From 2938bfdf64eb725fa9fc29d0e34d08bf07679d1a Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 12:18:27 +0200 Subject: [PATCH 1/5] updates --- flake.lock | 44 ++++++++++---------- nixos/hosts/thalassa/eevee/configuration.nix | 2 + nixos/hosts/thalassa/eevee/hardware.nix | 7 +++- 3 files changed, 30 insertions(+), 23 deletions(-) diff --git a/flake.lock b/flake.lock index bdc6d68..c1fd825 100644 --- a/flake.lock +++ b/flake.lock @@ -88,11 +88,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1682202576, - "narHash": "sha256-vcTEEEHKx4PTfY80bUmZMwXRy0cTDJCkULHhqe1HJS8=", + "lastModified": 1682737380, + "narHash": "sha256-n3rZkHZls9BNr35o3veK00UsM1KSh/oNTJjLkFbEOY8=", "owner": "zhaofengli", "repo": "colmena", - "rev": "089431737e283ed3e402a7dff578cb442444c431", + "rev": "be837ee341b6508c355035973d5f7c7e88d7c64f", "type": "github" }, "original": { @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1682663009, - "narHash": "sha256-i5ZDuY5kUBDwbWFUludL2cm6PBb6oj245qTFXSpOkdo=", + "lastModified": 1682759296, + "narHash": "sha256-FgBfP1e+TnED0lT3L9G6KJ6j07xQElFMRdLIsmKQ0Ss=", "owner": "nix-community", "repo": "home-manager", - "rev": "43ba4489bd3f9f69519f5f7ebdb76d0455eccbbe", + "rev": "27d89b49e3cd3c83b9609a6ff9173a9b8d2d9ad4", "type": "github" }, "original": { @@ -833,11 +833,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1682538316, - "narHash": "sha256-YuHgVsR7S9zxJWHo7lo2ugd+uDC4ESWg1hA4bEZQv3Y=", + "lastModified": 1682669017, + "narHash": "sha256-Vi+p4y3wnl0/4gcwTdmCO398kKlDaUrNROtf3GOD2NY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "15b75800dce80225b44f067c9012b09de37dfad2", + "rev": "7449971a3ecf857b4a554cf79b1d9dcc1a4647d8", "type": "github" }, "original": { @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682688250, - "narHash": "sha256-eE/h7+V5M96HmobnZEPbPyinPv+Y+vcs/3gL55I7rRI=", + "lastModified": 1682761707, + "narHash": "sha256-LYi8jYRWn10jThmwQTx4ecrIikfGqGGoC2KGmgIgQX8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4452d55f8e5c2480b91bbe1eaf4b34c8ee07ebb9", + "rev": "8f9e20ecb020e0a665e2e2301b73034be5db5bca", "type": "github" }, "original": { @@ -965,11 +965,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1682677025, - "narHash": "sha256-HQ3E4JKHcj6MWwmo/JoGIrFhBymVszGyFoAv3R6JOxk=", + "lastModified": 1682714854, + "narHash": "sha256-7vFHIUeaZ47REJopzzY6bX5wb0qmn6fNsQCKOQ8G3Mg=", "owner": "pta2002", "repo": "nixvim", - "rev": "3014192cdc6e5ac59e72c74baa6075c9c9148bfd", + "rev": "d0383da7f8579610f49b99b982b662ad197d97d1", "type": "github" }, "original": { @@ -980,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1682686658, - "narHash": "sha256-h2gpcWIEcO5CYfdLFBvxI59cOS65YJejpxVqdh1sZGU=", + "lastModified": 1682751794, + "narHash": "sha256-+lo+jlBp5Np2UId6CfAQZdG/yLJLZhtoluMj1NkBlDU=", "owner": "nix-community", "repo": "NUR", - "rev": "8814b947eb4f10b1f26ed7cb7b067c58b28b065a", + "rev": "b3b850a6da43a794e7fab9566b529ca43e22458a", "type": "github" }, "original": { @@ -1280,11 +1280,11 @@ "nixpkgs": "nixpkgs_9" }, "locked": { - "lastModified": 1682689494, - "narHash": "sha256-ZGOJ5Mg92Vuf3mMlLL4hu6ENU4Ykk+uAjnoU+rdSFcM=", + "lastModified": 1682690091, + "narHash": "sha256-j8Uu1Lu+3t5CrLlnHIco6LXIuH7F5KM4pUJZ+QIBiVQ=", "ref": "refs/heads/main", - "rev": "3393123d5814d572eeccb6c6163bab9f374550ca", - "revCount": 2, + "rev": "5af2f123dcd9dcf7ddb3856434f8ea1c76b699b3", + "revCount": 3, "type": "git", "url": "https://git.0x76.dev/v/vault-unseal.git" }, diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix index 8e435ac..9adf13c 100644 --- a/nixos/hosts/thalassa/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -41,6 +41,8 @@ environment.systemPackages = with pkgs; [ wireguard-tools ]; + environment.sessionVariables.NIXOS_OZONE_WL = "1"; + home-manager = { useGlobalPkgs = true; useUserPackages = true; diff --git a/nixos/hosts/thalassa/eevee/hardware.nix b/nixos/hosts/thalassa/eevee/hardware.nix index 2e9e579..561c570 100644 --- a/nixos/hosts/thalassa/eevee/hardware.nix +++ b/nixos/hosts/thalassa/eevee/hardware.nix @@ -23,7 +23,12 @@ }; # udev - services.udev.packages = with pkgs; [ wooting-udev-rules ]; + services.udev.packages = with pkgs; [ + android-udev-rules + logitech-udev-rules + qmk-udev-rules + wooting-udev-rules + ]; # FS fileSystems."/".options = [ "compress=zstd" ]; From 7ea4f748acf06764fae4a4c322b9cfde8f229a90 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 28 Apr 2023 22:00:25 +0000 Subject: [PATCH 2/5] chore(deps): update renovate/renovate docker tag to v35.64.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f78fd2d..9471e23 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.58.0 + image: renovate/renovate:35.64.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ From 74a5d6c4c636513cc7d8b97f91891f7cbc8f7142 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 13:44:23 +0200 Subject: [PATCH 3/5] fix woodpecker --- nixos/common/desktop/home.nix | 2 ++ nixos/hosts/olympus/woodpecker/configuration.nix | 12 +++++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 6458b8d..b169f54 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -9,6 +9,7 @@ in { home.packages = with pkgs; [ btop calibre + celluloid element-desktop fusee-launcher gcc @@ -17,6 +18,7 @@ in { inputs.webcord.packages.${pkgs.system}.default jetbrains.clion jetbrains.idea-ultimate + kdenlive mullvad-vpn neofetch nixfmt diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index a0590fb..682338b 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -25,12 +25,18 @@ in { quoteEnvironmentValues = false; # Needed for docker }; + # For some reason networking is broken in podman virtualisation.podman = { - enable = true; + enable = false; dockerSocket.enable = true; dockerCompat = true; }; + virtualisation.docker = { + enable = true; + autoPrune.enable = true; + }; + services.woodpecker-server = { enable = true; environment = { @@ -49,12 +55,12 @@ in { docker = { enable = true; environment = { - DOCKER_HOST = "unix:///run/podman/podman.sock"; + # DOCKER_HOST = "unix:///run/podman/podman.sock"; WOODPECKER_BACKEND = "docker"; WOODPECKER_SERVER = "localhost:9000"; }; environmentFile = [ "${vs.woodpecker}/environment" ]; - extraGroups = [ "podman" ]; + extraGroups = [ "docker" ]; }; }; } From e31e4cd82e0a19008d103e57a007c0842b1b9cb2 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 15:25:11 +0200 Subject: [PATCH 4/5] cleanup --- flake.nix | 2 +- .../hosts/olympus/database/configuration.nix | 40 ------------------- nixos/hosts/olympus/default.nix | 11 +---- nixos/util.nix | 3 +- 4 files changed, 5 insertions(+), 51 deletions(-) delete mode 100644 nixos/hosts/olympus/database/configuration.nix diff --git a/flake.nix b/flake.nix index 6db30e4..b317cb4 100644 --- a/flake.nix +++ b/flake.nix @@ -87,7 +87,7 @@ nix repl --file "${./.}/repl.nix" $@ ''; in { - # Make the nixosConfigurations for compat reasons + # Make the nixosConfigurations for compat reasons (e.g. vault) nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") { rawFlake = self; diff --git a/nixos/hosts/olympus/database/configuration.nix b/nixos/hosts/olympus/database/configuration.nix deleted file mode 100644 index 967a111..0000000 --- a/nixos/hosts/olympus/database/configuration.nix +++ /dev/null @@ -1,40 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: -let - databases = [ "umami" "drone" ]; -in -{ - imports = [ ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.11"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - - networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ]; - - services.postgresql = - { - enable = true; - package = pkgs.postgresql_14; - ensureDatabases = databases; - enableTCPIP = true; - # Allow all hosts on the server subnet, should probably lock this down more in the future - authentication = "host all all 10.42.42.0/24 trust"; - ensureUsers = map - (name: { - inherit name; - ensurePermissions = { "DATABASE ${name}" = "ALL PRIVILEGES"; }; - }) - databases; - }; -} diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 0d9992e..62f5c09 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -110,10 +110,7 @@ ip = "10.42.42.25"; mac = "1E:ED:97:2C:C3:9D"; }; - "database" = { - ip = "10.42.42.26"; - mac = "CE:6E:96:87:18:1B"; - }; + # 10.42.42.26 "bookwyrm" = { ip = "10.42.42.27"; mac = "9E:8A:6C:39:27:DE"; @@ -123,11 +120,7 @@ ip = "10.42.42.28"; mac = "9E:86:D3:46:EE:AE"; }; - "slimmelezer" = { - ip = "10.42.42.29"; - mac = "b4:8a:0a:ee:b0:5e"; - nix = false; - }; + # 10.42.42.29 "vault-1" = { ip = "10.42.42.30"; mac = "26:69:0E:7C:B3:79"; diff --git a/nixos/util.nix b/nixos/util.nix index 42665e8..798913e 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -2,6 +2,7 @@ let inherit (builtins) filter attrValues concatMap mapAttrs; inherit (nixpkgs.lib.attrsets) mapAttrsToList; + inherit (nixpkgs.lib) nixosSystem; base_imports = [ home-manager.nixosModules.home-manager mailserver.nixosModules.mailserver @@ -44,7 +45,7 @@ in { mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: let # this makes local apply work a bit nicer - name = if realm == "thalassa" then hostname else "${hostname}.${realm}"; + name = if type == "local" then hostname else "${hostname}.${realm}"; in { "${name}" = { imports = resolve_imports host; From 8c6037a0fdf5992356d4cfe82542f6b1f7f1b4b6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 29 Apr 2023 14:07:52 +0000 Subject: [PATCH 5/5] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c1fd825..d19bae3 100644 --- a/flake.lock +++ b/flake.lock @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682761707, - "narHash": "sha256-LYi8jYRWn10jThmwQTx4ecrIikfGqGGoC2KGmgIgQX8=", + "lastModified": 1682777022, + "narHash": "sha256-tzMqNaMS8wDpEnNG8vuPrbOUw1y+AI7BRFznjmCBVjE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8f9e20ecb020e0a665e2e2301b73034be5db5bca", + "rev": "6f3b947593983bf1bf0b243717fac8b42a1e014d", "type": "github" }, "original": {