Syzygial/NixMachines
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'main' of https://git.syzygial.cc/Syzygial/NixMachines

Browse Source
This commit is contained in:
david
2025-09-03 15:44:01 -04:00
parent de51bbadaa 3f5a598f0b
commit 1f30f51625
24 changed files with 179 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
flake.lock generated
View File

@@ -112,11 +112,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1750304462, "lastModified": 1753132348,
"narHash": "sha256-Mj5t4yX05/rXnRqJkpoLZTWqgStB88Mr/fegTRqyiWc=", "narHash": "sha256-0i3jU9AHuNXb0wYGzImnVwaw+miE0yW13qfjC0F+fIE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "863842639722dd12ae9e37ca83bcb61a63b36f6c", "rev": "e4bf85da687027cfc4a8853ca11b6b86ce41d732",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -153,7 +153,7 @@
"narHash": "sha256-YMLrcBpf0TR5r/eaqm8lxzFPap2TxCor0ZGcK3a7+b8=", "narHash": "sha256-YMLrcBpf0TR5r/eaqm8lxzFPap2TxCor0ZGcK3a7+b8=",
"rev": "b90bf629bbd835e61f1317b99e12f8c831017006", "rev": "b90bf629bbd835e61f1317b99e12f8c831017006",
"type": "tarball", "type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/b90bf629bbd835e61f1317b99e12f8c831017006.tar.gz?rev=b90bf629bbd835e61f1317b99e12f8c831017006" "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/b90bf629bbd835e61f1317b99e12f8c831017006.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
@@ -190,11 +190,11 @@
"spectrum": "spectrum" "spectrum": "spectrum"
}, },
"locked": { "locked": {
"lastModified": 1750358184, "lastModified": 1753137325,
"narHash": "sha256-17EYMeY5v8KRk9HW6Z4dExY8Wg4y/zM2eM2wbbx+vMs=", "narHash": "sha256-IBqQyEkphl2/a4IHqgnguQGGEA8lAzgB2QLgAQYXHP8=",
"owner": "astro", "owner": "astro",
"repo": "microvm.nix", "repo": "microvm.nix",
"rev": "fd9f5dba1ffee5ad6f29394b2a9e4c66c1ce77dc", "rev": "5e193f2c5cf9285f2b478ebd55bb1feebb5abdbf",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -210,11 +210,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1750325256, "lastModified": 1751313918,
"narHash": "sha256-vvlxGz/waqJ3TGqM/iqXbnEc7/R1qnEXmaBiPaQ1RE0=", "narHash": "sha256-HsJM3XLa43WpG+665aGEh8iS8AfEwOIQWk3Mke3e7nk=",
"owner": "LnL7", "owner": "LnL7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "0d71cbf88d63e938b37b85b3bf8b238bcf7b39b9", "rev": "e04a388232d9a6ba56967ce5b53a8a6f713cdfcf",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -242,11 +242,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1750134718, "lastModified": 1752950548,
"narHash": "sha256-v263g4GbxXv87hMXMCpjkIxd/viIF7p3JpJrwgKdNiI=", "narHash": "sha256-NS6BLD0lxOrnCiEOcvQCDVPXafX1/ek1dfJHX1nUIzc=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9e83b64f727c88a7711a2c463a7b16eedb69a84c", "rev": "c87b95e25065c028d31a94f06a62927d18763fdf",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -289,11 +289,11 @@
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1750119275, "lastModified": 1752544651,
"narHash": "sha256-Rr7Pooz9zQbhdVxux16h7URa6mA80Pb/G07T4lHvh0M=", "narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "77c423a03b9b2b79709ea2cb63336312e78b72e2", "rev": "2c8def626f54708a9c38a5861866660395bb3461",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -305,11 +305,11 @@
"spectrum": { "spectrum": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1746869549, "lastModified": 1751265943,
"narHash": "sha256-BKZ/yZO/qeLKh9YqVkKB6wJiDQJAZNN5rk5NsMImsWs=", "narHash": "sha256-XoHSo6GEElzRUOYAEg/jlh5c8TDsyDESFIux3nU/NMc=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "d927e78530892ec8ed389e8fae5f38abee00ad87", "rev": "37c8663fab86fdb202fece339ef7ac7177ffc201",
"revCount": 862, "revCount": 904,
"type": "git", "type": "git",
"url": "https://spectrum-os.org/git/spectrum" "url": "https://spectrum-os.org/git/spectrum"
}, },

4
flake.nix
View File

@@ -71,8 +71,8 @@
modules = [ modules = [
./machines/pericyte/configuration.nix ./machines/pericyte/configuration.nix
modules.sops modules.sops
#lix-module.nixosModules.default # lix-module.nixosModules.default
microvm.nixosModules.host # microvm.nixosModules.host
]; ];
}; };
}; };

20
machines/hippocampus/backups/gitea.nix
View File

@@ -1,6 +1,24 @@
{ ... }: { { pkgs, config, ... }: {
services.gitea.dump = { services.gitea.dump = {
enable = true; enable = true;
interval = "2:45"; interval = "2:45";
}; };
systemd.timers."gitea-clear-dump" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "daily";
Persistent = true;
Unit = "gitea-clear-dump.service";
};
};
systemd.services."gitea-clear-dump" = {
script = ''
${pkgs.findutils}/bin/find /var/lib/gitea/dump -type f -ctime +5 -exec rm -f {} \;
'';
serviceConfig = {
Type = "oneshot";
User = config.services.gitea.user;
};
};
} }

2
machines/hippocampus/modules/headscale.nix
View File

@@ -91,7 +91,7 @@ let
partOf = ["headscale.service"]; partOf = ["headscale.service"];
script = '' script = ''
${cfg.package}/bin/headscale preauthkeys -u ${name} create \ ${cfg.package}/bin/headscale preauthkeys -u $(${cfg.package}/bin/headscale users -o json-line list | ${pkgs.jq}/bin/jq '.[] | select(.name=="${name}").id') create \
${lib.optionalString options.preAuthEphemeral "--ephemeral"} \ ${lib.optionalString options.preAuthEphemeral "--ephemeral"} \
${lib.optionalString options.preAuthReusable "--reusable"} \ ${lib.optionalString options.preAuthReusable "--reusable"} \
--expiration ${options.preAuthExpiration} \ --expiration ${options.preAuthExpiration} \

5
machines/hippocampus/oci/Wireguard.ContainerFile Normal file
View File

@@ -0,0 +1,5 @@
FROM alpine:3.16
RUN apk add --no-cache bash wireguard-tools jq curl git ncurses
RUN git clone https://github.com/pia-foss/manual-connections /manual-connections
WORKDIR /manual-connections
CMD bash -c "/manual-connections/run_setup.sh && watch -n 60 curl ip.me"

24
machines/hippocampus/oci/jelly.nix
View File

@@ -18,10 +18,12 @@
in { in {
containers = { containers = {
wireguard = { wireguard = {
image = "thrnz/docker-wireguard-pia"; # Derived from the pia-wg.tar.gz
# which was built from the containerfile
image = "localhost/pia-wg:latest";
volumes = [ volumes = [
# "${configDir}/wireguard:/config" # "${configDir}/wireguard:/config"
"${configDir}/wireguard_pia:/pia" # "${configDir}/wireguard_pia:/pia"
]; ];
ports = getPorts [ ports = getPorts [
"deluge" "deluge"
@@ -34,13 +36,23 @@
]; ];
environment = { environment = {
TZ = "America/Toronto"; TZ = "America/Toronto";
LOC = "ca"; LOC = "ca";
PIA_DNS = "false"; # - true/false
PIA_PF = "false"; # - true/false
PIA_CONNECT = "true"; # - true/false; connect to VPN after configuration has been created. Set to false to only create configuration file. Only effective for wireguard protocol. Default true.
MAX_LATENCY = "0.2"; # - numeric value, in seconds
AUTOCONNECT = "true"; # - true/false; this will test for and select the server with the lowest latency, it will override PREFERRED_REGION
# PREFERRED_REGION = ""; # - the region ID for a PIA server
DIP_TOKEN = "n";
VPN_PROTOCOL = "wireguard"; # - wireguard or openvpn; openvpn will default to openvpn_udp_standard, but can also specify openvpn_tcp/udp_standad/strong
DISABLE_IPV6 = "no"; # - yes/no
}; };
extraOptions = [ extraOptions = [
"--cap-add=ALL" "--privileged" "--dns=1.1.1.1"
"--pull=newer"
"--dns=1.1.1.1"
"--env-file=${config.sops.secrets.jellyfin-pia.path}" "--env-file=${config.sops.secrets.jellyfin-pia.path}"
"--cap-add=NET_ADMIN,NET_RAW,SYS_MODULE"
"--cap-drop=MKNOD,AUDIT_WRITE"
"--sysctl=net.ipv4.ip_forward=1"
"--sysctl=net.ipv4.conf.all.src_valid_mark=1" "--sysctl=net.ipv4.conf.all.src_valid_mark=1"
"--sysctl=net.ipv6.conf.lo.disable_ipv6=1" "--sysctl=net.ipv6.conf.lo.disable_ipv6=1"
"--sysctl=net.ipv6.conf.all.disable_ipv6=1" "--sysctl=net.ipv6.conf.all.disable_ipv6=1"

BIN
machines/hippocampus/oci/pia-wg.tar.gz Normal file
View File

Binary file not shown.

1
machines/hippocampus/riscv.nix
View File

@@ -2,4 +2,5 @@
boot.binfmt.emulatedSystems = [ boot.binfmt.emulatedSystems = [
"riscv64-linux" "riscv64-linux"
]; ];
boot.binfmt.preferStaticEmulators = true;
} }

13
machines/hippocampus/secrets/pass.yaml
View File

@@ -1,7 +1,7 @@
nextcloud: nextcloud:
adminPass: ENC[AES256_GCM,data:D2SAD/Somvw8abIm0KX4fWRfuQ==,iv:Y7K14yZZFcu97KVBd0219hwnGY4LEX2DNxxulSegr/8=,tag:aRJAlz1xvQxWodcE2bZLdQ==,type:str] adminPass: ENC[AES256_GCM,data:D2SAD/Somvw8abIm0KX4fWRfuQ==,iv:Y7K14yZZFcu97KVBd0219hwnGY4LEX2DNxxulSegr/8=,tag:aRJAlz1xvQxWodcE2bZLdQ==,type:str]
s3secret: ENC[AES256_GCM,data:lIVuiZMh376MSuu13UPCu49Q64bVbk+WM/CUEIGzV0Q=,iv:J2vHalppWEupWK07zXsMoiH6avmpsgg0Cqcc7EkZVV4=,tag:pxKwiaH5SZa8Vh71gLGQWw==,type:str] s3secret: ENC[AES256_GCM,data:lIVuiZMh376MSuu13UPCu49Q64bVbk+WM/CUEIGzV0Q=,iv:J2vHalppWEupWK07zXsMoiH6avmpsgg0Cqcc7EkZVV4=,tag:pxKwiaH5SZa8Vh71gLGQWw==,type:str]
jellyfin-pia: ENC[AES256_GCM,data:rbqpmm2EtxcMeJfjlGaJOwPCn4UAZaKsH8Zeztk7A6QiSw==,iv:8A6NHVHgKIL6iwLKgRrT6T3k0pgDI5lL5rDMN5/Egrw=,tag:P6Kh9cOnrB23Z7S72xBK7g==,type:str] jellyfin-pia: ENC[AES256_GCM,data:hOgUAr47FMd2QgzgXBeqv41Paqy6zn6tyWVDbF1JtqcTog/zZC4=,iv:opnxrycFszAhuMARcP48gKF6eL1ERNgWS68wO+s4CIM=,tag:fqimxKdTAh55ANKD3bp46w==,type:str]
ddclient: ENC[AES256_GCM,data:a31MKnoEZXrj/s8z3+MP9jhQ5/sBjljZphXBJsWj5GU=,iv:YHKCartadDQa59aUf9Fw/KgdgMgsqsVLDAIh/KeqehQ=,tag:hUaUqjcX75xw6eC9axtQmw==,type:str] ddclient: ENC[AES256_GCM,data:a31MKnoEZXrj/s8z3+MP9jhQ5/sBjljZphXBJsWj5GU=,iv:YHKCartadDQa59aUf9Fw/KgdgMgsqsVLDAIh/KeqehQ=,tag:hUaUqjcX75xw6eC9axtQmw==,type:str]
anki: ENC[AES256_GCM,data:hUBKr/s1DDorlmbHDUvHtVSumw==,iv:Ekjt6dsncinHhM+dV/mxOjErBQpgKtPOVbmwGRy9XOE=,tag:zvfV9z3QROgsk4eznmxqDw==,type:str] anki: ENC[AES256_GCM,data:hUBKr/s1DDorlmbHDUvHtVSumw==,iv:Ekjt6dsncinHhM+dV/mxOjErBQpgKtPOVbmwGRy9XOE=,tag:zvfV9z3QROgsk4eznmxqDw==,type:str]
tandoor-secret: ENC[AES256_GCM,data:/clEIU38M7lJ6+JbFSKWb5kKSUvxdGYPq2Hl9TjgijZtYIYFOleJQ9PiT+d/osmY/r0=,iv:Nulu93V+s9RBmEDRs2LXJXy7l0O/AeU0CwwtTNLGw2c=,tag:brRyVaWeUGLx1nt0MtcIEw==,type:str] tandoor-secret: ENC[AES256_GCM,data:/clEIU38M7lJ6+JbFSKWb5kKSUvxdGYPq2Hl9TjgijZtYIYFOleJQ9PiT+d/osmY/r0=,iv:Nulu93V+s9RBmEDRs2LXJXy7l0O/AeU0CwwtTNLGw2c=,tag:brRyVaWeUGLx1nt0MtcIEw==,type:str]
@@ -14,10 +14,6 @@ restic:
passwd: ENC[AES256_GCM,data:vUsAP5+iZo7U55xnUP7Cnk1OxnrO+paHKmT2cuc=,iv:GF7fybEQZIxHPm1Z6Sj5dn/zOR5dRVgikH8LILsTMIs=,tag:Mh61boRPsfHeiSfXmrEx5Q==,type:str] passwd: ENC[AES256_GCM,data:vUsAP5+iZo7U55xnUP7Cnk1OxnrO+paHKmT2cuc=,iv:GF7fybEQZIxHPm1Z6Sj5dn/zOR5dRVgikH8LILsTMIs=,tag:Mh61boRPsfHeiSfXmrEx5Q==,type:str]
backblaze: ENC[AES256_GCM,data:IfWzuIYUrCGYpP68CPFi2vLqq9NVmiVyCE+Z8yi+cnaQwgwNL40lJEPL/U3d0lgsmrsV4GheNJ0oQ9tnrrJeBgZgwMl/CwXMctuUHo+cvVot/cNRd1vCdjRr7WUnw8737uxyW45OaaYbkZRa3NWEGDll1iFDWB2w4n5DTsomyO03tFZB5gckwQYmpjYmK4DcIWyTaEiDrznmkyM+sxoWv9pcTHZIIN7TCHHkzmlMzXXqJnoRfCpdVm/QF9jbrAYs,iv:tOa1FFyggm0ScoRdFk6tACOnQVcZMYaDqeJyX5SMKXc=,tag:EY5jQhZnLP6IzqY9garoEQ==,type:str] backblaze: ENC[AES256_GCM,data:IfWzuIYUrCGYpP68CPFi2vLqq9NVmiVyCE+Z8yi+cnaQwgwNL40lJEPL/U3d0lgsmrsV4GheNJ0oQ9tnrrJeBgZgwMl/CwXMctuUHo+cvVot/cNRd1vCdjRr7WUnw8737uxyW45OaaYbkZRa3NWEGDll1iFDWB2w4n5DTsomyO03tFZB5gckwQYmpjYmK4DcIWyTaEiDrznmkyM+sxoWv9pcTHZIIN7TCHHkzmlMzXXqJnoRfCpdVm/QF9jbrAYs,iv:tOa1FFyggm0ScoRdFk6tACOnQVcZMYaDqeJyX5SMKXc=,tag:EY5jQhZnLP6IzqY9garoEQ==,type:str]
sops: sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: age:
- recipient: age1crymppz88etsdjpckmtdhr397x5xg5wv8jt6tcj23gt2snq73pzs04fuve - recipient: age1crymppz88etsdjpckmtdhr397x5xg5wv8jt6tcj23gt2snq73pzs04fuve
enc: | enc: |
@@ -28,8 +24,7 @@ sops:
RVUzMlFya3Z0amdTUTJ5YjFRck5kZzQKoWZzExqzPRpQPL4CdqBalc1/dYtjBH6J RVUzMlFya3Z0amdTUTJ5YjFRck5kZzQKoWZzExqzPRpQPL4CdqBalc1/dYtjBH6J
LGR0oImfOWlIJwcaJLv/fc470UvXHHwIji9v/pbV7xMkgMjlJthaYg== LGR0oImfOWlIJwcaJLv/fc470UvXHHwIji9v/pbV7xMkgMjlJthaYg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-26T02:45:21Z" lastmodified: "2025-07-19T19:15:37Z"
mac: ENC[AES256_GCM,data:t5+2iRUJprwwW8GRiQx/h8IOYjjhsq+954GDL2ujXiZVM3oBhESdeBi6aMMwsqABCr+PjP4gb4qHHbduxWlGSZlAh4HSiVwwizI8XV8HZqUqPKBJEqRThzcwznCk4DOGpf1PMbktBX/r50pDeoDcgShKka1bMY8kD385SVklgNE=,iv:EXFXz12HNTMRoW0gIrTEZPHhdTG2cxaWf65uTgT7nZ4=,tag:5XweTiLnO9N8eZb4EPkh6g==,type:str] mac: ENC[AES256_GCM,data:RPGKe5f+5GUnGK3zybRrTnd8N4TprLWBEWLI2HI68Acf1MlJ1AMOWOhpi5xa0Hkxpah8D/d0CEH2ymaO5EBSUamPdYThI4g/4cxNBXboKnALSf91ZUty86/1+14TbI6vFCZ5ghjB4THxszGf47ajIDa/TjHx0yHFWDi7rpApmcw=,iv:ep/NlJfkIkQe5RJ4U2YfZ7/0S4vWqxjg+xrLLnJwfwI=,tag:c01jey2juzoPKux7n/0rug==,type:str]
pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.0 version: 3.10.2

5
machines/hippocampus/servers/public.nix
View File

@@ -25,7 +25,7 @@
./public/nextcloud.nix ./public/nextcloud.nix
# Rabb.it at home # Rabb.it at home
./public/watchthingz.nix # ./public/watchthingz.nix
# Pterodactyl Game Server # Pterodactyl Game Server
./public/pterodactyl.nix ./public/pterodactyl.nix
@@ -47,5 +47,8 @@
# Random Usage, specific port # Random Usage, specific port
./public/random.nix ./public/random.nix
# Perfect Pitch Project
./public/perfect_pitch.nix
]; ];
} }

3
machines/hippocampus/servers/public/headscale.nix
View File

@@ -26,6 +26,9 @@
dns = { dns = {
base_domain = "tailnet"; base_domain = "tailnet";
magic_dns = true; magic_dns = true;
nameservers.global = [
"1.1.1.1"
];
}; };
}; };
}; };

2
machines/hippocampus/servers/public/hydra.nix
View File

@@ -17,7 +17,7 @@ in {
''; '';
}; };
nix.extraOptions = '' nix.extraOptions = ''
allowed-uris = https://github.com/ https://git.savannah.gnu.org/ https://git.syzygial.cc https://gitlab.com https://sr.ht github: gitlab: allowed-uris = https://github.com/ https://git.savannah.gnu.org/ https://git.syzygial.cc https://gitlab.com https://sr.ht github: gitlab: https://git.lix.systems
''; '';
systemd.services.hydra = { systemd.services.hydra = {
serviceConfig = { serviceConfig = {

2
machines/hippocampus/servers/public/nextcloud.nix
View File

@@ -13,7 +13,7 @@ in {
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud30; package = pkgs.nextcloud31;
hostName = "localhost"; hostName = "localhost";
settings = { settings = {
trusted_domains = [ trusted_domains = [

52
machines/hippocampus/servers/public/perfect_pitch.nix Normal file
View File

@@ -0,0 +1,52 @@
{config, pkgs, ...}:
{
systemd.targets.machines.enable = true;
systemd.services."perfectpitch-container" = {
enable = true;
wantedBy = ["machines.target"];
environment = {
# SYSTEMD_NSPAWN_USE_CGNS = "0";
};
script = ''
exec ${config.systemd.package}/bin/systemd-nspawn --hostname perfectpitch \
--resolv-conf=off --system-call-filter="add_key keyctl bpf" --bind /dev/fuse \
-nbD /var/lib/machines/perfectpitch --machine perfectpitch
'';
postStart = ''
${pkgs.iproute2}/bin/ip link set ve-perfectpitch up || true
${pkgs.iproute2}/bin/ip addr add 10.2.0.0 dev ve-perfectpitch || true
${pkgs.iproute2}/bin/ip route add 10.2.0.1 dev ve-perfectpitch || true
'';
serviceConfig = {
Type = "notify";
Slice = "machine.slice";
Delegate = true;
DeviceAllow = "/dev/fuse rwm";
};
};
networking.nat = {
enable = true;
# Check for hostBridge use vb instead of ve
internalInterfaces = ["ve-perfectpitch"];
externalInterface = "enp0s25";
enableIPv6 = true;
forwardPorts = [
{ sourcePort = 8022;
destination = "10.2.0.1:22";
proto = "tcp";
}
{ sourcePort = 8022;
destination = "10.2.0.1:22";
proto = "udp";
}
];
};
services.caddy.virtualHosts = {
"pitch.crompton.cc" = {
extraConfig = ''
reverse_proxy 10.2.0.1:8080
'';
};
};
}

4
machines/hippocampus/servers/public/pterodactyl.nix
View File

@@ -32,11 +32,11 @@
externalInterface = "enp0s25"; externalInterface = "enp0s25";
enableIPv6 = true; enableIPv6 = true;
forwardPorts = [ forwardPorts = [
{ sourcePort = "25565:28000"; { sourcePort = "25565:26000";
destination = "10.1.0.1:25565-25600"; destination = "10.1.0.1:25565-25600";
proto = "tcp"; proto = "tcp";
} }
{ sourcePort = "25565:28000"; { sourcePort = "25565:26000";
destination = "10.1.0.1:25565-25600"; destination = "10.1.0.1:25565-25600";
proto = "udp"; proto = "udp";
} }

3
machines/hippocampus/servers/public/tandoor.nix
View File

@@ -18,7 +18,8 @@ in {
}; };
systemd.services.tandoor-recipes = { systemd.services.tandoor-recipes = {
environment.GUNICORN_MEDIA = lib.mkForce null; # https://github.com/TandoorRecipes/recipes/issues/3617
environment.GUNICORN_MEDIA = "1"; #lib.mkForce null;
serviceConfig = { serviceConfig = {
EnvironmentFile = config.sops.secrets.tandoor-pass.path; EnvironmentFile = config.sops.secrets.tandoor-pass.path;
}; };

2
machines/hippocampus/services/dyndns.nix
View File

@@ -2,7 +2,7 @@
sops.secrets.ddclient = {}; sops.secrets.ddclient = {};
services.ddclient = { services.ddclient = {
enable = true; enable = true;
usev4 = "web, web=dynamicdns.park-your-domain.com/getip"; usev4 = "webv4, web=dynamicdns.park-your-domain.com/getip";
protocol = "namecheap"; protocol = "namecheap";
server = "dynamicdns.park-your-domain.com"; server = "dynamicdns.park-your-domain.com";
username = "crompton.cc"; username = "crompton.cc";

1
machines/pericyte/configuration.nix
View File

@@ -6,7 +6,6 @@
./podman.nix ./podman.nix
./container-registry.nix ./container-registry.nix
./test.nix
# ./microvm-configuration.nix # ./microvm-configuration.nix
# ./k3s.nix # ./k3s.nix
]; ];

3
machines/pericyte/k3s.nix
View File

@@ -16,4 +16,7 @@
# "--debug" # Optionally add additional args to k3s # "--debug" # Optionally add additional args to k3s
]; ];
}; };
environment.systemPackages = with pkgs; [
rancher
];
} }

3
machines/universedesktop/configuration.nix
View File

@@ -34,6 +34,9 @@
# ccache, y'know for blenders and whatnots # ccache, y'know for blenders and whatnots
./ccache.nix ./ccache.nix
# So we can run riscv 'natively'
./riscv.nix
]; ];
fileSystems."/home/universe/tmp" = { fileSystems."/home/universe/tmp" = {

10
machines/universedesktop/desktop/dwm.nix
View File

@@ -41,6 +41,16 @@
enable = true; enable = true;
background = "#000000"; background = "#000000";
}; };
services.xserver.config = lib.mkAfter ''
Section "InputClass"
Identifier "joystick catchall"
MatchIsJoystick "on"
MatchDevicePath "/dev/input/event*"
Driver "joystick"
Option "StartKeysEnabled" "False"
Option "StartMouseEnabled" "False"
EndSection
'';
environment.sessionVariables = { environment.sessionVariables = {
GTK_THEME="Adwaita-dark"; GTK_THEME="Adwaita-dark";
}; };

67
machines/universedesktop/programs/art.nix
View File

@@ -5,41 +5,9 @@
python-final: python-prev: let python-final: python-prev: let
py = python-prev; py = python-prev;
in { in {
opencamlib = py.toPythonModule (pkgs.stdenv.mkDerivation rec {
pname = "opencamlib";
version = "2019.07";
nativeBuildInputs = (with pkgs;[
cmake
git
doxygen
boost
texlive.combined.scheme-full
]);
propagatedNativeBuildInputs = [
py.python
py.boost
py.vtk
];
postPatch = ''
mkdir -p $out/${py.python.sitePackages}/{lib,ocl}
sed -e 's#LIBRARY DESTINATION ''${PYTHON_ARCH_PACKAGES}#LIBRARY DESTINATION '"$out"'/${py.python.sitePackages}#g' -i src/pythonlib/pythonlib.cmake
sed -e 's#DESTINATION ''${PYTHON_SITE_PACKAGES}#DESTINATION '"$out"'/${py.python.sitePackages}#g' -i src/pythonlib/pythonlib.cmake
'';
cmakeFlags = [
"-DVERSION_STRING=2019.07"
"-DBUILD_CXX_LIB=ON"
"-DBUILD_PY_LIB=ON"
"-DUSE_PY_3=ON"
"-DCMAKE_BUILD_TYPE=Release"
];
src = pkgs.fetchFromGitHub {
owner = "aewallin";
repo = "opencamlib";
rev = "2019.07";
sha256 = "1a8pxp1mh8x3bfsb0l97vgxrpk482p7q9jprkd4m9hv69vva2bdz";
};
});
equation = py.buildPythonPackage { equation = py.buildPythonPackage {
pyproject = true;
build-system = [ py.setuptools ];
pname = "Equation"; pname = "Equation";
version = "1.2.01"; version = "1.2.01";
nativeBuildInputs = [ nativeBuildInputs = [
@@ -52,6 +20,8 @@
}; };
}; };
morphio = py.toPythonModule ( pkgs.stdenv.mkDerivation rec { morphio = py.toPythonModule ( pkgs.stdenv.mkDerivation rec {
pyproject = true;
build-system = [ py.setuptools ];
pname = "MorphIO"; pname = "MorphIO";
version = "3.3.4"; version = "3.3.4";
nativeBuildInputs = (with pkgs; [ nativeBuildInputs = (with pkgs; [
@@ -85,20 +55,20 @@
blender_cuda = prev.blender.override { blender_cuda = prev.blender.override {
cudaSupport = true; cudaSupport = true;
}; };
blender = final.blender_cuda.withPackages (p: with p; [ # blender = final.blender_cuda.withPackages (p: with p; [
# OpenCAMLib support # # OpenCAMLib support
shapely # shapely
equation # equation
#opencamlib # opencamlib
# NeuroMorphoVis support # # NeuroMorphoVis support
matplotlib # matplotlib
seaborn # seaborn
pandas # pandas
pillow # pillow
h5py # h5py
morphio # morphio
# TODO add BluePy support? # # TODO add BluePy support?
]); # ]);
# Update RX and Aseprite # Update RX and Aseprite
rx = prev.rx.overrideAttrs (old: { rx = prev.rx.overrideAttrs (old: {
version = "git"; version = "git";
@@ -118,6 +88,7 @@
rx rx
aseprite-unfree aseprite-unfree
pixelorama
gimp gimp
glaxnimate glaxnimate

3
machines/universedesktop/programs/terminal.nix
View File

@@ -9,7 +9,8 @@
htop htop
btop btop
xclip xclip
screen tio
tmux
usbutils usbutils
man-pages man-pages
man-pages-posix man-pages-posix

6
machines/universedesktop/riscv.nix Normal file
View File

@@ -0,0 +1,6 @@
{ config, pkgs, lib, ... }: {
boot.binfmt.emulatedSystems = [
"riscv64-linux"
];
boot.binfmt.preferStaticEmulators = true;
}