Beefcake
This commit is contained in:
parent
4a893acaee
commit
698b534592
4 changed files with 20 additions and 29 deletions
|
@ -117,6 +117,12 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
|
|||
owner = config.systemd.services.plausible.serviceConfig.User;
|
||||
group = config.systemd.services.plausible.serviceConfig.Group;
|
||||
};
|
||||
nextcloud-admin-password = {
|
||||
path = "/var/lib/nextcloud/admin-password";
|
||||
mode = "0440";
|
||||
# owner = config.services.nextcloud.serviceConfig.User;
|
||||
# group = config.services.nextcloud.serviceConfig.Group;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -157,6 +163,7 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
|
|||
users.groups.nixadmin.members = ["daniel"];
|
||||
|
||||
users.users.daniel = {
|
||||
packages = [pkgs.weechat];
|
||||
extraGroups = [
|
||||
"nixadmin" # write access to /etc/nixos/ files
|
||||
"wheel" # sudo access
|
||||
|
@ -596,27 +603,6 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
|
|||
};
|
||||
};
|
||||
|
||||
services.redis = {
|
||||
servers = {
|
||||
nextcloud = {
|
||||
enable = true;
|
||||
user = config.systemd.services.nextcloud.serviceConfig.User;
|
||||
# group = config.systemd.services.nextcloud.serviceConfig.Group;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
package = pkgs.nextcloud27;
|
||||
|
||||
config = {
|
||||
dbtype = "pgsql";
|
||||
};
|
||||
|
||||
hostName = "nextcloud.lyte.dev";
|
||||
};
|
||||
|
||||
# paths:
|
||||
# TODO: move previous backups over and put here
|
||||
# clickhouse and plausible analytics once they're up and running?
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
])
|
||||
++ [
|
||||
inputs.hardware.nixosModules.common-cpu-amd
|
||||
inputs.hardware.nixosModules.common-cpu-amd-pstate
|
||||
# inputs.hardware.nixosModules.common-cpu-amd-pstate
|
||||
inputs.hardware.nixosModules.common-pc-laptop-ssd
|
||||
];
|
||||
|
||||
|
|
12
readme.md
12
readme.md
|
@ -9,6 +9,10 @@ here is useful inspiration.
|
|||
|
||||
# Quick Start
|
||||
|
||||
```shell_session
|
||||
$ nixos-rebuild switch --flake git+https://git.lyte.dev/lytedev/nix#${FLAKE_ATTR}
|
||||
```
|
||||
|
||||
You don't have even have to clone this crap yourself. How cool is that!
|
||||
|
||||
But if you're gonna change stuff you had better setup the pre-commit hook:
|
||||
|
@ -27,7 +31,7 @@ $ pass age-key >> ${XDG_CONFIG_HOME:-~/.config}/sops/age/keys.txt
|
|||
## NixOS
|
||||
|
||||
```shell_session
|
||||
$ nixos-rebuild switch --flake git+https://git.lyte.dev/lytedev/nix
|
||||
$ nixos-rebuild switch --flake .
|
||||
```
|
||||
|
||||
## Not NixOS
|
||||
|
@ -44,7 +48,7 @@ $ home-manager switch --flake git+https://git.lyte.dev/lytedev/nix
|
|||
|
||||
```bash
|
||||
host=your_host
|
||||
nix run nixpkgs#nixos-rebuild -- --flake "git+https://git.lyte.dev/lytedev/nix#$host" \
|
||||
nix run nixpkgs#nixos-rebuild -- --flake ".#$host" \
|
||||
--target-host "root@$host" --build-host "root@$host" \
|
||||
switch --show-trace
|
||||
```
|
||||
|
@ -68,7 +72,7 @@ ssh -t "root@$host" "bash -c '
|
|||
# we will test things and make sure it works first
|
||||
# if it fails, the reboot we started previously will automatically kick in once the timeout is reached
|
||||
# and the machine will boot to the now-previous iteration
|
||||
nix run nixpkgs#nixos-rebuild -- --flake "git+https://git.lyte.dev/lytedev/nix#$host" \
|
||||
nix run nixpkgs#nixos-rebuild -- --flake ".#$host" \
|
||||
--target-host "root@$host" --build-host "root@$host" \
|
||||
test --show-trace
|
||||
|
||||
|
@ -113,7 +117,7 @@ nix-shell --packages git --run "sudo nix run \
|
|||
nix-shell --packages git \
|
||||
--run "sudo nixos-install \
|
||||
--flake 'git+https://git.lyte.dev/lytedev/nix#${FLAKE_ATTR}' \
|
||||
--option substituters 'https://cache.nixos.org https://nix.h.lyte.dev' \
|
||||
--option trusted-substituters 'https://cache.nixos.org https://nix.h.lyte.dev' \
|
||||
--option trusted-public-keys 'cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0='"
|
||||
```
|
||||
|
||||
|
|
|
@ -11,6 +11,7 @@ example_booleans:
|
|||
plausible-admin-password: ENC[AES256_GCM,data:dC9olypZgMLdPOsmjthOaa/fMLtbGBlF9A==,iv:GU2ccj10TKQ0KW9b9X9AgYnvhS/wMVqYTyxr6Xt50Gk=,tag:ypQ0VtutVD8wgdfm40QZkw==,type:str]
|
||||
plausible-erlang-cookie: ENC[AES256_GCM,data:zhmC+D6EjIE8Rw91lIrMqY0QIazTX1e1jBzcZJP/76B9VvHWZ5bCkP1+KdfCY0lk3wIEq5vRfb8=,iv:RNNjlV3OFtXn1N0a5fEb/3FWzcHX19wtCLMdaVlKNJ0=,tag:8iU5oFVbzd0eMe5Mo1PiAw==,type:str]
|
||||
plausible-secret-key-base: ENC[AES256_GCM,data:ylakPGzY4S9640krl0fxYgm0Getf0+I7zthyTqTD/IpVhz5xgYBYx3Y2lSNa9Oi9yQ7+f9OdOBC6nc7n6MuUBg==,iv:YLPax/cRjMdIFti26gJd8COKr+3jXNZ7HCA5VvQVyAo=,tag:LHqYi590oEIp1IihLcFTtw==,type:str]
|
||||
nextcloud-admin-password: ENC[AES256_GCM,data:QaoSZyommeGED3nWNru92UVO2tjk24HE9fWX7ExYT101o4ZL411TmV1TXHSyfwjmE7yLIm1K/j4xpEbIY3zvFg==,iv:xC5EZVPHumVPOob5jiiXMFAmdFQcFSUPtZgioAgGDDs=,tag:Q/kY38XWkGsqcmCkd2lodg==,type:str]
|
||||
api.lyte.dev: ENC[AES256_GCM,data:14C5GQ41m/g7qHPzxlYoWjKWDOcm7MEDkuSofiuLfRNc/nji61t1eDbKX3d+SQL1UBchJFoBrWrUxnf0mUERhED1196z8vUq2jKEkcqKCAUS3soECInlb8zcxTcxaTFjYSjp1vUBdAn05AqLsF+hh9Bsm4fMQYjnHEZke9EmPZhuTlUdZa4eLv3+L3xAPHk2QIHQhdsjcTjGAZRMZOgTEcCvtGlb5pQuo11XmR2JzwzOXMC51WFDeOIWMAdO80yQBAdILso7rp1Nts/lwF0Bc9t7bNdHyoVTOA==,iv:jWGqUpXOTb/O972qXOqeX0EMFQLDKwaNHBqlpuGrZOk=,tag:uwB/jlAgESkLZ+vJ/OeV0A==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
|
@ -36,8 +37,8 @@ sops:
|
|||
b0lTRjVCMU9ELzdvbFBJZ0tHbGtsYkEKLEcXCEikC3T3hfVOYKtWcNSGmfg28y+f
|
||||
nGC4dQh9EciEbk1ZBbN3i6YSNULDoMSH172KBmRyt1ogr1ZPyCNqtg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-07-28T21:11:56Z"
|
||||
mac: ENC[AES256_GCM,data:V/Gdc3LEwlNlfSqUzQFHFmtJQVaQ5wGXZmzoBpwHzhyHQpEkezHBwhq4XTCuXH5XPpjmWvih/dAbOn9EBA6gvPSX1DB0j/JvHvK9b8+BpjlL4xtnYaBql2eQgCWLKqzZMGCnbwONWi+1sjowK1ac4zPnXhEr52EIES31hV8KHKU=,iv:4NzQxve+iKhRcQVxfXbDsQz1sBU+pnm9x/HQnv2TLgc=,tag:zLYKf+tEUsXApNdc1hLjhw==,type:str]
|
||||
lastmodified: "2023-10-20T19:05:45Z"
|
||||
mac: ENC[AES256_GCM,data:0liRgiLMiy/ISeHzL/rHjchgTDzjVjn1bzSyw7B4EmDu2YYsOhmRNmzbUH4f8I9vDwEkMyJx6VLBfrrnulpmPAlBqWxgYsqrS1eAMNWNeYGMAzZMgBChZbvMXj7cWJr0rNgU+Cnt+7/GXEXKUx1IQPSF9faVYKjBUWG8IuJ22XI=,iv:GoPu7xhQrXksUhE1NH32xFd3ykiBYlZp7RMUmXyDDck=,tag:uRLcc+2sg30SZTLXtIOTWQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
version: 3.8.1
|
||||
|
|
Loading…
Reference in a new issue