Merge remote-tracking branch 'origin/main'

nixos/beefcake/default.nix

@@ -117,6 +117,12 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
         owner = config.systemd.services.plausible.serviceConfig.User;
         group = config.systemd.services.plausible.serviceConfig.Group;
       };
+      nextcloud-admin-password = {
+        path = "/var/lib/nextcloud/admin-password";
+        mode = "0440";
+        # owner = config.services.nextcloud.serviceConfig.User;
+        # group = config.services.nextcloud.serviceConfig.Group;
+      };
     };
   };
 
@@ -157,6 +163,7 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
   users.groups.nixadmin.members = ["daniel"];
 
   users.users.daniel = {
+    packages = [pkgs.weechat];
     extraGroups = [
       "nixadmin" # write access to /etc/nixos/ files
       "wheel" # sudo access
@@ -596,27 +603,6 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
     };
   };
 
-  services.redis = {
-    servers = {
-      nextcloud = {
-        enable = true;
-        user = config.systemd.services.nextcloud.serviceConfig.User;
-        # group = config.systemd.services.nextcloud.serviceConfig.Group;
-      };
-    };
-  };
-
-  services.nextcloud = {
-    enable = true;
-    package = pkgs.nextcloud27;
-
-    config = {
-      dbtype = "pgsql";
-    };
-
-    hostName = "nextcloud.lyte.dev";
-  };
-
   # paths:
   # TODO: move previous backups over and put here
   # clickhouse and plausible analytics once they're up and running?

nixos/foxtrot/default.nix

@@ -22,7 +22,7 @@
     ])
     ++ [
       inputs.hardware.nixosModules.common-cpu-amd
-      inputs.hardware.nixosModules.common-cpu-amd-pstate
+      # inputs.hardware.nixosModules.common-cpu-amd-pstate
       inputs.hardware.nixosModules.common-pc-laptop-ssd
     ];
 

readme.md

@@ -9,6 +9,10 @@ here is useful inspiration.
 
 # Quick Start
 
+```shell_session
+$ nixos-rebuild switch --flake git+https://git.lyte.dev/lytedev/nix#${FLAKE_ATTR}
+```
+
 You don't have even have to clone this crap yourself. How cool is that!
 
 But if you're gonna change stuff you had better setup the pre-commit hook:
@@ -27,7 +31,7 @@ $ pass age-key >> ${XDG_CONFIG_HOME:-~/.config}/sops/age/keys.txt
 ## NixOS
 
 ```shell_session
-$ nixos-rebuild switch --flake git+https://git.lyte.dev/lytedev/nix
+$ nixos-rebuild switch --flake .
 ```
 
 ## Not NixOS
@@ -44,7 +48,7 @@ $ home-manager switch --flake git+https://git.lyte.dev/lytedev/nix
 
 ```bash
 host=your_host
-nix run nixpkgs#nixos-rebuild -- --flake "git+https://git.lyte.dev/lytedev/nix#$host" \
+nix run nixpkgs#nixos-rebuild -- --flake ".#$host" \
   --target-host "root@$host" --build-host "root@$host" \
   switch --show-trace
 ```
@@ -68,7 +72,7 @@ ssh -t "root@$host" "bash -c '
 # we will test things and make sure it works first
 # if it fails, the reboot we started previously will automatically kick in once the timeout is reached
 # and the machine will boot to the now-previous iteration
-nix run nixpkgs#nixos-rebuild -- --flake "git+https://git.lyte.dev/lytedev/nix#$host" \
+nix run nixpkgs#nixos-rebuild -- --flake ".#$host" \
   --target-host "root@$host" --build-host "root@$host" \
   test --show-trace
 
@@ -113,7 +117,7 @@ nix-shell --packages git --run "sudo nix run \
 nix-shell --packages git \
   --run "sudo nixos-install \
     --flake 'git+https://git.lyte.dev/lytedev/nix#${FLAKE_ATTR}' \
-    --option substituters 'https://cache.nixos.org https://nix.h.lyte.dev' \
+    --option trusted-substituters 'https://cache.nixos.org https://nix.h.lyte.dev' \
     --option trusted-public-keys 'cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0='"
 ```
 

secrets/beefcake/secrets.yml

@@ -11,6 +11,7 @@ example_booleans:
 plausible-admin-password: ENC[AES256_GCM,data:dC9olypZgMLdPOsmjthOaa/fMLtbGBlF9A==,iv:GU2ccj10TKQ0KW9b9X9AgYnvhS/wMVqYTyxr6Xt50Gk=,tag:ypQ0VtutVD8wgdfm40QZkw==,type:str]
 plausible-erlang-cookie: ENC[AES256_GCM,data:zhmC+D6EjIE8Rw91lIrMqY0QIazTX1e1jBzcZJP/76B9VvHWZ5bCkP1+KdfCY0lk3wIEq5vRfb8=,iv:RNNjlV3OFtXn1N0a5fEb/3FWzcHX19wtCLMdaVlKNJ0=,tag:8iU5oFVbzd0eMe5Mo1PiAw==,type:str]
 plausible-secret-key-base: ENC[AES256_GCM,data:ylakPGzY4S9640krl0fxYgm0Getf0+I7zthyTqTD/IpVhz5xgYBYx3Y2lSNa9Oi9yQ7+f9OdOBC6nc7n6MuUBg==,iv:YLPax/cRjMdIFti26gJd8COKr+3jXNZ7HCA5VvQVyAo=,tag:LHqYi590oEIp1IihLcFTtw==,type:str]
+nextcloud-admin-password: ENC[AES256_GCM,data:QaoSZyommeGED3nWNru92UVO2tjk24HE9fWX7ExYT101o4ZL411TmV1TXHSyfwjmE7yLIm1K/j4xpEbIY3zvFg==,iv:xC5EZVPHumVPOob5jiiXMFAmdFQcFSUPtZgioAgGDDs=,tag:Q/kY38XWkGsqcmCkd2lodg==,type:str]
 api.lyte.dev: ENC[AES256_GCM,data:14C5GQ41m/g7qHPzxlYoWjKWDOcm7MEDkuSofiuLfRNc/nji61t1eDbKX3d+SQL1UBchJFoBrWrUxnf0mUERhED1196z8vUq2jKEkcqKCAUS3soECInlb8zcxTcxaTFjYSjp1vUBdAn05AqLsF+hh9Bsm4fMQYjnHEZke9EmPZhuTlUdZa4eLv3+L3xAPHk2QIHQhdsjcTjGAZRMZOgTEcCvtGlb5pQuo11XmR2JzwzOXMC51WFDeOIWMAdO80yQBAdILso7rp1Nts/lwF0Bc9t7bNdHyoVTOA==,iv:jWGqUpXOTb/O972qXOqeX0EMFQLDKwaNHBqlpuGrZOk=,tag:uwB/jlAgESkLZ+vJ/OeV0A==,type:str]
 sops:
     kms: []
@@ -36,8 +37,8 @@ sops:
             b0lTRjVCMU9ELzdvbFBJZ0tHbGtsYkEKLEcXCEikC3T3hfVOYKtWcNSGmfg28y+f
             nGC4dQh9EciEbk1ZBbN3i6YSNULDoMSH172KBmRyt1ogr1ZPyCNqtg==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-07-28T21:11:56Z"
-    mac: ENC[AES256_GCM,data:V/Gdc3LEwlNlfSqUzQFHFmtJQVaQ5wGXZmzoBpwHzhyHQpEkezHBwhq4XTCuXH5XPpjmWvih/dAbOn9EBA6gvPSX1DB0j/JvHvK9b8+BpjlL4xtnYaBql2eQgCWLKqzZMGCnbwONWi+1sjowK1ac4zPnXhEr52EIES31hV8KHKU=,iv:4NzQxve+iKhRcQVxfXbDsQz1sBU+pnm9x/HQnv2TLgc=,tag:zLYKf+tEUsXApNdc1hLjhw==,type:str]
+    lastmodified: "2023-10-20T19:05:45Z"
+    mac: ENC[AES256_GCM,data:0liRgiLMiy/ISeHzL/rHjchgTDzjVjn1bzSyw7B4EmDu2YYsOhmRNmzbUH4f8I9vDwEkMyJx6VLBfrrnulpmPAlBqWxgYsqrS1eAMNWNeYGMAzZMgBChZbvMXj7cWJr0rNgU+Cnt+7/GXEXKUx1IQPSF9faVYKjBUWG8IuJ22XI=,iv:GoPu7xhQrXksUhE1NH32xFd3ykiBYlZp7RMUmXyDDck=,tag:uRLcc+2sg30SZTLXtIOTWQ==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
-    version: 3.7.3
+    version: 3.8.1