mirror of
https://github.com/nmasur/dotfiles
synced 2026-02-14 22:49:47 +00:00
Compare commits
4 Commits
be6d6b0d35
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
|
a7dacb7edf | ||
|
dfd3b955c0 | ||
|
|
fd7ddf71f3 | ||
|
|
bba66e3e6a |
66
flake.lock
generated
66
flake.lock
generated
@@ -28,11 +28,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1768764703,
|
||||
"narHash": "sha256-5ulSDyOG1U+1sJhkJHYsUOWEsmtLl97O0NTVMvgIVyc=",
|
||||
"lastModified": 1770922915,
|
||||
"narHash": "sha256-6J/JoK9iL7sHvKJcGW2KId2agaKv1OGypsa7kN+ZBD4=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "0fc4e7ac670a0ed874abacf73c4b072a6a58064b",
|
||||
"rev": "6c5a56295d2a24e43bcd8af838def1b9a95746b2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -179,11 +179,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1769813945,
|
||||
"narHash": "sha256-9ABv9Lo9t6MrFjlnRnU8Zw1C6LVj2+R8PipQ/rxGLHk=",
|
||||
"lastModified": 1771037579,
|
||||
"narHash": "sha256-NX5XuhGcsmk0oEII2PEtMRgvh2KaAv3/WWQsOpxAgR4=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "475921375def3eb930e1f8883f619ff8609accb6",
|
||||
"rev": "05e6dc0f6ed936f918cb6f0f21f1dad1e4c53150",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -198,9 +198,7 @@
|
||||
"cl-nix-lite": "cl-nix-lite",
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs": "nixpkgs_3",
|
||||
"systems": "systems_2",
|
||||
"treefmt-nix": "treefmt-nix_2"
|
||||
},
|
||||
@@ -339,6 +337,22 @@
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1732617236,
|
||||
"narHash": "sha256-PYkz6U0bSEaEB1al7O1XsqVNeSNS+s3NVclJw7YC43w=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "af51545ec9a44eadf3fe3547610a5cdd882bc34e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "af51545ec9a44eadf3fe3547610a5cdd882bc34e",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_4": {
|
||||
"locked": {
|
||||
"lastModified": 1761236834,
|
||||
"narHash": "sha256-+pthv6hrL5VLW2UqPdISGuLiUZ6SnAXdd2DdUE+fV2Q=",
|
||||
@@ -354,13 +368,13 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_4": {
|
||||
"nixpkgs_5": {
|
||||
"locked": {
|
||||
"lastModified": 1769461804,
|
||||
"narHash": "sha256-msG8SU5WsBUfVVa/9RPLaymvi5bI8edTavbIq3vRlhI=",
|
||||
"lastModified": 1770841267,
|
||||
"narHash": "sha256-9xejG0KoqsoKEGp2kVbXRlEYtFFcDTHjidiuX8hGO44=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "bfc1b8a4574108ceef22f02bafcf6611380c100d",
|
||||
"rev": "ec7c70d12ce2fc37cb92aff673dcdca89d187bae",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -370,7 +384,7 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_5": {
|
||||
"nixpkgs_6": {
|
||||
"locked": {
|
||||
"lastModified": 1744536153,
|
||||
"narHash": "sha256-awS2zRgF4uTwrOKwwiJcByDzDOdo3Q1rPZbiHQg/N38=",
|
||||
@@ -394,11 +408,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1769834069,
|
||||
"narHash": "sha256-GjeN/5TdWev/L/Izem3XScV6i/55Z+n+GfjKa1srBcU=",
|
||||
"lastModified": 1771044752,
|
||||
"narHash": "sha256-9pnZltSDksIepwd1PJIskZKXTGQzdElS/zK/qnlj2uU=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nur",
|
||||
"rev": "2db81de33100ef4d86ebc80dc4bc30df1fe97c5d",
|
||||
"rev": "40fb292376611e388cb14329c96853966f57763a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -415,7 +429,7 @@
|
||||
"mac-app-util": "mac-app-util",
|
||||
"nix2vim": "nix2vim",
|
||||
"nixos-generators": "nixos-generators",
|
||||
"nixpkgs": "nixpkgs_4",
|
||||
"nixpkgs": "nixpkgs_5",
|
||||
"nixpkgs-stable": "nixpkgs-stable",
|
||||
"nur": "nur",
|
||||
"rust-overlay": "rust-overlay",
|
||||
@@ -426,14 +440,14 @@
|
||||
},
|
||||
"rust-overlay": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_5"
|
||||
"nixpkgs": "nixpkgs_6"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1769828398,
|
||||
"narHash": "sha256-zmnvRUm15QrlKH0V1BZoiT3U+Q+tr+P5Osi8qgtL9fY=",
|
||||
"lastModified": 1771038269,
|
||||
"narHash": "sha256-TygYZ7JhnJbRoWOk7d5HaA/GhEVCvtRruN7TqaN9s/c=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "a1d32c90c8a4ea43e9586b7e5894c179d5747425",
|
||||
"rev": "d7a86c8a4df49002446737603a3e0d7ef91a9637",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -522,7 +536,7 @@
|
||||
},
|
||||
"treefmt-nix_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_3"
|
||||
"nixpkgs": "nixpkgs_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1766000401,
|
||||
@@ -546,11 +560,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1769217863,
|
||||
"narHash": "sha256-RY9kJDXD6+2Td/59LkZ0PFSereCXHdBX9wIkbYjRKCY=",
|
||||
"lastModified": 1770657009,
|
||||
"narHash": "sha256-v/LA5ZSJ+JQYzMSKB4sySM0wKfsAqddNzzxLLnbsV/E=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NixOS-WSL",
|
||||
"rev": "38a5250e57f583662eac3b944830e4b9e169e965",
|
||||
"rev": "5b50ea1aaa14945d4794c80fcc99c4aa1db84d2d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
||||
@@ -37,7 +37,7 @@
|
||||
# Better App install management in macOS
|
||||
mac-app-util = {
|
||||
url = "github:hraban/mac-app-util";
|
||||
inputs.nixpkgs.follows = "nixpkgs"; # Use system packages list for their inputs
|
||||
# inputs.nixpkgs.follows = "nixpkgs"; # Use system packages list for their inputs
|
||||
};
|
||||
|
||||
# Manage disk format and partitioning
|
||||
@@ -132,6 +132,7 @@
|
||||
mathesar = "mathesar.${baseName}";
|
||||
metrics = "metrics.${baseName}";
|
||||
minecraft = "minecraft.${baseName}";
|
||||
mumble = "mumble.${baseName}";
|
||||
n8n = "n8n.${baseName}";
|
||||
navidrome = "music.${baseName}";
|
||||
notifications = "ntfy.${baseName}";
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"manifest_version": 3,
|
||||
"name": "History Exporter",
|
||||
"version": "1.0",
|
||||
"version": "1.1",
|
||||
"description": "Automatically exports today's browsing history.",
|
||||
"permissions": [
|
||||
"history",
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
pkgs.stdenv.mkDerivation rec {
|
||||
pname = "firefox-history-exporter";
|
||||
version = "1.0";
|
||||
version = "1.1";
|
||||
src = ./.;
|
||||
|
||||
nativeBuildInputs = [ pkgs.zip ];
|
||||
|
||||
@@ -17,7 +17,7 @@ let
|
||||
# ];
|
||||
# } (builtins.readFile ./process-urls.py);
|
||||
# prompt = "Based on my browser usage for today from the markdown file located in /Users/${username}/Downloads/Sidebery/todays_urls.md, create or update a daily summary markdown file in the generated notes directory located in /Users/${username}/dev/personal/notes/generated/ with the filename format 'YYYY-MM-DD Daily Summary.md'. The resulting markdown file should use /Users/${username}/dev/personal/notes/templates/generated-summary.md as a format template, and it should summarize where I have spent my time today and highlight any notable links that I have visited. Please create markdown links to other relevant notes in /Users/${username}/dev/personal/notes/. If there is an existing markdown file for today, update it to include the newest information.";
|
||||
prompt = "Based on my browser usage for today from the JSON file located in /Users/${username}/Downloads/firefox-history/history-YYYY-MM-DD.json, create or update a daily summary markdown file in the generated notes directory located in /Users/${username}/dev/personal/notes/generated/ with the filename format 'YYYY-MM-DD Daily Summary.md'. The resulting markdown file should use /Users/${username}/dev/personal/notes/templates/generated-summary.md as a format template, and it should summarize where I have spent my time today and highlight any notable pages that I have visited, using the titles of each URL in the JSON file for markdown links. Please create markdown links to other relevant notes in /Users/${username}/dev/personal/notes/ and explain why they are being referenced. If there is an existing markdown file for today, update it to include the newest information.";
|
||||
prompt = "Based on my browser usage for today from the JSON file located in /Users/${username}/Downloads/firefox-history/history-YYYY-MM-DD.json, create or update a daily summary markdown file in the generated notes directory located in /Users/${username}/dev/personal/notes/generated/ with the filename format 'YYYY-MM-DD Daily Summary.md'. If the JSON file for today doesn't exist, exit. The resulting markdown file should use /Users/${username}/dev/personal/notes/templates/generated-summary.md as a format template, and it should summarize where I have spent my time today and highlight any notable pages that I have visited, using the titles of each URL in the JSON file for markdown links. Please create markdown links to other relevant notes in /Users/${username}/dev/personal/notes/ and explain why they are being referenced. If there is an existing markdown file for today, update it to include the newest information.";
|
||||
in
|
||||
|
||||
{
|
||||
@@ -32,7 +32,7 @@ in
|
||||
# GEMINI_API_KEY=$(cat /Users/${username}/.config/gemini/.gemini_api_key) ${pkgs.gemini-cli}/bin/gemini --allowed-tools all --yolo --include-directories /Users/${username}/Downloads/Sidebery/ --include-directories /Users/${username}/dev/personal/notes/ "${prompt}"
|
||||
# '';
|
||||
script = ''
|
||||
GEMINI_API_KEY=$(cat /Users/${username}/.config/gemini/.gemini_api_key) ${pkgs.gemini-cli}/bin/gemini --allowed-tools all --yolo --include-directories /Users/${username}/Downloads/firefox-history/ --include-directories /Users/${username}/dev/personal/notes/ "${prompt}"
|
||||
GEMINI_API_KEY=$(cat /Users/${username}/.config/gemini/.gemini_api_key) ${pkgs.gemini-cli}/bin/gemini --allowed-tools all --yolo --include-directories "/Users/${username}/Downloads/firefox-history/,/Users/${username}/dev/personal/notes/" "${prompt} | tee -a /Users/${username}/dev/personal/gemini-archive/daily-summary-logs/$(date +"%Y-%m-%d").log"
|
||||
'';
|
||||
|
||||
path = [
|
||||
|
||||
@@ -58,6 +58,7 @@ in
|
||||
{
|
||||
handler = "static_response";
|
||||
status_code = "403";
|
||||
body = "IP not allowed";
|
||||
}
|
||||
];
|
||||
}
|
||||
@@ -109,96 +110,95 @@ in
|
||||
apps.tls.automation.policies = cfg.tlsPolicies;
|
||||
|
||||
# Setup logging to journal and files
|
||||
logging.logs =
|
||||
{
|
||||
# System logs and catch-all
|
||||
# Must be called `default` to override Caddy's built-in default logger
|
||||
default = {
|
||||
level = "INFO";
|
||||
encoder.format = "console";
|
||||
writer = {
|
||||
output = "stderr";
|
||||
};
|
||||
exclude = (map (hostname: "http.log.access.${hostname}") (builtins.attrNames hostname_map)) ++ [
|
||||
"http.log.access.${default_logger_name}"
|
||||
];
|
||||
logging.logs = {
|
||||
# System logs and catch-all
|
||||
# Must be called `default` to override Caddy's built-in default logger
|
||||
default = {
|
||||
level = "INFO";
|
||||
encoder.format = "console";
|
||||
writer = {
|
||||
output = "stderr";
|
||||
};
|
||||
# This is for the default access logs (anything not captured by hostname)
|
||||
other = {
|
||||
level = "INFO";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/other.log";
|
||||
roll = true;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
include = [ "http.log.access.${default_logger_name}" ];
|
||||
};
|
||||
# This is for using the Caddy API, which will probably never happen
|
||||
admin = {
|
||||
level = "INFO";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/admin.log";
|
||||
roll = true;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
include = [ "admin" ];
|
||||
};
|
||||
# This is for TLS cert management tracking
|
||||
tls = {
|
||||
level = "INFO";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/tls.log";
|
||||
roll = true;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
include = [ "tls" ];
|
||||
};
|
||||
# This is for debugging
|
||||
debug = {
|
||||
level = "DEBUG";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/debug.log";
|
||||
roll = true;
|
||||
roll_keep = 1;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
};
|
||||
}
|
||||
# These are the access logs for individual hostnames
|
||||
// (lib.mapAttrs (name: value: {
|
||||
exclude = (map (hostname: "http.log.access.${hostname}") (builtins.attrNames hostname_map)) ++ [
|
||||
"http.log.access.${default_logger_name}"
|
||||
];
|
||||
};
|
||||
# This is for the default access logs (anything not captured by hostname)
|
||||
other = {
|
||||
level = "INFO";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/${name}-access.log";
|
||||
filename = "${config.services.caddy.logDir}/other.log";
|
||||
roll = true;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
include = [ "http.log.access.${default_logger_name}" ];
|
||||
};
|
||||
# This is for using the Caddy API, which will probably never happen
|
||||
admin = {
|
||||
level = "INFO";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/admin.log";
|
||||
roll = true;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
include = [ "admin" ];
|
||||
};
|
||||
# This is for TLS cert management tracking
|
||||
tls = {
|
||||
level = "INFO";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/tls.log";
|
||||
roll = true;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
include = [ "tls" ];
|
||||
};
|
||||
# This is for debugging
|
||||
debug = {
|
||||
level = "DEBUG";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/debug.log";
|
||||
roll = true;
|
||||
roll_keep = 1;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
};
|
||||
}
|
||||
# These are the access logs for individual hostnames
|
||||
// (lib.mapAttrs (name: value: {
|
||||
level = "INFO";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/${name}-access.log";
|
||||
roll = true;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
include = [ "http.log.access.${name}" ];
|
||||
}) hostname_map)
|
||||
# We also capture just the errors separately for easy debugging
|
||||
// (lib.mapAttrs' (name: value: {
|
||||
name = "${name}-error";
|
||||
value = {
|
||||
level = "ERROR";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/${name}-error.log";
|
||||
roll = true;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
include = [ "http.log.access.${name}" ];
|
||||
}) hostname_map)
|
||||
# We also capture just the errors separately for easy debugging
|
||||
// (lib.mapAttrs' (name: value: {
|
||||
name = "${name}-error";
|
||||
value = {
|
||||
level = "ERROR";
|
||||
encoder.format = "json";
|
||||
writer = {
|
||||
output = "file";
|
||||
filename = "${config.services.caddy.logDir}/${name}-error.log";
|
||||
roll = true;
|
||||
inherit roll_size_mb;
|
||||
};
|
||||
include = [ "http.log.access.${name}" ];
|
||||
};
|
||||
}) hostname_map);
|
||||
};
|
||||
}) hostname_map);
|
||||
}
|
||||
);
|
||||
};
|
||||
|
||||
@@ -173,5 +173,16 @@ in
|
||||
# Enable the home-made service that we created for non-proxied records
|
||||
services.cloudflare-dyndns-noproxy.enable = true;
|
||||
|
||||
# Create certs when not using proxy
|
||||
secrets.cloudflare-dns-api-prefixed = {
|
||||
source = ./cloudflare-api.age;
|
||||
dest = "${config.secretsDirectory}/cloudflare-dns-api-prefixed";
|
||||
prefix = "CLOUDFLARE_DNS_API_TOKEN=";
|
||||
};
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
defaults.email = "acme@${config.nmasur.presets.programs.msmtp.domain}";
|
||||
};
|
||||
|
||||
};
|
||||
}
|
||||
|
||||
41
platforms/nixos/modules/nmasur/presets/services/murmur.nix
Normal file
41
platforms/nixos/modules/nmasur/presets/services/murmur.nix
Normal file
@@ -0,0 +1,41 @@
|
||||
# murmur is a Mumble server for hosting voice chat
|
||||
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (config.nmasur.settings) hostnames;
|
||||
cfg = config.nmasur.presets.services.murmur;
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
options.nmasur.presets.services.murmur.enable =
|
||||
lib.mkEnableOption "murmur (mumble) voice chat service";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
services.murmur = {
|
||||
enable = true;
|
||||
users = 50; # Max concurrent users
|
||||
bonjour = false; # Auto-connect LAN
|
||||
registerUrl = "https://${hostnames.mumble}";
|
||||
registerName = "Mumble";
|
||||
environmentFile = null;
|
||||
sslKey = "${config.security.acme.certs."${hostnames.mumble}".directory}/key.pem";
|
||||
sslCert = "${config.security.acme.certs."${hostnames.mumble}".directory}/fullchain.pem";
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
# Configure Cloudflare DNS to point to this machine
|
||||
nmasur.presets.services.cloudflare.noProxyDomains = [ hostnames.mumble ];
|
||||
|
||||
security.acme.certs."${hostnames.mumble}" = {
|
||||
dnsProvider = "cloudflare";
|
||||
credentialsFile = config.secrets.cloudflare-dns-api-prefixed.dest;
|
||||
group = config.services.murmur.group;
|
||||
};
|
||||
};
|
||||
}
|
||||
@@ -32,6 +32,7 @@ in
|
||||
mathesar.enable = lib.mkDefault true;
|
||||
mealie.enable = lib.mkDefault true;
|
||||
minecraft-server.enable = lib.mkDefault false;
|
||||
murmur.enable = lib.mkDefault true;
|
||||
n8n.enable = lib.mkDefault true;
|
||||
nix-autoupgrade.enable = lib.mkDefault true; # On by default for communications
|
||||
ntfy-sh.enable = lib.mkDefault true;
|
||||
|
||||
Reference in New Issue
Block a user