.2.3
|
|
||||||
env:
|
env:
|
||||||
- name: AUTHENTIK_WEB__THREADS
|
AUTHENTIK_WEB__THREADS: "2"
|
||||||
value: "2"
|
envValueFrom:
|
||||||
- name: AUTHENTIK_SECRET_KEY
|
AUTHENTIK_SECRET_KEY:
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: authentik-secrets
|
name: authentik-secrets
|
||||||
key: secret-key
|
key: secret-key
|
||||||
- name: AUTHENTIK_POSTGRESQL__HOST
|
AUTHENTIK_POSTGRESQL__HOST:
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: hippo-pguser-authentik
|
name: hippo-pguser-authentik
|
||||||
key: host
|
key: host
|
||||||
- name: AUTHENTIK_POSTGRESQL__PASSWORD
|
AUTHENTIK_POSTGRESQL__PASSWORD:
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: hippo-pguser-authentik
|
name: hippo-pguser-authentik
|
||||||
key: password
|
key: password
|
||||||
- name: AUTHENTIK_POSTGRESQL__USER
|
AUTHENTIK_POSTGRESQL__USER:
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: hippo-pguser-authentik
|
name: hippo-pguser-authentik
|
||||||
key: user
|
key: user
|
||||||
- name: AUTHENTIK_POSTGRESQL__PORT
|
AUTHENTIK_POSTGRESQL__PORT:
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: hippo-pguser-authentik
|
name: hippo-pguser-authentik
|
||||||
key: port
|
key: port
|
||||||
|
|
||||||
server:
|
prometheus:
|
||||||
metrics:
|
serviceMonitor:
|
||||||
enabled: true
|
create: true
|
||||||
|
|
||||||
ingress:
|
ingress:
|
||||||
# Specify kubernetes ingress controller class name
|
# Specify kubernetes ingress controller class name
|
||||||
ingressClassName: nginx
|
ingressClassName: nginx
|
||||||
enabled: true
|
enabled: true
|
||||||
hosts: [ authentik.gmem.ca ]
|
hosts:
|
||||||
tls:
|
# Specify external host name
|
||||||
- hosts:
|
- host: authentik.gmem.ca
|
||||||
- authentik.gmem.ca
|
paths:
|
||||||
secretName: gmem-ca-wildcard
|
- path: "/"
|
||||||
|
pathType: Prefix
|
||||||
|
# Specify external host name
|
||||||
|
- host: prometheus.gmem.ca
|
||||||
|
paths:
|
||||||
|
- path: "/"
|
||||||
|
pathType: Prefix
|
||||||
redis:
|
redis:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
|
@ -130,13 +130,6 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{
|
|
||||||
"Paperless-ngx" = {
|
|
||||||
icon = "paperless-ngx.png";
|
|
||||||
href = "https://docs.gmem.ca";
|
|
||||||
description = "Document storage and indexing";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
|
|
|
@ -74,7 +74,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
kubernetes.resources.cronJobs.piped-refresh.spec = {
|
kubernetes.resources.cronJobs.piped-refresh.spec = {
|
||||||
schedule = "*/10 * * * *";
|
schedule = "*/5 * * * *";
|
||||||
jobTemplate.spec.template.spec = {
|
jobTemplate.spec.template.spec = {
|
||||||
restartPolicy = "Never";
|
restartPolicy = "Never";
|
||||||
containers.refresh-subscriptions = {
|
containers.refresh-subscriptions = {
|
||||||
|
@ -88,8 +88,7 @@
|
||||||
export PGPASSWORD=$password &&
|
export PGPASSWORD=$password &&
|
||||||
export subs=$(psql -U piped -h hippo-primary.default.svc -qtAX -c 'select id from public.pubsub;') &&
|
export subs=$(psql -U piped -h hippo-primary.default.svc -qtAX -c 'select id from public.pubsub;') &&
|
||||||
while IFS= read -r line; do
|
while IFS= read -r line; do
|
||||||
echo "refreshing $line"
|
curl -k "https://pipedapi.gmem.ca/channel/$line" > /dev/null
|
||||||
curl -k -S -s -o /dev/null "https://pipedapi.gmem.ca/channel/$line"
|
|
||||||
done < <(printf '%s' "$subs")
|
done < <(printf '%s' "$subs")
|
||||||
''
|
''
|
||||||
];
|
];
|
||||||
|
|
|
@ -26,7 +26,8 @@ in
|
||||||
options kvmfr static_size_mb=64
|
options kvmfr static_size_mb=64
|
||||||
'';
|
'';
|
||||||
|
|
||||||
kernelParams = [
|
kernelParams =
|
||||||
|
[
|
||||||
"amd_iommu=on"
|
"amd_iommu=on"
|
||||||
"pcie_acs_override=downstream,multifunction"
|
"pcie_acs_override=downstream,multifunction"
|
||||||
"vfio-pci.ids=1002:744c,1002:ab30"
|
"vfio-pci.ids=1002:744c,1002:ab30"
|
||||||
|
|
|
@ -1,80 +0,0 @@
|
||||||
# Edit this configuration file to define what should be installed on
|
|
||||||
# your system. Help is available in the configuration.nix(5) man page, on
|
|
||||||
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
|
|
||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
imports = [
|
|
||||||
# Include the results of the hardware scan.
|
|
||||||
./hardware-configuration.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
age.secrets.dnsmasq-nextdns-profile = {
|
|
||||||
file = ../../secrets/dnsmasq-nextdns-profile.age;
|
|
||||||
owner = "dnsmasq";
|
|
||||||
};
|
|
||||||
|
|
||||||
nix = {
|
|
||||||
settings = {
|
|
||||||
auto-optimise-store = true;
|
|
||||||
experimental-features = ["nix-command" "flakes"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
# Use the systemd-boot EFI boot loader.
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
|
||||||
|
|
||||||
networking = {
|
|
||||||
hostName = "dnsmasq-cache"; # Define your hostname.
|
|
||||||
firewall = {
|
|
||||||
enable = true;
|
|
||||||
allowedUDPPorts = [53];
|
|
||||||
allowedTCPPorts = [22 53 9153];
|
|
||||||
trustedInterfaces = ["enp6s18" "tailscale0"];
|
|
||||||
checkReversePath = "loose";
|
|
||||||
allowedUDPPortRanges = [
|
|
||||||
{
|
|
||||||
from = 3000;
|
|
||||||
to = 22000;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
nftables.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
services = {
|
|
||||||
openssh.enable = true;
|
|
||||||
tailscale.enable = true;
|
|
||||||
dnsmasq = {
|
|
||||||
enable = true;
|
|
||||||
settings = {
|
|
||||||
interface = "tailscale0";
|
|
||||||
cache-size = "4000";
|
|
||||||
no-resolv = true;
|
|
||||||
bogus-priv = true;
|
|
||||||
strict-order = true;
|
|
||||||
server = ["2a07:a8c1::" "45.90.30.0" "2a07:a8c0::" "45.90.28.0"];
|
|
||||||
conf-file = "${config.age.secrets.dnsmasq-nextdns-profile.path}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
environment = {
|
|
||||||
systemPackages = with pkgs; [
|
|
||||||
tailscale
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
virtualisation.oci-containers.containers = {
|
|
||||||
dnsmasq_exporter = {
|
|
||||||
image = "git.gmem.ca/arch/dnsmasq_exporter";
|
|
||||||
extraOptions = ["--network=host"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
system.stateVersion = "23.11"; # Did you read the comment?
|
|
||||||
}
|
|
|
@ -1,32 +0,0 @@
|
||||||
{
|
|
||||||
disko.devices = {
|
|
||||||
disk = {
|
|
||||||
my-disk = {
|
|
||||||
device = "/dev/sda";
|
|
||||||
type = "disk";
|
|
||||||
content = {
|
|
||||||
type = "gpt";
|
|
||||||
partitions = {
|
|
||||||
ESP = {
|
|
||||||
type = "EF00";
|
|
||||||
size = "500M";
|
|
||||||
content = {
|
|
||||||
type = "filesystem";
|
|
||||||
format = "vfat";
|
|
||||||
mountpoint = "/boot";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
root = {
|
|
||||||
size = "100%";
|
|
||||||
content = {
|
|
||||||
type = "filesystem";
|
|
||||||
format = "ext4";
|
|
||||||
mountpoint = "/";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,33 +0,0 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
|
||||||
# and may be overwritten by future invocations. Please make changes
|
|
||||||
# to /etc/nixos/configuration.nix instead.
|
|
||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
modulesPath,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
imports = [
|
|
||||||
(modulesPath + "/profiles/qemu-guest.nix")
|
|
||||||
''${builtins.fetchTarball {
|
|
||||||
url = "https://github.com/nix-community/disko/archive/master.tar.gz";
|
|
||||||
sha256 = "0qyl65hs2j4f5ffj2lv5kb4hc1gradkqvv2j35hbdyiik155l4gn";
|
|
||||||
}}/module.nix''
|
|
||||||
./disk-config.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
|
|
||||||
boot.initrd.kernelModules = [];
|
|
||||||
boot.kernelModules = [];
|
|
||||||
boot.extraModulePackages = [];
|
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
|
||||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
|
||||||
networking.useDHCP = lib.mkDefault true;
|
|
||||||
# networking.interfaces.enp6s18.useDHCP = lib.mkDefault true;
|
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
||||||
}
|
|
|
@ -1,90 +0,0 @@
|
||||||
# Edit this configuration file to define what should be installed on
|
|
||||||
# your system. Help is available in the configuration.nix(5) man page, on
|
|
||||||
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
|
|
||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
imports = [
|
|
||||||
# Include the results of the hardware scan.
|
|
||||||
./hardware-configuration.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
age.secrets.dnsmasq-nextdns-profile = {
|
|
||||||
file = ../../secrets/dnsmasq-nextdns-profile.age;
|
|
||||||
owner = "dnsmasq";
|
|
||||||
};
|
|
||||||
|
|
||||||
nix = {
|
|
||||||
settings = {
|
|
||||||
auto-optimise-store = true;
|
|
||||||
experimental-features = ["nix-command" "flakes"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
# Use the systemd-boot EFI boot loader.
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
|
||||||
|
|
||||||
networking = {
|
|
||||||
hostName = "dnsmasq-cache"; # Define your hostname.
|
|
||||||
useDHCP = false;
|
|
||||||
|
|
||||||
interfaces.enp6s18.ipv4.addresses = [
|
|
||||||
{
|
|
||||||
address = "192.168.50.87";
|
|
||||||
prefixLength = 24;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
nameservers = ["1.1.1.1" "1.0.0.1"];
|
|
||||||
firewall = {
|
|
||||||
enable = true;
|
|
||||||
allowedUDPPorts = [53];
|
|
||||||
allowedTCPPorts = [22 53 9153];
|
|
||||||
trustedInterfaces = ["enp6s18" "tailscale0"];
|
|
||||||
checkReversePath = "loose";
|
|
||||||
allowedUDPPortRanges = [
|
|
||||||
{
|
|
||||||
from = 3000;
|
|
||||||
to = 22000;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
defaultGateway = "192.168.50.1";
|
|
||||||
defaultGateway6 = "2a02:1648:6709::1";
|
|
||||||
nftables.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
services = {
|
|
||||||
openssh.enable = true;
|
|
||||||
tailscale.enable = true;
|
|
||||||
dnsmasq = {
|
|
||||||
enable = true;
|
|
||||||
settings = {
|
|
||||||
interface = "tailscale0";
|
|
||||||
cache-size = "4000";
|
|
||||||
no-resolv = true;
|
|
||||||
bogus-priv = true;
|
|
||||||
strict-order = true;
|
|
||||||
server = ["2a07:a8c1::" "45.90.30.0" "2a07:a8c0::" "45.90.28.0"];
|
|
||||||
conf-file = "${config.age.secrets.dnsmasq-nextdns-profile.path}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
environment = {
|
|
||||||
systemPackages = with pkgs; [
|
|
||||||
tailscale
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
virtualisation.oci-containers.containers = {
|
|
||||||
dnsmasq_exporter = {
|
|
||||||
image = "git.gmem.ca/arch/dnsmasq_exporter";
|
|
||||||
extraOptions = ["--network=host"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
system.stateVersion = "23.11"; # Did you read the comment?
|
|
||||||
}
|
|
|
@ -1,32 +0,0 @@
|
||||||
{
|
|
||||||
disko.devices = {
|
|
||||||
disk = {
|
|
||||||
my-disk = {
|
|
||||||
device = "/dev/sda";
|
|
||||||
type = "disk";
|
|
||||||
content = {
|
|
||||||
type = "gpt";
|
|
||||||
partitions = {
|
|
||||||
ESP = {
|
|
||||||
type = "EF00";
|
|
||||||
size = "500M";
|
|
||||||
content = {
|
|
||||||
type = "filesystem";
|
|
||||||
format = "vfat";
|
|
||||||
mountpoint = "/boot";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
root = {
|
|
||||||
size = "100%";
|
|
||||||
content = {
|
|
||||||
type = "filesystem";
|
|
||||||
format = "ext4";
|
|
||||||
mountpoint = "/";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,33 +0,0 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
|
||||||
# and may be overwritten by future invocations. Please make changes
|
|
||||||
# to /etc/nixos/configuration.nix instead.
|
|
||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
modulesPath,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
imports = [
|
|
||||||
(modulesPath + "/profiles/qemu-guest.nix")
|
|
||||||
''${builtins.fetchTarball {
|
|
||||||
url = "https://github.com/nix-community/disko/archive/master.tar.gz";
|
|
||||||
sha256 = "0qyl65hs2j4f5ffj2lv5kb4hc1gradkqvv2j35hbdyiik155l4gn";
|
|
||||||
}}/module.nix''
|
|
||||||
./disk-config.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
|
|
||||||
boot.initrd.kernelModules = [];
|
|
||||||
boot.kernelModules = [];
|
|
||||||
boot.extraModulePackages = [];
|
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
|
||||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
|
||||||
networking.useDHCP = lib.mkDefault true;
|
|
||||||
# networking.interfaces.enp6s18.useDHCP = lib.mkDefault true;
|
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
||||||
}
|
|
|
@ -22,7 +22,7 @@
|
||||||
in [
|
in [
|
||||||
(import (builtins.fetchTarball {
|
(import (builtins.fetchTarball {
|
||||||
url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
|
url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
|
||||||
sha256 = "1xa3vqw4kbrpqh6qkkkhrglgj6armrpdgc057kbsfcbaan5xc2pm";
|
sha256 = "11x80s4jh06ibk390q8wgvvi614fapiswmbi6z9xy9d21pf7mw33";
|
||||||
}))
|
}))
|
||||||
discordOverlay
|
discordOverlay
|
||||||
];
|
];
|
||||||
|
@ -135,7 +135,6 @@
|
||||||
comma
|
comma
|
||||||
transmission_4-qt
|
transmission_4-qt
|
||||||
ungoogled-chromium
|
ungoogled-chromium
|
||||||
looking-glass-client
|
|
||||||
];
|
];
|
||||||
|
|
||||||
# This value determines the Home Manager release that your
|
# This value determines the Home Manager release that your
|
||||||
|
|
|
@ -104,6 +104,7 @@
|
||||||
max_chunk_age = "1h";
|
max_chunk_age = "1h";
|
||||||
chunk_target_size = 999999;
|
chunk_target_size = 999999;
|
||||||
chunk_retain_period = "30s";
|
chunk_retain_period = "30s";
|
||||||
|
max_transfer_retries = 0;
|
||||||
};
|
};
|
||||||
|
|
||||||
schema_config = {
|
schema_config = {
|
||||||
|
@ -126,6 +127,7 @@
|
||||||
active_index_directory = "/var/lib/loki/boltdb-shipper-active";
|
active_index_directory = "/var/lib/loki/boltdb-shipper-active";
|
||||||
cache_location = "/var/lib/loki/boltdb-shipper-cache";
|
cache_location = "/var/lib/loki/boltdb-shipper-cache";
|
||||||
cache_ttl = "24h";
|
cache_ttl = "24h";
|
||||||
|
shared_store = "filesystem";
|
||||||
};
|
};
|
||||||
|
|
||||||
filesystem = {
|
filesystem = {
|
||||||
|
@ -138,6 +140,10 @@
|
||||||
reject_old_samples_max_age = "168h";
|
reject_old_samples_max_age = "168h";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
chunk_store_config = {
|
||||||
|
max_look_back_period = "0s";
|
||||||
|
};
|
||||||
|
|
||||||
table_manager = {
|
table_manager = {
|
||||||
retention_deletes_enabled = false;
|
retention_deletes_enabled = false;
|
||||||
retention_period = "0s";
|
retention_period = "0s";
|
||||||
|
@ -145,6 +151,7 @@
|
||||||
|
|
||||||
compactor = {
|
compactor = {
|
||||||
working_directory = "/var/lib/loki";
|
working_directory = "/var/lib/loki";
|
||||||
|
shared_store = "filesystem";
|
||||||
compactor_ring = {
|
compactor_ring = {
|
||||||
kvstore = {
|
kvstore = {
|
||||||
store = "inmemory";
|
store = "inmemory";
|
||||||
|
@ -322,6 +329,10 @@
|
||||||
job_name = "forgejo";
|
job_name = "forgejo";
|
||||||
static_configs = [{targets = ["git.gmem.ca"];}];
|
static_configs = [{targets = ["git.gmem.ca"];}];
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
job_name = "coredns";
|
||||||
|
static_configs = [{targets = ["vancouver:9253"];}];
|
||||||
|
}
|
||||||
{
|
{
|
||||||
job_name = "healthchecks";
|
job_name = "healthchecks";
|
||||||
scrape_interval = "60s";
|
scrape_interval = "60s";
|
||||||
|
@ -333,11 +344,6 @@
|
||||||
scrape_interval = "60s";
|
scrape_interval = "60s";
|
||||||
static_configs = [{targets = ["vancouver:6534"];}];
|
static_configs = [{targets = ["vancouver:6534"];}];
|
||||||
}
|
}
|
||||||
{
|
|
||||||
job_name = "dnsmasq";
|
|
||||||
scrape_interval = "10s";
|
|
||||||
static_configs = [{targets = ["100.102.19.124:9153" "100.92.113.87:9153"];}];
|
|
||||||
}
|
|
||||||
{
|
{
|
||||||
job_name = "blackbox_home";
|
job_name = "blackbox_home";
|
||||||
metrics_path = "/probe";
|
metrics_path = "/probe";
|
||||||
|
|
|
@ -330,12 +330,10 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
gitea = {
|
||||||
forgejo = {
|
|
||||||
enable = true;
|
enable = true;
|
||||||
stateDir = "/tank/forgejo";
|
stateDir = "/tank/forgejo";
|
||||||
user = "git";
|
package = pkgs.forgejo;
|
||||||
group = "git";
|
|
||||||
settings = {
|
settings = {
|
||||||
DEFAULT = {
|
DEFAULT = {
|
||||||
APP_NAME = "Arch's Git Forge";
|
APP_NAME = "Arch's Git Forge";
|
||||||
|
@ -378,7 +376,6 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
labels = [
|
labels = [
|
||||||
"debian-latest:docker://node:18-bullseye"
|
"debian-latest:docker://node:18-bullseye"
|
||||||
"ubuntu-latest:docker://node:18-bullseye"
|
|
||||||
"docker:docker://gitea/act_runner:nightly-dind-rootless"
|
"docker:docker://gitea/act_runner:nightly-dind-rootless"
|
||||||
"nix:docker://nixos/nix"
|
"nix:docker://nixos/nix"
|
||||||
];
|
];
|
||||||
|
@ -474,16 +471,7 @@
|
||||||
};
|
};
|
||||||
environment.shells = with pkgs; [zsh fish];
|
environment.shells = with pkgs; [zsh fish];
|
||||||
|
|
||||||
users = {
|
users.users = {
|
||||||
groups.git = {};
|
|
||||||
users = {
|
|
||||||
git = {
|
|
||||||
home = "/tank/forgejo";
|
|
||||||
useDefaultShell = true;
|
|
||||||
group = "git";
|
|
||||||
isSystemUser = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
gsimmer = {
|
gsimmer = {
|
||||||
shell = pkgs.fish;
|
shell = pkgs.fish;
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
|
@ -512,7 +500,6 @@
|
||||||
pkgs.lib.splitString "\n" (builtins.readFile
|
pkgs.lib.splitString "\n" (builtins.readFile
|
||||||
authorizedKeys);
|
authorizedKeys);
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
home-manager.users.gsimmer = {pkgs, ...}: {
|
home-manager.users.gsimmer = {pkgs, ...}: {
|
||||||
programs.git = {
|
programs.git = {
|
||||||
|
|
|
@ -3,11 +3,6 @@ let
|
||||||
monitoring = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDtzsbxKgZ/NBYlYO2EJQZhBy3nVBVERWebbsP9mLcy";
|
monitoring = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDtzsbxKgZ/NBYlYO2EJQZhBy3nVBVERWebbsP9mLcy";
|
||||||
machines = [vancouver monitoring];
|
machines = [vancouver monitoring];
|
||||||
|
|
||||||
dnsmasq-cache = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKpZvxrLo8kbbCVODAES8xfPbzHN6fx3cRfhYC+me0R9";
|
|
||||||
dnsmasq-cache-floof = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAghUyhsM/pRXmKf6NjQGULxshwXP0l93yzFvqEdM9dC";
|
|
||||||
|
|
||||||
dnsmasq = [dnsmasq-cache dnsmasq-cache-floof];
|
|
||||||
|
|
||||||
proxmox-k3s-node = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB1KEjdFl0UmuKfESJTMZdKR2H9a405z0SSlt75NKKht";
|
proxmox-k3s-node = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB1KEjdFl0UmuKfESJTMZdKR2H9a405z0SSlt75NKKht";
|
||||||
seattle = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF9pTEqeVljLq0ctFgDn25Q76mCqpddkSNN9kd3IQXd1";
|
seattle = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF9pTEqeVljLq0ctFgDn25Q76mCqpddkSNN9kd3IQXd1";
|
||||||
glasgow = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMgZSpfnx/4kfE4P1tFpq047IZkF2Q0UYahputnWxtEJ";
|
glasgow = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMgZSpfnx/4kfE4P1tFpq047IZkF2Q0UYahputnWxtEJ";
|
||||||
|
@ -29,6 +24,4 @@ in {
|
||||||
"secrets/cloudflare-dns.age".publicKeys = machines ++ users;
|
"secrets/cloudflare-dns.age".publicKeys = machines ++ users;
|
||||||
"secrets/monitoring-grafana-client-secret.age".publicKeys = [monitoring gsimmer];
|
"secrets/monitoring-grafana-client-secret.age".publicKeys = [monitoring gsimmer];
|
||||||
"secrets/k3s-token.age".publicKeys = k3s ++ users;
|
"secrets/k3s-token.age".publicKeys = k3s ++ users;
|
||||||
|
|
||||||
"secrets/dnsmasq-nextdns-profile.age".publicKeys = dnsmasq ++ users;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +0,0 @@
|
||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 o0sdgw 9I44ptc/Dwhk2EcjCtJhl3kSu69BXMRCPHZAdt9kJgE
|
|
||||||
t8gc+3qVIkEuyNSWE3S3vEhV+q7uSMe/qIJccV6ln54
|
|
||||||
-> ssh-ed25519 C7Rp1Q G0PsVpG+bRptzUhAxYNkerKqhYRgnYatX2S4vEj0F2M
|
|
||||||
sivnnSL3QRKXPubK6Bk1ASdriuOx7uwoA89iWjsazi8
|
|
||||||
-> ssh-ed25519 qbziOw sZzOsi5z1YTAHY809dsew0rLRuSxLQLLbwF+zTXHLjo
|
|
||||||
j0uANQ6MrUdwCI+Qf9dimMnZheP2zUNsGzHGgrD4oO4
|
|
||||||
--- QJmFdG6wwF307+25uBp0E9aSGjH0eAmNEYI/RfZ5c7k
|
|
||||||
¦Æԧƾw5ÞôÚ7…ÿÐTÚ¼!É>ƒýÔZö½p]Ÿ<àÇO‰ï¿<C3AF>íÎÎX
|
|
|
@ -1,7 +1,10 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 oN6OTQ e6ldvoLxjS1vUBY2glP9UbAvOoDkgTF/Hsjy22C4E3E
|
-> ssh-ed25519 oN6OTQ 290Jjq3X3EKWAJjbrxxNdLVYq7OOdTZAQBLnb0JlzEw
|
||||||
qjdy/Zh7+0wSIJjNuov0/KQaiWJzVfzSLKzIYhK3tKE
|
Ci/Ngx0O5JbCbxNqkUdSz1zuHs2YMvi+st/Nf+BlhXk
|
||||||
-> ssh-ed25519 qbziOw 8daUrL9RuNfduBTXesLd1ndSFSRJwKj3+fqAWJlRrG8
|
-> ssh-ed25519 qbziOw pexX+lrzjrIvjD1BXDOwZ6jvHNwHvI8NN7t0g+WAHE4
|
||||||
kazcLzdfpBIVhyFJuDMEtCr1EXRDa0wNkGMxrGPXcFw
|
8TlaRQnd/H/1nML+bJOL9J6rG1FOSFY7qTTiu11gqRo
|
||||||
--- PW+ZaxdW9FYv129kt44jeeiY3GwrLkH5szOsr/ziJEQ
|
-> Q5TArB-grease
|
||||||
Û2ÄÐ)þ*“…Œmã<£>=²^¶ñTžc•¿¯Q—%ø7wF†<»+{&[Ø!0&Gùù+„ùô¶·œSЇ‹ýÍà˜ÉÎl~{
|
bYTE3nqG4aLFTuXCpjRNM7rnVFlL7BCJ2BlqJbMn0CImH3owoMnYwpBBEO2i5/O7
|
||||||
|
XdBin6lrZDYiFZMLzQ4DRd8B
|
||||||
|
--- GfQW76dgud6sOfFfB1VoRiiZZqDePubrWRTbvKcx3Z0
|
||||||
|
“n-‡ŽA3]Éró]YHp'`º…2óH^Î%Ï}= Nzútoöä:³5õ³ˆª‚éùê—R <52>§¾áýL瞶6‹©ÀÐÝ24¼ª"WË
|
Loading…
Reference in a new issue