From 8bef999ed5b2db983fb78b99a7682c17bc23b486 Mon Sep 17 00:00:00 2001 From: David Crompton Date: Sat, 27 Jul 2024 10:35:36 -0400 Subject: [PATCH 1/3] hippocampus: Tandoor: tempfix --- machines/hippocampus/servers/public/tandoor.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/hippocampus/servers/public/tandoor.nix b/machines/hippocampus/servers/public/tandoor.nix index c05e3e7..14720d1 100644 --- a/machines/hippocampus/servers/public/tandoor.nix +++ b/machines/hippocampus/servers/public/tandoor.nix @@ -18,6 +18,7 @@ in { }; systemd.services.tandoor-recipes = { + environment.GUNICORN_MEDIA = lib.mkForce null; serviceConfig = { EnvironmentFile = config.sops.secrets.tandoor-pass.path; }; From 285abe4db76fed10695d8ab4467cc2ae3dfaf97c Mon Sep 17 00:00:00 2001 From: David Crompton Date: Sat, 27 Jul 2024 10:35:53 -0400 Subject: [PATCH 2/3] hippocampus: disable plasma (not used) --- machines/hippocampus/configuration.nix | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/machines/hippocampus/configuration.nix b/machines/hippocampus/configuration.nix index 59a4152..9e9c9ad 100644 --- a/machines/hippocampus/configuration.nix +++ b/machines/hippocampus/configuration.nix @@ -74,9 +74,8 @@ # Enable the X11 windowing system. services.xserver.enable = true; - # Enable the Pantheon Desktop Environment. - services.xserver.displayManager.sddm.enable = true; - services.xserver.desktopManager.plasma5.enable = true; + # services.xserver.displayManager.sddm.enable = true; + # services.xserver.desktopManager.plasma5.enable = true; # Configure keymap in X11 services.xserver = { @@ -88,7 +87,6 @@ services.printing.enable = true; # Enable sound with pipewire. - sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { @@ -117,8 +115,8 @@ }; # Enable automatic login for the user. - services.xserver.displayManager.autoLogin.enable = true; - services.xserver.displayManager.autoLogin.user = "server"; + # services.xserver.displayManager.autoLogin.enable = true; + # services.xserver.displayManager.autoLogin.user = "server"; # List packages installed in system profile. To search, run: # $ nix search wget From a9b1745cf49d472f7a3ba07da13fdaf4c66a3503 Mon Sep 17 00:00:00 2001 From: David Crompton Date: Mon, 25 Nov 2024 21:48:37 -0500 Subject: [PATCH 3/3] Hippocampus: add ddclient for dynamic dns --- machines/hippocampus/secrets/pass.yaml | 7 ++++--- machines/hippocampus/services/dyndns.nix | 14 ++++++++++++++ 2 files changed, 18 insertions(+), 3 deletions(-) create mode 100644 machines/hippocampus/services/dyndns.nix diff --git a/machines/hippocampus/secrets/pass.yaml b/machines/hippocampus/secrets/pass.yaml index 251e783..6ee8598 100644 --- a/machines/hippocampus/secrets/pass.yaml +++ b/machines/hippocampus/secrets/pass.yaml @@ -2,6 +2,7 @@ nextcloud: adminPass: ENC[AES256_GCM,data:D2SAD/Somvw8abIm0KX4fWRfuQ==,iv:Y7K14yZZFcu97KVBd0219hwnGY4LEX2DNxxulSegr/8=,tag:aRJAlz1xvQxWodcE2bZLdQ==,type:str] s3secret: ENC[AES256_GCM,data:lIVuiZMh376MSuu13UPCu49Q64bVbk+WM/CUEIGzV0Q=,iv:J2vHalppWEupWK07zXsMoiH6avmpsgg0Cqcc7EkZVV4=,tag:pxKwiaH5SZa8Vh71gLGQWw==,type:str] jellyfin-pia: ENC[AES256_GCM,data:rbqpmm2EtxcMeJfjlGaJOwPCn4UAZaKsH8Zeztk7A6QiSw==,iv:8A6NHVHgKIL6iwLKgRrT6T3k0pgDI5lL5rDMN5/Egrw=,tag:P6Kh9cOnrB23Z7S72xBK7g==,type:str] +ddclient: ENC[AES256_GCM,data:a31MKnoEZXrj/s8z3+MP9jhQ5/sBjljZphXBJsWj5GU=,iv:YHKCartadDQa59aUf9Fw/KgdgMgsqsVLDAIh/KeqehQ=,tag:hUaUqjcX75xw6eC9axtQmw==,type:str] anki: ENC[AES256_GCM,data:hUBKr/s1DDorlmbHDUvHtVSumw==,iv:Ekjt6dsncinHhM+dV/mxOjErBQpgKtPOVbmwGRy9XOE=,tag:zvfV9z3QROgsk4eznmxqDw==,type:str] tandoor-secret: ENC[AES256_GCM,data:/clEIU38M7lJ6+JbFSKWb5kKSUvxdGYPq2Hl9TjgijZtYIYFOleJQ9PiT+d/osmY/r0=,iv:Nulu93V+s9RBmEDRs2LXJXy7l0O/AeU0CwwtTNLGw2c=,tag:brRyVaWeUGLx1nt0MtcIEw==,type:str] tandoor-pass: ENC[AES256_GCM,data:Sjz2FuFm3bmqo9z2xckuIHq4qumQ2o/FA09DP7NQtngi,iv:M8BL8enwzGh4cp2hAtee99dC0VDxBvshNBiUp4QCVPQ=,tag:wMifwdLEMw4+M1EO5iywzw==,type:str] @@ -27,8 +28,8 @@ sops: RVUzMlFya3Z0amdTUTJ5YjFRck5kZzQKoWZzExqzPRpQPL4CdqBalc1/dYtjBH6J LGR0oImfOWlIJwcaJLv/fc470UvXHHwIji9v/pbV7xMkgMjlJthaYg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-06-09T21:13:43Z" - mac: ENC[AES256_GCM,data:wmHB0pgZODb1RL3CBJqQix4V5nES4XpiGJLy8wuuoq20HMQpuE+Ofh4V+px59kJF4bcGyB71OXGlDbPkf3Crz3WJe0UtQjm9qH+c3hlRZMAYCK+5g11ANPUTznjXdCE1JuNWBCu25wYRprDOuPzpr7UZETEHzKBiu2kGI6FajoU=,iv:mhQGGIiSXaaFHLm5mtIyCxjMeHDhv6Sc5fB6cGml2Bo=,tag:BnKHFPK7bhFEp95+9v9SGw==,type:str] + lastmodified: "2024-11-26T02:45:21Z" + mac: ENC[AES256_GCM,data:t5+2iRUJprwwW8GRiQx/h8IOYjjhsq+954GDL2ujXiZVM3oBhESdeBi6aMMwsqABCr+PjP4gb4qHHbduxWlGSZlAh4HSiVwwizI8XV8HZqUqPKBJEqRThzcwznCk4DOGpf1PMbktBX/r50pDeoDcgShKka1bMY8kD385SVklgNE=,iv:EXFXz12HNTMRoW0gIrTEZPHhdTG2cxaWf65uTgT7nZ4=,tag:5XweTiLnO9N8eZb4EPkh6g==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.8.1 + version: 3.9.0 diff --git a/machines/hippocampus/services/dyndns.nix b/machines/hippocampus/services/dyndns.nix new file mode 100644 index 0000000..ed09645 --- /dev/null +++ b/machines/hippocampus/services/dyndns.nix @@ -0,0 +1,14 @@ +{ config, pkgs, lib, ... }: { + sops.secrets.ddclient = {}; + services.ddclient = { + enable = true; + use = "web, web=dynamicdns.park-your-domain.com/getip"; + protocol = "namecheap"; + server = "dynamicdns.park-your-domain.com"; + username = "crompton.cc"; + passwordFile = config.sops.secrets.ddclient.path; + domains = [ + "@" + ]; + }; +}