xin/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: xin:9ffc2ad23db09ade01c612a34365addba8e67d3e
Branches Tags
xin:master
xin:deploy
..
compare: xin:ced05f99fcbab5516138d6f86dccfff389a5ba6c
Branches Tags
xin:master
xin:deploy

No commits in common. "9ffc2ad23db09ade01c612a34365addba8e67d3e" and "ced05f99fcbab5516138d6f86dccfff389a5ba6c" have entirely different histories.
9ffc2ad23d ... ced05f99fc

5 changed files with 24 additions and 57 deletions
Show stats Expand all files Collapse all files

24
flake.lock
View file

@ -143,11 +143,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1722562293, "lastModified": 1722476581,
"narHash": "sha256-JLhM5xSbx5Isjyfz8+WhCfJ9hgEJ4VYRivTOANYZVWM=", "narHash": "sha256-dCNcvjaOTu+cPin3VUym9pglsghWYJe5oUpKTuAgiiU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-vscode-extensions", "repo": "nix-vscode-extensions",
"rev": "2056dac5adce82433b1dae711868b1c22e5ed07e", "rev": "1fe57eaf074d28246ec310486fe3db4ae44d0451",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -174,11 +174,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1722578639, "lastModified": 1722489601,
"narHash": "sha256-yge4OI8r8JBFtoajezauguXwYJ7M+Enwb3ZGbJF4YKA=", "narHash": "sha256-sB37J92AwEcmzg0GgxdI1TU6M+psUpbo0iYLFJBmsfo=",
"owner": "xinyangli", "owner": "xinyangli",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4c71f761584bd9f9a4c4ba090c353c7f3e65c430", "rev": "eee3d54e62749dfd0f263e3903ca0ec1ebdbe72b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -190,11 +190,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1722372011, "lastModified": 1722221733,
"narHash": "sha256-B2xRiC3NEJy/82ugtareBkRqEkPGpMyjaLxaR8LBxNs=", "narHash": "sha256-sga9SrrPb+pQJxG1ttJfMPheZvDOxApFfwXCFO0H9xw=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "cf05eeada35e122770c5c14add958790fcfcbef5", "rev": "12bf09802d77264e441f48e25459c10c93eada2e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -222,11 +222,11 @@
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1722577920, "lastModified": 1722485061,
"narHash": "sha256-+Nilyq9pr3f13pNqE3UaJ/zxB69fQ8MmkA5xu6oYtIs=", "narHash": "sha256-opkrX6noshjk2V3PKBiksA8+M6K7cu3EuiuAWL04pNs=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "a3f8a8853ee2e17c2efd5a33a5c91c1d79bc9c49", "rev": "3bf06551d5922d420607091f5a3321e712ece307",
"type": "github" "type": "github"
}, },
"original": { "original": {

11
machines/massicot/default.nix
View file

@ -28,9 +28,6 @@
grafana_oauth_secret = { grafana_oauth_secret = {
owner = "grafana"; owner = "grafana";
}; };
miniflux_oauth_secret = {
owner = "miniflux";
};
}; };
}; };
@ -45,7 +42,7 @@
fileSystems."/mnt/storage" = { fileSystems."/mnt/storage" = {
device = "//u380335-sub1.your-storagebox.de/u380335-sub1"; device = "//u380335-sub1.your-storagebox.de/u380335-sub1";
fsType = "cifs"; fsType = "cifs";
options = [ "credentials=${config.sops.secrets.storage_box_mount.path}" ]; options = ["credentials=${config.sops.secrets.storage_box_mount.path}"];
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -70,9 +67,9 @@
}; };
security.sudo = { security.sudo = {
execWheelOnly = true; execWheelOnly = true;
wheelNeedsPassword = false; wheelNeedsPassword = false;
}; };
services.openssh = { services.openssh = {
enable = true; enable = true;

10
machines/massicot/kanidm-provision.nix
View file

@ -32,9 +32,6 @@
grafana-users = { grafana-users = {
members = [ "xin" ]; members = [ "xin" ];
}; };
miniflux-users = {
members = [ "xin" ];
};
}; };
persons = { persons = {
xin = { xin = {
@ -95,13 +92,6 @@
immich-users = [ "openid" "email" "profile" ]; immich-users = [ "openid" "email" "profile" ];
}; };
}; };
miniflux = {
displayName = "Miniflux";
originUrl = "https://rss.xinyang.life/";
scopeMaps = {
miniflux-users = [ "openid" "email" "profile" ];
};
};
grafana = { grafana = {
displayName = "Grafana"; displayName = "Grafana";
originUrl = "https://grafana.xinyang.life/"; originUrl = "https://grafana.xinyang.life/";

22
machines/massicot/services.nix
View file

@ -1,4 +1,4 @@
{ config, pkgs, lib, ... }: { config, pkgs, ... }:
let let
kanidm_listen_port = 5324; kanidm_listen_port = 5324;
in in
@ -85,21 +85,6 @@ in
}; };
provision = import ./kanidm-provision.nix; provision = import ./kanidm-provision.nix;
}; };
services.miniflux = {
enable = true;
config = {
LISTEN_ADDR = "127.0.0.1:58173";
OAUTH2_PROVIDER = "oidc";
OAUTH2_CLIEND_ID = "miniflux";
OAUTH2_REDIRECT_URL = "https://rss.xinyang.life/oauth2/oidc/callback";
OAUTH2_OIDC_DISCOVERY_ENDPOINT = "https://auth.xinyang.life/oauth2/openid/miniflux";
OAUTH2_USER_CREATION = 1;
CREATE_ADMIN = lib.mkForce "";
};
adminCredentialsFile = config.sops.secrets.miniflux_oauth_secret;
};
services.matrix-conduit = { services.matrix-conduit = {
enable = true; enable = true;
# package = inputs.conduit.packages.${pkgs.system}.default; # package = inputs.conduit.packages.${pkgs.system}.default;
@ -253,11 +238,6 @@ in
} }
} }
''; '';
virtualHosts."https://rss.xinyang.life".extraConfig = ''
reverse_proxy ${config.services.miniflux.config.LISTEN_ADDR}
'';
virtualHosts."https://ntfy.xinyang.life".extraConfig = '' virtualHosts."https://ntfy.xinyang.life".extraConfig = ''
reverse_proxy unix/${config.services.ntfy-sh.settings.listen-unix} reverse_proxy unix/${config.services.ntfy-sh.settings.listen-unix}
@httpget { @httpget {

4
modules/nixos/common-settings/nix-conf.nix
View file

@ -43,8 +43,8 @@ in
]; ];
extra-substituters = mkIf cfg.enableMirrors [ extra-substituters = mkIf cfg.enableMirrors [
"https://mirrors.bfsu.edu.cn/nix-channels/store?priority=100" "https://mirrors.bfsu.edu.cn/nix-channels/store"
"https://mirrors.ustc.edu.cn/nix-channels/store?priority=100" "https://mirrors.ustc.edu.cn/nix-channels/store"
]; ];
trusted-public-keys = [ trusted-public-keys = [