WIP
This commit is contained in:
parent
4c030b37f0
commit
65241635b2
5 changed files with 59 additions and 120 deletions
100
flake.lock
100
flake.lock
|
@ -2,18 +2,16 @@
|
|||
"nodes": {
|
||||
"api-lyte-dev": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils",
|
||||
"lexical": "lexical",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699311919,
|
||||
"narHash": "sha256-TvctRO/lO+lvjN6LbxJaj+jizFK+PoZqC1ZAYY2+GTo=",
|
||||
"lastModified": 1708463499,
|
||||
"narHash": "sha256-GvqU+Z3cZkgMXf41vfMELLKPk+EVUl1UMW56Gz5ccrU=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "5096ec7e3a7f9ba4ea661d089e6b0fc4f7ab2992",
|
||||
"revCount": 78,
|
||||
"rev": "e3f0cae4f75101706bc8b9a822f7d90b03a91702",
|
||||
"revCount": 80,
|
||||
"type": "git",
|
||||
"url": "ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git"
|
||||
},
|
||||
|
@ -68,42 +66,6 @@
|
|||
"inputs": {
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1689068808,
|
||||
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1692799911,
|
||||
"narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_3": {
|
||||
"inputs": {
|
||||
"systems": "systems_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1694529238,
|
||||
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
|
||||
|
@ -136,7 +98,7 @@
|
|||
"helix": {
|
||||
"inputs": {
|
||||
"crane": "crane",
|
||||
"flake-utils": "flake-utils_3",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"rust-overlay": "rust-overlay"
|
||||
},
|
||||
|
@ -176,28 +138,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"lexical": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_2",
|
||||
"nixpkgs": [
|
||||
"api-lyte-dev",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699016103,
|
||||
"narHash": "sha256-8uMDgg/YnyaSn8IvlG14PVSCHQl6ZHdgB8CWNDnYd5s=",
|
||||
"owner": "lexical-lsp",
|
||||
"repo": "lexical",
|
||||
"rev": "059bbbe516a4dff66bc3febc953ac2eddabc78a4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "lexical-lsp",
|
||||
"repo": "lexical",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1700794826,
|
||||
|
@ -341,36 +281,6 @@
|
|||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_2": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_3": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
|
@ -37,6 +37,7 @@
|
|||
self,
|
||||
nixpkgs,
|
||||
home-manager,
|
||||
api-lyte-dev,
|
||||
...
|
||||
} @ inputs: let
|
||||
inherit (self) outputs;
|
||||
|
@ -87,8 +88,11 @@
|
|||
nixpkgs.lib.nixosSystem {
|
||||
inherit system;
|
||||
specialArgs = {
|
||||
inherit inputs outputs system;
|
||||
inherit inputs outputs system api-lyte-dev;
|
||||
};
|
||||
# extraSpecialArgs = {
|
||||
# inherit inputs outputs system api-lyte-dev;
|
||||
# };
|
||||
modules =
|
||||
[
|
||||
self.nixosModules.common
|
||||
|
|
|
@ -8,7 +8,8 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x01 0x00
|
|||
sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
|
||||
*/
|
||||
{
|
||||
inputs,
|
||||
api-lyte-dev,
|
||||
# inputs,
|
||||
# outputs,
|
||||
config,
|
||||
pkgs,
|
||||
|
@ -22,12 +23,12 @@ in {
|
|||
../modules/nixos/fonts.nix
|
||||
]
|
||||
++ [
|
||||
inputs.api-lyte-dev.nixosModules.${system}.api-lyte-dev
|
||||
# inputs.nix-minecraft.nixosModules.minecraft-servers
|
||||
# api-lyte-dev.nixosModules.api-lyte-dev
|
||||
# nix-minecraft.nixosModules.minecraft-servers
|
||||
];
|
||||
|
||||
nixpkgs.overlays = [
|
||||
# inputs.nix-minecraft.overlay
|
||||
# nix-minecraft.overlay
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = ["ehci_pci" "megaraid_sas" "usbhid" "uas" "sd_mod"];
|
||||
|
@ -60,16 +61,17 @@ in {
|
|||
secretKeyFile = "/var/cache-priv-key.pem";
|
||||
};
|
||||
|
||||
services.api-lyte-dev = rec {
|
||||
enable = true;
|
||||
port = 5757;
|
||||
stateDir = "/var/lib/api-lyte-dev";
|
||||
configFile = config.sops.secrets."api.lyte.dev".path;
|
||||
user = "api-lyte-dev";
|
||||
group = user;
|
||||
};
|
||||
# services.api-lyte-dev = rec {
|
||||
# enable = true;
|
||||
# port = 5757;
|
||||
# stateDir = "/var/lib/api-lyte-dev";
|
||||
# configFile = config.sops.secrets."api.lyte.dev".path;
|
||||
# configFile = /dev/null;
|
||||
# user = "api-lyte-dev";
|
||||
# group = user;
|
||||
# };
|
||||
|
||||
systemd.services.api-lyte-dev.environment.LOG_LEVEL = "debug";
|
||||
# systemd.services.api-lyte-dev.environment.LOG_LEVEL = "debug";
|
||||
|
||||
sops = {
|
||||
defaultSopsFile = ../secrets/beefcake/secrets.yml;
|
||||
|
@ -105,8 +107,8 @@ in {
|
|||
# path = "${config.services.api-lyte-dev.stateDir}/secrets.json";
|
||||
# TODO: would be cool to assert that it's correctly-formatted JSON? probably should be done in a pre-commit hook?
|
||||
mode = "0440";
|
||||
owner = config.services.api-lyte-dev.user;
|
||||
group = config.services.api-lyte-dev.group;
|
||||
# owner = config.services.api-lyte-dev.user;
|
||||
# group = config.services.api-lyte-dev.group;
|
||||
};
|
||||
|
||||
"jland.env" = {
|
||||
|
@ -130,12 +132,12 @@ in {
|
|||
owner = config.systemd.services.plausible.serviceConfig.User;
|
||||
group = config.systemd.services.plausible.serviceConfig.Group;
|
||||
};
|
||||
nextcloud-admin-password = {
|
||||
path = "/var/lib/nextcloud/admin-password";
|
||||
mode = "0440";
|
||||
owner = config.services.nextcloud.serviceConfig.User;
|
||||
group = config.services.nextcloud.serviceConfig.Group;
|
||||
};
|
||||
# nextcloud-admin-password = {
|
||||
# path = "/var/lib/nextcloud/admin-password";
|
||||
# mode = "0440";
|
||||
# owner = config.services.nextcloud.serviceConfig.User;
|
||||
# group = config.services.nextcloud.serviceConfig.Group;
|
||||
# };
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -314,7 +316,7 @@ in {
|
|||
}
|
||||
|
||||
api.lyte.dev {
|
||||
reverse_proxy :${toString config.services.api-lyte-dev.port}
|
||||
reverse_proxy :$${toString config.services.api-lyte-dev.port}
|
||||
}
|
||||
|
||||
a.lyte.dev {
|
||||
|
@ -429,12 +431,12 @@ in {
|
|||
baseUrl = "http://beefcake.hare-cod.ts.net:8899";
|
||||
disableRegistration = true;
|
||||
port = 8899;
|
||||
# secretKeybaseFile = config.sops.secrets.plausible-secret-key-base.path;
|
||||
secretKeybaseFile = config.sops.secrets.plausible-secret-key-base.path;
|
||||
};
|
||||
adminUser = {
|
||||
activate = false;
|
||||
email = "daniel@lyte.dev";
|
||||
# passwordFile = config.sops.secrets.plausible-admin-password.path;
|
||||
passwordFile = config.sops.secrets.plausible-admin-password.path;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -2,6 +2,8 @@ with builtins; (listToAttrs (map (name: {
|
|||
name = name;
|
||||
value = {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = {
|
||||
};
|
||||
modules = [./${name}.nix];
|
||||
};
|
||||
}) [
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{
|
||||
api-lyte-dev,
|
||||
inputs,
|
||||
outputs,
|
||||
pkgs,
|
||||
|
@ -9,6 +10,26 @@ in {
|
|||
networking.hostName = "foxtrot";
|
||||
|
||||
imports = with outputs.nixosModules; [
|
||||
({
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (pkgs) lib;
|
||||
cfg = config.services.myservice;
|
||||
in {
|
||||
options.services.myservice = {
|
||||
enable = lib.mkEnableOption "Enables the api.lyte.dev service";
|
||||
};
|
||||
|
||||
config =
|
||||
lib.mkIf cfg.enable {
|
||||
};
|
||||
})
|
||||
{
|
||||
services.myservice.enable = true;
|
||||
}
|
||||
|
||||
outputs.diskoConfigurations.standard
|
||||
inputs.hardware.nixosModules.framework-13-7040-amd
|
||||
desktop-usage
|
||||
|
|
Loading…
Reference in a new issue