noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-04-25 02:42:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: noah:38480e0c0c0d8f8598a7ca1d86df06e1a7e7a8ff
Branches Tags
noah:master
noah:platform
noah:home-manager-fix
noah:immich-proxy
noah:microcode
noah:nixd
noah:eblume-mole
noah:language-checks
noah:keyd-2.4.3
noah:sway
noah:nixosmodules
noah:unfree-predicate-by-pkgs
noah:darwin-ssl
noah:pre-platform
noah:begin-nixos
noah:begin-nix
noah:neovim-lua
noah:pre-nix
noah:legacy
..
compare: noah:ffe867e6a8527cdbd10fab758035506881a5cad5
Branches Tags
noah:master
noah:platform
noah:home-manager-fix
noah:immich-proxy
noah:microcode
noah:nixd
noah:eblume-mole
noah:language-checks
noah:keyd-2.4.3
noah:sway
noah:nixosmodules
noah:unfree-predicate-by-pkgs
noah:darwin-ssl
noah:pre-platform
noah:begin-nixos
noah:begin-nix
noah:neovim-lua
noah:pre-nix
noah:legacy

No commits in common. "38480e0c0c0d8f8598a7ca1d86df06e1a7e7a8ff" and "ffe867e6a8527cdbd10fab758035506881a5cad5" have entirely different histories.
38480e0c0c ... ffe867e6a8

5 changed files with 55 additions and 57 deletions
Show Stats Expand all files Collapse all files

46
flake.lock generated
View File

@ -93,9 +93,7 @@
}, },
"firefox-darwin": { "firefox-darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": "nixpkgs"
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1687568341, "lastModified": 1687568341,
@ -202,9 +200,7 @@
"nil": { "nil": {
"inputs": { "inputs": {
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"nixpkgs": [ "nixpkgs": "nixpkgs_2",
"nixpkgs"
],
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
@ -280,6 +276,38 @@
} }
}, },
"nixpkgs": { "nixpkgs": {
"locked": {
"lastModified": 1639237670,
"narHash": "sha256-RTdL4rEQcgaZGpvtDgkp3oK/V+1LM3I53n0ACPSroAQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "edfb969386ebe6c3cf8f878775a7975cd88f926d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1680487167,
"narHash": "sha256-9FNIqrxDZgSliGGN2XJJSvcDYmQbgOANaZA4UWnTdg4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "53dad94e874c9586e71decf82d972dfb640ef044",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1687502512, "lastModified": 1687502512,
"narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", "narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=",
@ -295,7 +323,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1686929285, "lastModified": 1686929285,
"narHash": "sha256-WGtVzn+vGMPTXDO0DMNKVFtf+zUSqeW+KKk4Y/Ae99I=", "narHash": "sha256-WGtVzn+vGMPTXDO0DMNKVFtf+zUSqeW+KKk4Y/Ae99I=",
@ -404,7 +432,7 @@
"nil": "nil", "nil": "nil",
"nix2vim": "nix2vim", "nix2vim": "nix2vim",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs_3",
"null-ls-nvim-src": "null-ls-nvim-src", "null-ls-nvim-src": "null-ls-nvim-src",
"nur": "nur", "nur": "nur",
"nvim-lspconfig-src": "nvim-lspconfig-src", "nvim-lspconfig-src": "nvim-lspconfig-src",
@ -542,7 +570,7 @@
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_4"
}, },
"locked": { "locked": {
"lastModified": 1687279045, "lastModified": 1687279045,

14
flake.nix
View File

@ -20,17 +20,14 @@
home-manager = { home-manager = {
url = "github:nix-community/home-manager/master"; url = "github:nix-community/home-manager/master";
inputs.nixpkgs.follows = inputs.nixpkgs.follows =
"nixpkgs"; # Use system packages list for their inputs "nixpkgs"; # Use system packages list where available
}; };
# Community packages; used for Firefox extensions # Community packages; used for Firefox extensions
nur.url = "github:nix-community/nur"; nur.url = "github:nix-community/nur";
# Use official Firefox binary for macOS # Use official Firefox binary for macOS
firefox-darwin = { firefox-darwin.url = "github:bandithedoge/nixpkgs-firefox-darwin";
url = "github:bandithedoge/nixpkgs-firefox-darwin";
inputs.nixpkgs.follows = "nixpkgs";
};
# Manage disk format and partitioning # Manage disk format and partitioning
disko = { disko = {
@ -57,10 +54,7 @@
}; };
# Nix language server # Nix language server
nil = { nil.url = "github:oxalica/nil/2023-04-03";
url = "github:oxalica/nil/2023-04-03";
inputs.nixpkgs.follows = "nixpkgs";
};
# Neovim plugins # Neovim plugins
nvim-lspconfig-src = { nvim-lspconfig-src = {
@ -165,7 +159,7 @@
import ./hosts/lookingglass { inherit inputs globals overlays; }; import ./hosts/lookingglass { inherit inputs globals overlays; };
}; };
# For quickly applying home-manager settings with: # For quickly applying local settings with:
# home-manager switch --flake .#tempest # home-manager switch --flake .#tempest
homeConfigurations = { homeConfigurations = {
tempest = tempest =

8
hosts/tempest/default.nix
View File

@ -92,14 +92,6 @@ inputs.nixpkgs.lib.nixosSystem {
ryujinx.enable = true; ryujinx.enable = true;
}; };
cloudflareTunnel = {
enable = true;
id = "ac133a82-31fb-480c-942a-cdbcd4c58173";
credentialsFile = ../../private/cloudflared-tempest.age;
ca =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";
};
} }
]; ];
} }

29
modules/nixos/services/prometheus.nix
View File

@ -6,13 +6,10 @@
default = null; default = null;
}; };
config = let # If hosting Grafana, host local Prometheus and listen for inbound jobs.
# If not hosting Grafana, send remote Prometheus writes to primary host
# If hosting Grafana, host local Prometheus and listen for inbound jobs. If config = lib.mkIf config.services.prometheus.enable {
# not hosting Grafana, send remote Prometheus writes to primary host.
isServer = config.services.grafana.enable;
in lib.mkIf config.services.prometheus.enable {
services.prometheus = { services.prometheus = {
exporters.node.enable = true; exporters.node.enable = true;
@ -20,9 +17,10 @@
job_name = "local"; job_name = "local";
static_configs = [{ targets = [ "127.0.0.1:9100" ]; }]; static_configs = [{ targets = [ "127.0.0.1:9100" ]; }];
}]; }];
webExternalUrl = lib.mkIf isServer "https://${config.prometheusServer}"; webExternalUrl = lib.mkIf config.services.grafana.enable
"https://${config.prometheusServer}";
# Web config file: https://prometheus.io/docs/prometheus/latest/configuration/https/ # Web config file: https://prometheus.io/docs/prometheus/latest/configuration/https/
webConfigFile = lib.mkIf isServer webConfigFile = lib.mkIf config.services.grafana.enable
((pkgs.formats.yaml { }).generate "webconfig.yml" { ((pkgs.formats.yaml { }).generate "webconfig.yml" {
basic_auth_users = { basic_auth_users = {
# Generate password: htpasswd -nBC 10 "" | tr -d ':\n' # Generate password: htpasswd -nBC 10 "" | tr -d ':\n'
@ -31,7 +29,7 @@
"$2y$10$r7FWHLHTGPAY312PdhkPEuvb05aGn9Nk1IO7qtUUUjmaDl35l6sLa"; "$2y$10$r7FWHLHTGPAY312PdhkPEuvb05aGn9Nk1IO7qtUUUjmaDl35l6sLa";
}; };
}); });
remoteWrite = lib.mkIf (!isServer) [{ remoteWrite = lib.mkIf (!config.services.grafana.enable) [{
name = config.networking.hostName; name = config.networking.hostName;
url = "https://${config.prometheusServer}"; url = "https://${config.prometheusServer}";
basic_auth = { basic_auth = {
@ -43,19 +41,20 @@
}; };
# Create credentials file for remote Prometheus push # Create credentials file for remote Prometheus push
secrets.prometheus = lib.mkIf (!isServer) { secrets.prometheus = lib.mkIf (!config.services.grafana.enable) {
source = ../../../private/prometheus.age; source = ../../../private/prometheus.age;
dest = "${config.secretsDirectory}/prometheus"; dest = "${config.secretsDirectory}/prometheus";
owner = "prometheus"; owner = "prometheus";
group = "prometheus"; group = "prometheus";
permissions = "0440"; permissions = "0440";
}; };
systemd.services.prometheus-secret = lib.mkIf (!isServer) { systemd.services.prometheus-secret =
requiredBy = [ "prometheus.service" ]; lib.mkIf (!config.services.grafana.enable) {
before = [ "prometheus.service" ]; requiredBy = [ "prometheus.service" ];
}; before = [ "prometheus.service" ];
};
caddy.routes = lib.mkIf isServer [{ caddy.routes = lib.mkIf config.services.grafana.enable [{
match = [{ host = [ config.prometheusServer ]; }]; match = [{ host = [ config.prometheusServer ]; }];
handle = [{ handle = [{
handler = "reverse_proxy"; handler = "reverse_proxy";

15
private/cloudflared-tempest.age
View File

@ -1,15 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyB1VnBt
RTV5eWc3RDNUR2lOWFRaMlgzREQyMlcvUFNxV0N2Vm9lVVZKOUZ3ClJjaWtYZjR5
ZTB4L2M4MFB0UThaMzlRT3JkUEE1N3RrSUlpZnRFbmFDdWcKLT4gc3NoLWVkMjU1
MTkgWXlTVU1RIE5iTUs1ak9VZjRIRGpLMWtDcVB0RjVFRW8vOENQZlkzeGhsYmFB
QzJ6Z00KZmcvZ0hYMjN1bGZwY3NvMjlCbnpHUWVjdVU4cnBGcDQxTU8wZ0EyQXdU
MAotPiBzc2gtZWQyNTUxOSBuanZYNUEgazRzK2ZnSUZNWURoKzZMZmM4VTlDbVBh
WGc4MlE5TGFiN1MzV01FT1oyQQppRUhUNjdlQURNQm8rR0JOOUJFNm9vaXhPTXFW
U2lJU09jWVA0TDRrVHY4Ci0tLSBudWJTclRTek1RWHYzYzA4aTduODB0NUNWbVVP
cUIyVzJncWhDS053d25nCneJhp1QT1v+dAguW9wAKDgWST59KNBgbY01jkf1IqXc
FbmkctPIMggim3uCBqjzBboYvf+dtt0Fcu9aiB+4YmGUeQNb+9mdPweXoHmVrego
XygVsbuSP4xKWtIJhBJ/3/jEK9LqBtv+owdUIxbw5Ci6A0JvSu+tnUj5oAgMyT2z
YrGRK9plQZteeUkMcd6+anSEUpP45lzfz/T7loD9ViCbPHRuUFgwkwUcRGjQStm3
pnx9bi8N4ac599f4KqInm5gd
-----END AGE ENCRYPTED FILE-----